CVE-2026-20165 Sensitive Information Disclosure in MongoClient logging channel in Splunk Enterprise

In Splunk Enterprise versions below 10.2.1, 10.0.4, 9.4.9, and 9.3.10, and Splunk Cloud Platform versions below 10.2.2510.7, 10.1.2507.17, 10.0.2503.12, and 9.3.2411.124, a low-privileged user that does not hold the "admin" or "power" Splunk roles could retrieve sensitive information by inspectin...

Splunk Enterprise 9.3.0 < 9.3.10, 9.4.0 < 9.4.9, 10.0.0 < 10.0.4, 10.2.0 < 10.2.1 (SVD-2026-0304)

The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2026-0304 advisory. - In Splunk Enterprise versions below 10.2.1, 10.0.4, 9.4.9, and 9.3.10, and Splunk Cloud Platform versions below 10.2.2510.7,...