Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

20783 matches found

ATTACKERKB
ATTACKERKBadded 2026/05/20 4:32 p.m.4 views

CVE-2026-20238

In Splunk AI Toolkit versions below 5.7.3, a low-privileged user that does not hold the 'admin' or 'power' roles could access confidential data that was restricted through srchFilter configurations on custom roles. The app contains an authorize.conf configuration file with a srchFilter entry that...

6.5CVSS5.8AI score0.00309EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2026/05/20 4:32 p.m.37 views

CVE-2026-20238 Improper Access Control through Role Inheritance in Splunk AI Toolkit app

In Splunk AI Toolkit versions below 5.7.3, a low-privileged user that does not hold the 'admin' or 'power' roles could access confidential data that was restricted through srchFilter configurations on custom roles.The app contains an authorize.conf configuration file with a srchFilter entry that...

6.5CVSS0.00309EPSS
Exploits0References1
CVE
CVEadded 2026/05/20 4:32 p.m.19 views

CVE-2026-20238

The CVE affects Splunk AI Toolkit prior to 5.7.3. A low-privilege user (not admin/power) can access data restricted by srchFilter settings in authorize.conf. The toolkit stores a srchFilter entry that alters the built-in user role; Splunk’s inheritance with OR in search filters allows the injecte...

6.5CVSS5.8AI score0.00309EPSS
Exploits0References1Affected Software1
CVE
CVEadded 2026/05/20 4:32 p.m.23 views

CVE-2026-20239

CVE-2026-20239 affects Splunk products: Splunk Enterprise (versions below 10.2.2 and 10.0.5) and Splunk Cloud Platform (below 10.3.2512.8, 10.2.2510.11, 10.1.2507.21, and 10.0.2503.13). A user with access to the _internal index could view session cookies and response bodies containing sensitive d...

7.5CVSS5.8AI score0.00485EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichmentadded 2026/05/20 4:32 p.m.9 views

CVE-2026-20239 Sensitive Information Disclosure through Log Files in Splunk Enterprise

In Splunk Enterprise versions below 10.2.2 and 10.0.5, and Splunk Cloud Platform versions below 10.3.2512.8, 10.2.2510.11, 10.1.2507.21, and 10.0.2503.13, a user with a role that has access to the internal index could view session cookies and response bodies that contain sensitive data...

7.5CVSS5.8AI score0.00485EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/05/20 4:32 p.m.8 views

CVE-2026-20239

In Splunk Enterprise versions below 10.2.2 and 10.0.5, and Splunk Cloud Platform versions below 10.3.2512.8, 10.2.2510.11, 10.1.2507.21, and 10.0.2503.13, a user with a role that has access to the internal index could view session cookies and response bodies that contain sensitive data...

7.5CVSS5.8AI score0.00485EPSS
Exploits0References2Affected Software2
Cvelist
Cvelistadded 2026/05/20 4:32 p.m.47 views

CVE-2026-20239 Sensitive Information Disclosure through Log Files in Splunk Enterprise

In Splunk Enterprise versions below 10.2.2 and 10.0.5, and Splunk Cloud Platform versions below 10.3.2512.8, 10.2.2510.11, 10.1.2507.21, and 10.0.2503.13, a user with a role that has access to the internal index could view session cookies and response bodies that contain sensitive data...

7.5CVSS0.00485EPSS
Exploits0References1
EUVD
EUVDadded 2026/05/20 4:32 p.m.14 views

EUVD-2026-31139

In Splunk Enterprise versions below 10.2.2 and 10.0.5, and Splunk Cloud Platform versions below 10.3.2512.8, 10.2.2510.11, 10.1.2507.21, and 10.0.2503.13, a user with a role that has access to the internal index could view session cookies and response bodies that contain sensitive data...

7.5CVSS5.8AI score0.00485EPSS
Exploits0References1
EUVD
EUVDadded 2026/05/20 4:32 p.m.11 views

EUVD-2026-31138

In Splunk Enterprise versions below 10.2.2, 10.0.5, 9.4.11, and 9.3.12, and Splunk Cloud Platform versions below 10.4.2603.1, 10.3.2512.9, 10.2.2510.11, 10.1.2507.21, 10.0.2503.13, and 9.3.2411.129, a low-privileged user that does not hold the ‘admin’ or ‘power’ Splunk roles could cause a Denial ...

6.5CVSS5.9AI score0.00383EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/05/20 4:32 p.m.6 views

CVE-2026-20240 Denial of Service through coldToFrozen.sh Script in Splunk Enterprise

In Splunk Enterprise versions below 10.2.2, 10.0.5, 9.4.11, and 9.3.12, and Splunk Cloud Platform versions below 10.4.2603.1, 10.3.2512.9, 10.2.2510.11, 10.1.2507.21, 10.0.2503.13, and 9.3.2411.129, a low-privileged user that does not hold the ‘admin’ or ‘power’ Splunk roles could cause a Denial ...

6.5CVSS5.9AI score0.00383EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/05/20 4:32 p.m.8 views

CVE-2026-20240

In Splunk Enterprise versions below 10.2.2, 10.0.5, 9.4.11, and 9.3.12, and Splunk Cloud Platform versions below 10.4.2603.1, 10.3.2512.9, 10.2.2510.11, 10.1.2507.21, 10.0.2503.13, and 9.3.2411.129, a low-privileged user that does not hold the ‘admin’ or ‘power’ Splunk roles could cause a Denial ...

6.5CVSS5.9AI score0.00383EPSS
Exploits0References2Affected Software2
CVE
CVEadded 2026/05/20 4:32 p.m.16 views

CVE-2026-20240

CVE-2026-20240 affects Splunk Enterprise (versions below 10.2.2, 10.0.5, 9.4.11, 9.3.12) and Splunk Cloud Platform (below 10.4.2603.1, 10.3.2512.9, 10.2.2510.11, 10.1.2507.21, 10.0.2503.13, 9.3.2411.129). A low-privilege user (not admin/power) can trigger a Denial of Service by abusing the coldTo...

6.5CVSS5.9AI score0.00383EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2026/05/20 4:32 p.m.45 views

CVE-2026-20240 Denial of Service through coldToFrozen.sh Script in Splunk Enterprise

In Splunk Enterprise versions below 10.2.2, 10.0.5, 9.4.11, and 9.3.12, and Splunk Cloud Platform versions below 10.4.2603.1, 10.3.2512.9, 10.2.2510.11, 10.1.2507.21, 10.0.2503.13, and 9.3.2411.129, a low-privileged user that does not hold the ‘admin’ or ‘power’ Splunk roles could cause a Denial ...

6.5CVSS0.00383EPSS
Exploits0References1
GithubExploit
GithubExploitadded 2026/05/20 4:15 a.m.62 views

SOC-Alert-Investigation-Portfolio

SOC Alert Investigation Portfolio This repository contains pr...

5.9AI score
Exploits0
Positive Technologies
Positive Technologiesadded 2026/05/20 12:0 a.m.6 views

PT-2026-42212

In Splunk Enterprise versions below 10.2.2 and 10.0.5, and Splunk Cloud Platform versions below 10.3.2512.8, 10.2.2510.11, 10.1.2507.21, and 10.0.2503.13, a user with a role that has access to the internal index could view session cookies and response bodies that contain sensitive data...

7.5CVSS5.8AI score0.00485EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2026/05/20 12:0 a.m.8 views

PT-2026-42213

Name of the Vulnerable Software and Affected Versions Splunk Enterprise versions prior to 10.2.2 Splunk Enterprise versions prior to 10.0.5 Splunk Enterprise versions prior to 9.4.11 Splunk Enterprise versions prior to 9.3.12 Splunk Cloud Platform versions prior to 10.4.2603.1 Splunk Cloud Platfo...

6.5CVSS5.9AI score0.00383EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2026/05/20 12:0 a.m.8 views

PT-2026-42211

In Splunk AI Toolkit versions below 5.7.3, a low-privileged user that does not hold the 'admin' or 'power' roles could access confidential data that was restricted through srchFilter configurations on custom roles.The app contains an authorize.conf configuration file with a srchFilter entry that...

6.5CVSS5.8AI score0.00309EPSS
Exploits0References4
CNNVD
CNNVDadded 2026/05/20 12:0 a.m.8 views

Splunk Cloud Platform和Splunk Enterprise 日志信息泄露漏洞

Splunk Cloud Platform and Splunk Enterprise are both products of the American company Splunk. Splunk Cloud Platform is a powerful service for data collection, processing, and analysis. Splunk Enterprise is a suite of software for data collection and analysis. Versions of Splunk Enterprise prior t...

7.5CVSS5.8AI score0.00485EPSS
Exploits0References1
CNNVD
CNNVDadded 2026/05/20 12:0 a.m.9 views

Splunk Cloud Platform和Splunk Enterprise 输入验证错误漏洞

Splunk Cloud Platform and Splunk Enterprise are both products of the American company Splunk. Splunk Cloud Platform is a powerful service for data collection, processing, and analysis. Splunk Enterprise is a suite of software for data collection and analysis. There is an input validation...

6.5CVSS5.8AI score0.00383EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2026/05/20 12:0 a.m.8 views

Splunk Enterprise 10.0.0 < 10.0.5, 10.2.0 < 10.2.2 (SVD-2026-0503)

The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2026-0503 advisory. - In Splunk Enterprise versions below 10.2.2 and 10.0.5, and Splunk Cloud Platform versions below 10.3.2512.8, 10.2.2510.11,...

7.5CVSS5.8AI score0.00485EPSS
Exploits0References2
Rows per page
Query Builder