Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

20783 matches found

NVD
NVDadded 2026/04/15 4:16 p.m.3 views

CVE-2026-20202

In Splunk Enterprise versions below 10.2.2, 10.0.5, 9.4.10, and 9.3.11, and Splunk Cloud Platform versions below 10.4.2603.0, 10.3.2512.6, 10.2.2510.10, 10.1.2507.20, 10.0.2503.13, and 9.3.2411.127, a user who holds a role that contains the high-privilege capability editusercould create a special...

6.6CVSS0.00246EPSS
Exploits0References1
NVD
NVDadded 2026/04/15 4:16 p.m.0 views

CVE-2026-20204

In Splunk Enterprise versions below 10.2.1, 10.0.5, 9.4.10, and 9.3.11, and Splunk Cloud Platform versions below 10.4.2603.0, 10.3.2512.5, 10.2.2510.9, 10.1.2507.19, 10.0.2503.13, and 9.3.2411.127, a low-privileged user that does not hold the admin or power Splunk roles could potentially perform ...

7.1CVSS0.03282EPSS
Exploits0References1
NVD
NVDadded 2026/04/15 4:16 p.m.2 views

CVE-2026-20205

In Splunk MCP Server app versions below 1.0.3 , a user who holds a role with access to the Splunk internal index or possesses the high-privilege capability mcptooladmin could view users session and authorization tokens in clear text.The vulnerability would require either local access to the log...

7.2CVSS0.00278EPSS
Exploits0References1
NVD
NVDadded 2026/04/15 4:16 p.m.5 views

CVE-2026-20203

In Splunk Enterprise versions below 10.2.2, 10.0.5, 9.4.10, and 9.3.11, and Splunk Cloud Platform versions below 10.4.2603.0, 10.3.2512.6, 10.2.2510.10, 10.1.2507.19, 10.0.2503.13, and 9.3.2411.127, a low-privileged user that does not hold the admin or power Splunk roles, has write permission on...

4.3CVSS0.00152EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/04/15 3:17 p.m.23 views

CVE-2026-20205 Sensitive Information Disclosure in ''_internal'' index in Splunk MCP Server app

In Splunk MCP Server app versions below 1.0.3 , a user who holds a role with access to the Splunk internal index or possesses the high-privilege capability mcptooladmin could view users session and authorization tokens in clear text.The vulnerability would require either local access to the log...

7.2CVSS0.00278EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/04/15 3:17 p.m.2 views

CVE-2026-20205

In Splunk MCP Server app versions below 1.0.3 , a user who holds a role with access to the Splunk internal index or possesses the high-privilege capability mcptooladmin could view users session and authorization tokens in clear text. The vulnerability would require either local access to the log...

7.2CVSS5.8AI score0.00278EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichmentadded 2026/04/15 3:17 p.m.0 views

CVE-2026-20205 Sensitive Information Disclosure in ''_internal'' index in Splunk MCP Server app

In Splunk MCP Server app versions below 1.0.3 , a user who holds a role with access to the Splunk internal index or possesses the high-privilege capability mcptooladmin could view users session and authorization tokens in clear text.The vulnerability would require either local access to the log...

7.2CVSS5.8AI score0.00278EPSS
Exploits0References1
CVE
CVEadded 2026/04/15 3:17 p.m.12 views

CVE-2026-20205

Summary: CVE-2026-20205 affects Splunk MCP Server app versions below 1.0.3. A user with access to the Splunk _internal index** or with the high-privilege capability mcp_tool_admin can view users’ sessions and authorization tokens in clear text. The vulnerability requires either local access to lo...

7.2CVSS5.8AI score0.00278EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/04/15 3:17 p.m.23 views

CVE-2026-20203 Improper Access Control in Data Model Acceleration in Splunk Enterprise

In Splunk Enterprise versions below 10.2.2, 10.0.5, 9.4.10, and 9.3.11, and Splunk Cloud Platform versions below 10.4.2603.0, 10.3.2512.6, 10.2.2510.10, 10.1.2507.19, 10.0.2503.13, and 9.3.2411.127, a low-privileged user that does not hold the admin or power Splunk roles, has write permission on...

4.3CVSS0.00152EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/04/15 3:17 p.m.1 views

CVE-2026-20203 Improper Access Control in Data Model Acceleration in Splunk Enterprise

In Splunk Enterprise versions below 10.2.2, 10.0.5, 9.4.10, and 9.3.11, and Splunk Cloud Platform versions below 10.4.2603.0, 10.3.2512.6, 10.2.2510.10, 10.1.2507.19, 10.0.2503.13, and 9.3.2411.127, a low-privileged user that does not hold the admin or power Splunk roles, has write permission on...

4.3CVSS5.8AI score0.00152EPSS
Exploits0References1
CVE
CVEadded 2026/04/15 3:17 p.m.9 views

CVE-2026-20203

CVE-2026-20203 describes improper access control in Data Model Acceleration for Splunk Enterprise versions below 10.2.2, 10.0.5, 9.4.10, and 9.3.11, and Splunk Cloud Platform versions below 10.4.2603.0, 10.3.2512.6, 10.2.2510.10, 10.1.2507.19, 10.0.2503.13, and 9.3.2411.127. A low-privilege user ...

4.3CVSS5.8AI score0.00152EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2026/04/15 3:17 p.m.26 views

CVE-2026-20204 Improper Handling and Insufficient Isolation of Specific Temporary Files in Splunk Enterprise

In Splunk Enterprise versions below 10.2.1, 10.0.5, 9.4.10, and 9.3.11, and Splunk Cloud Platform versions below 10.4.2603.0, 10.3.2512.5, 10.2.2510.9, 10.1.2507.19, 10.0.2503.13, and 9.3.2411.127, a low-privileged user that does not hold the admin or power Splunk roles could potentially perform ...

7.1CVSS0.03282EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/04/15 3:17 p.m.3 views

CVE-2026-20204

In Splunk Enterprise versions below 10.2.1, 10.0.5, 9.4.10, and 9.3.11, and Splunk Cloud Platform versions below 10.4.2603.0, 10.3.2512.5, 10.2.2510.9, 10.1.2507.19, 10.0.2503.13, and 9.3.2411.127, a low-privileged user that does not hold the admin or power Splunk roles could potentially perform ...

7.1CVSS5.9AI score0.03282EPSS
Exploits0References2Affected Software2
Vulnrichment
Vulnrichmentadded 2026/04/15 3:17 p.m.2 views

CVE-2026-20204 Improper Handling and Insufficient Isolation of Specific Temporary Files in Splunk Enterprise

In Splunk Enterprise versions below 10.2.1, 10.0.5, 9.4.10, and 9.3.11, and Splunk Cloud Platform versions below 10.4.2603.0, 10.3.2512.5, 10.2.2510.9, 10.1.2507.19, 10.0.2503.13, and 9.3.2411.127, a low-privileged user that does not hold the admin or power Splunk roles could potentially perform ...

7.1CVSS5.9AI score0.03282EPSS
Exploits0References1
CVE
CVEadded 2026/04/15 3:17 p.m.69 views

CVE-2026-20204

Splunk CVE-2026-20204 affects Splunk Enterprise versions below 10.2.1, 10.0.5, 9.4.10, and 9.3.11, and Splunk Cloud Platform versions below 10.4.2603.0, 10.3.2512.5, 10.2.2510.9, 10.1.2507.19, 10.0.2503.13, and 9.3.2411.127. The issue is described as improper handling and insufficient isolation o...

7.1CVSS5.9AI score0.03282EPSS
Exploits0References1Affected Software1
CVE
CVEadded 2026/04/15 3:17 p.m.12 views

CVE-2026-20202

The CVE-2026-20202 entry concerns Splunk Enterprise (versions < 10.2.2, < 10.0.5, < 9.4.10, < 9.3.11) and Splunk Cloud Platform (versions < 10.4.2603.0, < 10.3.2512.6, < 10.2.2510.10, < 10.1.2507.20, < 10.0.2503.13,

6.6CVSS5.8AI score0.00246EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2026/04/15 3:17 p.m.25 views

CVE-2026-20202 Improper Input Validation during User Account Creation in Splunk Enterprise

In Splunk Enterprise versions below 10.2.2, 10.0.5, 9.4.10, and 9.3.11, and Splunk Cloud Platform versions below 10.4.2603.0, 10.3.2512.6, 10.2.2510.10, 10.1.2507.20, 10.0.2503.13, and 9.3.2411.127, a user who holds a role that contains the high-privilege capability editusercould create a special...

6.6CVSS0.00246EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/04/15 3:17 p.m.2 views

CVE-2026-20202 Improper Input Validation during User Account Creation in Splunk Enterprise

In Splunk Enterprise versions below 10.2.2, 10.0.5, 9.4.10, and 9.3.11, and Splunk Cloud Platform versions below 10.4.2603.0, 10.3.2512.6, 10.2.2510.10, 10.1.2507.20, 10.0.2503.13, and 9.3.2411.127, a user who holds a role that contains the high-privilege capability editusercould create a special...

6.6CVSS5.8AI score0.00246EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/04/15 3:17 p.m.4 views

CVE-2026-20202

In Splunk Enterprise versions below 10.2.2, 10.0.5, 9.4.10, and 9.3.11, and Splunk Cloud Platform versions below 10.4.2603.0, 10.3.2512.6, 10.2.2510.10, 10.1.2507.20, 10.0.2503.13, and 9.3.2411.127, a user who holds a role that contains the high-privilege capability editusercould create a special...

6.6CVSS5.8AI score0.00246EPSS
Exploits0References2Affected Software2
Positive Technologies
Positive Technologiesadded 2026/04/15 12:0 a.m.3 views

PT-2026-33067

Name of the Vulnerable Software and Affected Versions Splunk MCP Server app versions prior to 1.0.3 Description A user with a role that has access to the Splunk internal index or the high-privilege capability mcp tool admin can view user session and authorization tokens in clear text. This issue...

7.2CVSS6AI score0.00278EPSS
Exploits0References4
Rows per page
Query Builder