20788 matches found
CVE-2026-20202 Improper Input Validation during User Account Creation in Splunk Enterprise
In Splunk Enterprise versions below 10.2.2, 10.0.5, 9.4.10, and 9.3.11, and Splunk Cloud Platform versions below 10.4.2603.0, 10.3.2512.6, 10.2.2510.10, 10.1.2507.20, 10.0.2503.13, and 9.3.2411.127, a user who holds a role that contains the high-privilege capability editusercould create a special...
CVE-2026-20202
In Splunk Enterprise versions below 10.2.2, 10.0.5, 9.4.10, and 9.3.11, and Splunk Cloud Platform versions below 10.4.2603.0, 10.3.2512.6, 10.2.2510.10, 10.1.2507.20, 10.0.2503.13, and 9.3.2411.127, a user who holds a role that contains the high-privilege capability editusercould create a special...
CVE-2026-20202
The CVE-2026-20202 entry concerns Splunk Enterprise (versions < 10.2.2, < 10.0.5, < 9.4.10, < 9.3.11) and Splunk Cloud Platform (versions < 10.4.2603.0, < 10.3.2512.6, < 10.2.2510.10, < 10.1.2507.20, < 10.0.2503.13,
CVE-2026-20202 Improper Input Validation during User Account Creation in Splunk Enterprise
In Splunk Enterprise versions below 10.2.2, 10.0.5, 9.4.10, and 9.3.11, and Splunk Cloud Platform versions below 10.4.2603.0, 10.3.2512.6, 10.2.2510.10, 10.1.2507.20, 10.0.2503.13, and 9.3.2411.127, a user who holds a role that contains the high-privilege capability editusercould create a special...
PT-2026-33067
Name of the Vulnerable Software and Affected Versions Splunk MCP Server app versions prior to 1.0.3 Description A user with a role that has access to the Splunk internal index or the high-privilege capability mcp tool admin can view user session and authorization tokens in clear text. This issue...
PT-2026-33066
Name of the Vulnerable Software and Affected Versions Splunk Enterprise versions prior to 10.2.1 Splunk Enterprise versions prior to 10.0.5 Splunk Enterprise versions prior to 9.4.10 Splunk Enterprise versions prior to 9.3.11 Splunk Cloud Platform versions prior to 10.4.2603.0 Splunk Cloud Platfo...
PT-2026-33065
In Splunk Enterprise versions below 10.2.2, 10.0.5, 9.4.10, and 9.3.11, and Splunk Cloud Platform versions below 10.4.2603.0, 10.3.2512.6, 10.2.2510.10, 10.1.2507.19, 10.0.2503.13, and 9.3.2411.127, a low-privileged user that does not hold the admin or power Splunk roles, has write permission on...
Splunk Cloud Platform和Splunk Enterprise 安全漏洞
Splunk Cloud Platform and Splunk Enterprise are products of the American company Splunk. Splunk Cloud Platform is a powerful service for data collection, processing, and analysis. Splunk Enterprise is a suite of software for data collection and analysis. Both Splunk Cloud Platform and Splunk...
Splunk MCP Server 安全漏洞
The Splunk MCP Server is a multi-cloud platform server provided by the American company Splunk. Versions of the Splunk MCP Server app prior to 1.0.3 contained security vulnerabilities. These vulnerabilities stemmed from the storage of plaintext sessions and authorization tokens, which could allow...
Splunk Cloud Platform和Splunk Enterprise 安全漏洞
Splunk Cloud Platform and Splunk Enterprise are both products of the American company Splunk. Splunk Cloud Platform is a powerful service for data collection, processing, and analysis. Splunk Enterprise is a suite of software for data collection and analysis. Both Splunk Cloud Platform and Splunk...
Splunk Cloud Platform和Splunk Enterprise 安全漏洞
Splunk Cloud Platform and Splunk Enterprise are products of the American company Splunk. Splunk Cloud Platform is a powerful service for data collection, processing, and analysis. Splunk Enterprise is a suite of software for data collection and analysis. Both Splunk Cloud Platform and Splunk...
Splunk Enterprise 9.3.0 < 9.3.11, 9.4.0 < 9.4.10, 10.0.0 < 10.0.5, 10.2.0 < 10.2.2 (SVD-2026-0402)
The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2026-0402 advisory. - In Splunk Enterprise versions below 10.2.2, 10.0.5, 9.4.10, and 9.3.11, and Splunk Cloud Platform versions below 10.4.2603.0,...
Splunk Enterprise 9.3.0 < 9.3.11, 9.4.0 < 9.4.10, 10.0.0 < 10.0.5, 10.2.0 < 10.2.2 (SVD-2026-0401)
The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2026-0401 advisory. - In Splunk Enterprise versions below 10.2.2, 10.0.5, 9.4.10, and 9.3.11, and Splunk Cloud Platform versions below 10.4.2603.0,...
Splunk Enterprise 9.3.0 < 9.3.11, 9.4.0 < 9.4.10, 10.0.0 < 10.0.5, 10.2.0 < 10.2.1 (SVD-2026-0403)
The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2026-0403 advisory. - In Splunk Enterprise versions below 10.2.1, 10.0.5, 9.4.10, and 9.3.11, and Splunk Cloud Platform versions below 10.4.2603.0,...
CVE-2026-20162
In Splunk Enterprise versions below 10.2.0, 10.0.3, 9.4.9, and 9.3.9, and Splunk Cloud Platform versions below 10.2.2510.4, 10.1.2507.15, 10.0.2503.11, and 9.3.2411.123, a low-privileged user who does not hold the "admin" or "power" Splunk roles could craft a malicious payload when creating a Vie...
CVE-2026-20166
In Splunk Enterprise versions below 10.2.1 and 10.0.4, and Splunk Cloud Platform versions below 10.2.2510.5, 10.1.2507.16, and 10.0.2503.12, a low-privileged user that does not hold the "admin" or "power" Splunk roles could retrieve the Observability Cloud API access token through the Discover...
CVE-2026-20164
In Splunk Enterprise versions below 10.2.0, 10.0.3, 9.4.9, and 9.3.10, and Splunk Cloud Platform versions below 10.2.2510.5, 10.1.2507.16, 10.0.2503.11, and 9.3.2411.123, a low-privileged user that does not hold the "admin" or "power" Splunk roles could access the...
CVE-2026-20165
In Splunk Enterprise versions below 10.2.1, 10.0.4, 9.4.9, and 9.3.10, and Splunk Cloud Platform versions below 10.2.2510.7, 10.1.2507.17, 10.0.2503.12, and 9.3.2411.124, a low-privileged user that does not hold the "admin" or "power" Splunk roles could retrieve sensitive information by inspectin...
CVE-2026-20163
In Splunk Enterprise versions below 10.2.0, 10.0.4, 9.4.9, and 9.3.10, and Splunk Cloud Platform versions below 10.2.2510.5, 10.0.2503.12, 10.1.2507.16, and 9.3.2411.124, a user who holds a role that contains the high-privilege capability editcmd could execute arbitrary shell commands using the...
Policy-Guided Threat Hunting: An LLM Enabled Framework with Splunk SOC Triage
With frequently evolving Advanced Persistent Threats APTs in cyberspace, traditional security solutions approaches have become inadequate for threat hunting for organizations. Moreover, SOC Security Operation Centers analysts are often overwhelmed and struggle to analyze the huge volume of logs...