Splunk Universal Forwarder 9.3.0 < 9.3.11, 9.4.0 < 9.4.10, 10.0.0 < 10.0.4, 10.2.0 < 10.2.1 (SVD-2026-0404)

The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2026-0404 advisory. - Issue summary: A type confusion vulnerability exists in the signature verification of signed PKCS7 data where an ASN1TYPE uni...

Splunk Universal Forwarder 9.2.0 < 9.2.12, 9.3.0 < 9.3.9, 9.4.0 < 9.4.7, 10.0.0 < 10.0.3 (SVD-2026-0210)

The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2026-0210 advisory. - Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an...

CVE-2025-20387

In Splunk Universal Forwarder for Windows versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, a new installation of or an upgrade to an affected version can result in incorrect permissions assignment in the Universal Forwarder for Windows Installation directory. This lets non-administrator users on...

Splunk Enterprise 9.2.0 < 9.2.10, 9.3.0 < 9.3.8, 9.4.0 < 9.4.6, 10.0 < 10.0.2 (SVD-2025-1206)

The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2025-1206 advisory. - In Splunk Universal Forwarder for Windows versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, a new installation of or an upgrad...

Splunk Universal Forwarder 安全漏洞

Splunk Universal Forwarder is a Splunk component from Splunk, Inc. A security vulnerability exists in Splunk Universal Forwarder versions prior to 10.0.2, 9.4.6, 9.3.8, and 9.2.10, which stems from improper assignment of privileges during installation or upgrade, and could result in a...