Splunk Universal Forwarder 9.4.0 < 9.4.11 (SVD-2026-0506)

The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2026-0506 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number...

Splunk Universal Forwarder 10.0.0 < 10.0.4, 10.2 < 10.2.1 (SVD-2026-0314)

The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2026-0314 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number...

CVE-2025-20387

In Splunk Universal Forwarder for Windows versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, a new installation of or an upgrade to an affected version can result in incorrect permissions assignment in the Universal Forwarder for Windows Installation directory. This lets non-administrator users on...

CVE-2025-20387

In Splunk Universal Forwarder for Windows versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, a new installation of or an upgrade to an affected version can result in incorrect permissions assignment in the Universal Forwarder for Windows Installation directory. This lets non-administrator users on...

CVE-2025-20387 Incorrect permissions assignment on Splunk Universal Forwarder for Windows during new installation or upgrade

In Splunk Universal Forwarder for Windows versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, a new installation of or an upgrade to an affected version can result in incorrect permissions assignment in the Universal Forwarder for Windows Installation directory. This lets non-administrator users on...

CVE-2025-20387 Incorrect permissions assignment on Splunk Universal Forwarder for Windows during new installation or upgrade

In Splunk Universal Forwarder for Windows versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, a new installation of or an upgrade to an affected version can result in incorrect permissions assignment in the Universal Forwarder for Windows Installation directory. This lets non-administrator users on...

PT-2025-48959

Name of the Vulnerable Software and Affected Versions Splunk Universal Forwarder for Windows versions prior to 10.0.2 Splunk Universal Forwarder for Windows versions prior to 9.4.6 Splunk Universal Forwarder for Windows versions prior to 9.3.8 Splunk Universal Forwarder for Windows versions prior...

Splunk Universal Forwarder 9.1 < 9.1.9, 9.2 < 9.2.6, 9.3 < 9.3.4, 9.4 < 9.4.2 (SVD-2025-0602)

The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2025-0602 advisory. - In Universal Forwarder for Windows versions below 9.4.2, 9.3.4, 9.2.6, and 9.1.9, a new installation of or an upgrade to an...

Splunk Universal Forwarder 安全漏洞

Splunk Universal Forwarder is a Splunk component from Splunk, Inc. A security vulnerability exists in Splunk Universal Forwarder versions prior to 9.4.2, prior to 9.3.4, prior to 9.2.6, and prior to 9.1.9 that stems from improperly assigned installation directory permissions...

CVE-2022-37439

In Splunk Enterprise and Universal Forwarder versions in the following table, indexing a specially crafted ZIP file using the file monitoring input can result in a crash of the application. Attempts to restart the application would result in a crash and would require manually removing the malform...

Splunk Universal Forwarder Installed (Linux)

Binary data splunkuniversalforwardernixinstalled.nbin...

Multiple Vulnerabilities in Splunk Universal Forwarder

The Splunk Universal Forwarder collects data from a data source or another forwarder and sends it to a forwarder or a deployment of Splunk. The Universal Forwarder can send data to SplunkEnterprise, Splunk Light, or Splunk Cloud, and it also replaces the Splunk Enterprise Light Forwarder and is...

Trying Splunk Cloud

I first used Splunk over ten years ago, but the first time I blogged about it was in 2008. I described how to install Splunk on Ubuntu 8.04. Today I decided to try the Splunk Cloud. Splunk Cloud is the company's hosted Splunk offering, residing in Amazon Web Services AWS. You can register for a 1...