CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

14 matches found

NVD•added 2026/06/10 6:16 p.m.•12 views

CVE-2026-20256

In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132, a low-privileged user that does not hold the 'admin' or 'power' Splunk roles could cause data exfiltration through classic...

5.7CVSS0.00252EPSS

Exploits0References1

NVD•added 2026/06/10 6:16 p.m.•11 views

CVE-2026-20257

In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132, a low-privileged user that does not hold the "admin" or "power" Splunk roles could craft a classic dashboard that exfiltrate...

5.7CVSS0.00198EPSS

Exploits0References1

Cvelist•added 2026/06/10 5:16 p.m.•24 views

CVE-2026-20255 Improper Input Validation through Classic Dashboards in Splunk Enterprise

In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132, a low-privileged user that does not hold the "admin" or "power" Splunk roles could craft a malicious classic dashboard that...

5.7CVSS0.00245EPSS

Exploits0References1

CVE•added 2026/06/10 5:16 p.m.•11 views

CVE-2026-20255

The CVE-2026-20255 issue affects Splunk Enterprise (versions below 10.2.4, 10.0.7, 9.4.12, 9.3.13) and Splunk Cloud Platform (below 10.3.2512.13, 10.2.2510.15, 10.1.2507.23, 9.3.2411.132). A low-privilege user can craft a malicious classic dashboard to exfiltrate sensitive data to an external ser...

5.7CVSS5.5AI score0.00245EPSS

Exploits0References1Affected Software1

CVE•added 2026/06/10 5:15 p.m.•10 views

CVE-2026-20256

Splunk Enterprise (versions < 10.2.4, 10.0.7, 9.4.12, 9.3.13) and Splunk Cloud Platform (versions

5.7CVSS5.4AI score0.00252EPSS

Exploits0References1Affected Software1

EUVD•added 2026/06/10 5:15 p.m.•8 views

EUVD-2026-36080

5.7CVSS5.4AI score0.00252EPSS

Exploits0References1

Cvelist•added 2026/06/10 5:15 p.m.•24 views

CVE-2026-20256 Improper Input Validation through Protocol-Relative URL in Classic Dashboards in Splunk Enterprise

5.7CVSS0.00252EPSS

Exploits0References1

Positive Technologies•added 2026/06/10 12:0 a.m.•7 views

PT-2026-48496

5.7CVSS5.4AI score0.00252EPSS

Exploits0References2

Positive Technologies•added 2026/06/10 12:0 a.m.•10 views

PT-2026-48497

In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132, a low-privileged user that does not hold the "admin" or "power" Splunk roles could craft a classic dashboard that exfiltrate...

5.7CVSS5.4AI score0.00198EPSS

Exploits0References2

Tenable Nessus•added 2026/06/10 12:0 a.m.•3 views

Splunk Enterprise 9.3.0 < 9.3.13, 9.4.0 < 9.4.12, 10.0.0 < 10.0.7, 10.2.0 < 10.2.4 (SVD-2026-0606)

The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2026-0606 advisory. - In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13...

5.7CVSS5.3AI score0.00252EPSS

Exploits0References2

Tenable Nessus•added 2026/06/10 12:0 a.m.•5 views

Splunk Enterprise 9.3.0 < 9.3.13, 9.4.0 < 9.4.12, 10.0.0 < 10.0.7, 10.2.0 < 10.2.4 (SVD-2026-0607)

The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2026-0607 advisory. - In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13...

5.7CVSS5.4AI score0.00198EPSS

Exploits0References2

Tenable Nessus•added 2026/06/10 12:0 a.m.•5 views

Splunk Enterprise 9.3.0 < 9.3.13, 9.4.0 < 9.4.12, 10.0.0 < 10.0.7, 10.2.0 < 10.2.4 (SVD-2026-0604)

The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2026-0604 advisory. - In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13...

5.7CVSS5.4AI score0.00247EPSS

Exploits0References2

OSV•added 2024/10/14 5:15 p.m.•2 views

CVE-2024-45734

In Splunk Enterprise versions 9.3.0, 9.2.3, and 9.1.6, a low-privileged user that does not hold the "admin" or "power" Splunk roles could view images on the machine that runs Splunk Enterprise by using the PDF export feature in Splunk classic dashboards. The images on the machine could be exposed...

4.3CVSS5.8AI score0.00349EPSS

Exploits0References2

Positive Technologies•added 2024/09/05 12:0 a.m.•5 views

PT-2024-7419 · Splunk · Splunk Enterprise

Name of the Vulnerable Software and Affected Versions: Splunk Enterprise versions 9.1.6, 9.2.3, and 9.3.0 Description: A low-privileged user without the "admin" or "power" Splunk roles could view images on the machine that runs Splunk Enterprise by using the PDF export feature in Splunk classic...

4.3CVSS7.2AI score0.00349EPSS

Exploits0References12

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by