CVE-2026-20144

CVE-2026-20144 affects Splunk Enterprise (and Cloud Platform variants) where a user with access to the _internal index on a Search Head Cluster could view SAML configurations (AQRs or Authentication extensions) in plain text in the conf.log. Affected are Splunk Enterprise versions below 10.2.0, 1...

CVE-2026-20144 Sensitive Information Disclosure in ''_internal'' index in Splunk Enterprise

In Splunk Enterprise versions below 10.2.0, 10.0.2, 9.4.7, 9.3.8, and 9.2.11, and Splunk Cloud Platform versions below 10.2.2510.0, 10.1.2507.11, 10.0.2503.9, and 9.3.2411.120, a user of a Splunk Search Head Cluster SHC deployment who holds a role with access to the the Splunk internal index coul...

CVE-2026-20144 Sensitive Information Disclosure in ''_internal'' index in Splunk Enterprise

In Splunk Enterprise versions below 10.2.0, 10.0.2, 9.4.7, 9.3.8, and 9.2.11, and Splunk Cloud Platform versions below 10.2.2510.0, 10.1.2507.11, 10.0.2503.9, and 9.3.2411.120, a user of a Splunk Search Head Cluster SHC deployment who holds a role with access to the the Splunk internal index coul...

CVE-2026-20141

In Splunk Enterprise versions below 10.0.2, 10.0.3, 9.4.8, and 9.3.9, a low-privileged user who does not hold the "admin" Splunk role could access the Splunk Monitoring Console App endpoints due to an improper access control. This could lead to a sensitive information disclosure. The Monitoring...

CVE-2026-20141 Improper Access Control in Splunk Monitoring Console App

In Splunk Enterprise versions below 10.0.2, 10.0.3, 9.4.8, and 9.3.9, a low-privileged user who does not hold the "admin" Splunk role could access the Splunk Monitoring Console App endpoints due to an improper access control. This could lead to a sensitive information disclosure.The Monitoring...

CVE-2026-20141 Improper Access Control in Splunk Monitoring Console App

In Splunk Enterprise versions below 10.0.2, 10.0.3, 9.4.8, and 9.3.9, a low-privileged user who does not hold the "admin" Splunk role could access the Splunk Monitoring Console App endpoints due to an improper access control. This could lead to a sensitive information disclosure.The Monitoring...

CVE-2026-20141

The advisory for CVE-2026-20141 describes an improper access control in the Splunk Monitoring Console App affecting Splunk Enterprise versions below 10.0.2, 10.0.3, 9.4.8, and 9.3.9. A low-privilege user without the admin role could access Monitoring Console endpoints, leading to potential sensit...

CVE-2026-20137 Risky Commands Safeguards Bypass through preloaded Data Models due to Path Traversal vulnerability in Splunk Enterprise

In Splunk Enterprise versions below 10.2.0, 10.0.3, 9.4.5, 9.3.7, and 9.2.9, and Splunk Cloud Platform versions below 10.1.2507.0, 10.0.2503.9, 9.3.2411.112, and 9.3.2408.122, a low-privileged user who does not hold the "admin" or "power" Splunk roles could bypass the SPL safeguards for risky...

CVE-2026-20137

CVE-2026-20137 affects Splunk Enterprise (multiple legacy branches) and Splunk Cloud Platform. A low-privilege user lacking admin/power roles can bypass SPL safeguards for risky commands when creating a Data Model containing an injected SPL query within an object, by exploiting a path traversal v...

CVE-2026-20137

In Splunk Enterprise versions below 10.2.0, 10.0.3, 9.4.5, 9.3.7, and 9.2.9, and Splunk Cloud Platform versions below 10.1.2507.0, 10.0.2503.9, 9.3.2411.112, and 9.3.2408.122, a low-privileged user who does not hold the "admin" or "power" Splunk roles could bypass the SPL safeguards for risky...

CVE-2026-20137 Risky Commands Safeguards Bypass through preloaded Data Models due to Path Traversal vulnerability in Splunk Enterprise

In Splunk Enterprise versions below 10.2.0, 10.0.3, 9.4.5, 9.3.7, and 9.2.9, and Splunk Cloud Platform versions below 10.1.2507.0, 10.0.2503.9, 9.3.2411.112, and 9.3.2408.122, a low-privileged user who does not hold the "admin" or "power" Splunk roles could bypass the SPL safeguards for risky...

Splunk Enterprise 安全漏洞

Splunk Enterprise is a data collection and analysis software developed by the American company Splunk. There is a security vulnerability in Splunk Enterprise, which stems from issues with the Windows Python module search path. This vulnerability may allow for the execution of malicious code...

Splunk Cloud Platform和Splunk Enterprise 信息泄露漏洞

Splunk Cloud Platform and Splunk Enterprise are both products of the American company Splunk. Splunk Cloud Platform is a powerful service for data collection, processing, and analysis. Splunk Enterprise is a suite of software for data collection and analysis. Both Splunk Cloud Platform and Splunk...

Splunk Enterprise 日志信息泄露漏洞

Splunk Enterprise is a data collection and analysis software developed by the American company Splunk. Versions of Splunk Enterprise prior to 10.2.0, 10.0.2 prior to version 10.0.2, 9.4.7 prior to version 9.4.7, 9.3.9 prior to version 9.3.9, and 9.2.11 prior to version 9.2.11 have a vulnerability...

Splunk Cloud Platform和Splunk Enterprise 资源管理错误漏洞

Splunk Cloud Platform and Splunk Enterprise are both products of the American company Splunk. Splunk Cloud Platform is a powerful service for data collection, processing, and analysis. Splunk Enterprise is a suite of software for data collection and analysis. There is a resource management...

Splunk Enterprise 信息泄露漏洞

Splunk Enterprise is a data collection and analysis software developed by the American company Splunk. Versions of Splunk Enterprise prior to 10.0.2, 10.0.3, 9.4.8, and 9.3.9 contained an information leakage vulnerability. This vulnerability stemmed from improper access control; low-privilege use...

Splunk Enterprise 日志信息泄露漏洞

Splunk Enterprise is a data collection and analysis software developed by the American company Splunk. Versions of Splunk Enterprise prior to 10.2.0, 10.0.2 prior to version 10.0.2, 9.4.7 prior to version 9.4.7, 9.3.9 prior to version 9.3.9, and 9.2.11 prior to version 9.2.11 have a vulnerability...

Splunk Enterprise 9.3.0 < 9.3.9, 9.4.0 < 9.4.8, 10.0.0 < 10.0.3 (SVD-2026-0206)

The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2026-0206 advisory. - In Splunk Enterprise versions below 10.0.2, 10.0.3, 9.4.8, and 9.3.9, a low-privileged user who does not hold the admin Splun...

PT-2026-20470

Name of the Vulnerable Software and Affected Versions Splunk Enterprise versions prior to 10.2.0 Splunk Enterprise versions 10.0.2 through 10.0.2 Splunk Enterprise versions 9.2.12 through 9.4.8 Splunk Enterprise versions 9.3.9 Splunk Cloud Platform versions prior to 10.2.2510.3 Splunk Cloud...

PT-2026-20472

Name of the Vulnerable Software and Affected Versions Splunk Enterprise versions prior to 10.2.0 Splunk Enterprise versions prior to 10.0.2 Splunk Enterprise versions prior to 9.4.7 Splunk Enterprise versions prior to 9.3.9 Splunk Enterprise versions prior to 9.2.11 Description A user with access...