20783 matches found
CVE-2026-20254 Information Disclosure through External Content Restriction Bypass in Splunk Enterprise
In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132, a low-privileged user that does not hold the 'admin' or 'power' Splunk roles could craft a malicious classic dashboard that...
CVE-2026-20254
The affected products are Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132. A low-privileged user (not admin/power) can craft a malicious classic dashboard that exfiltrates sens...
CVE-2026-20256
Splunk Enterprise (versions < 10.2.4, 10.0.7, 9.4.12, 9.3.13) and Splunk Cloud Platform (versions
EUVD-2026-36080
In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132, a low-privileged user that does not hold the 'admin' or 'power' Splunk roles could cause data exfiltration through classic...
CVE-2026-20256 Improper Input Validation through Protocol-Relative URL in Classic Dashboards in Splunk Enterprise
In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132, a low-privileged user that does not hold the 'admin' or 'power' Splunk roles could cause data exfiltration through classic...
Splunk Cloud Platform和Splunk Enterprise 输入验证错误漏洞
Splunk Cloud Platform and Splunk Enterprise are both products of the American company Splunk. Splunk Cloud Platform is a powerful service for data collection, processing, and analysis. Splunk Enterprise is a suite of software for data collection and analysis. There is an input validation...
PT-2026-48495
In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132, a low-privileged user that does not hold the "admin" or "power" Splunk roles could craft a malicious classic dashboard that...
PT-2026-48494
In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132, a low-privileged user that does not hold the 'admin' or 'power' Splunk roles could craft a malicious classic dashboard that...
PT-2026-48491
Name of the Vulnerable Software and Affected Versions Splunk Enterprise versions prior to 10.2.4 Splunk Enterprise versions prior to 10.0.7 Splunk Enterprise versions prior to 9.4.12 Splunk Enterprise versions prior to 9.3.13 Splunk Cloud Platform versions prior to 10.3.2512.12 Splunk Cloud...
PT-2026-48493
Name of the Vulnerable Software and Affected Versions Splunk Enterprise versions prior to 10.0.7 Splunk Enterprise versions prior to 10.2.4 Splunk Cloud Platform versions prior to 10.2.2510.14 Splunk Cloud Platform versions prior to 10.4.2604.3 Description An unauthenticated user can create or...
PT-2026-48499
🚨 CVE-2026-20259 In Splunk Enterprise versions below 10.2.4 and 10.0.7, and Splunk Cloud Platform versions below 10.4.2604.0, 10.3.2512.12, 10.2.2510.15, 10.1.2507.23, 10.0.2503.14, and 9.3.2411.131, a user who holds a Splunk role that contains the high-privilege capability edit saved search owne...
PT-2026-48498
In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.11, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132, a low-privileged user that does not hold the "admin" or "power" Splunk roles could store a malicious script in a classic...
Splunk Cloud Platform和Splunk Enterprise 访问控制错误漏洞
Splunk Cloud Platform and Splunk Enterprise are both products of the American company Splunk. Splunk Cloud Platform is a powerful service for data collection, processing, and analysis. Splunk Enterprise is a suite of software for data collection and analysis. Vulnerabilities in access control...
PT-2026-48497
In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132, a low-privileged user that does not hold the "admin" or "power" Splunk roles could craft a classic dashboard that exfiltrate...
Splunk Cloud Platform和Splunk Enterprise 输入验证错误漏洞
Splunk Cloud Platform and Splunk Enterprise are both products of the American company Splunk. Splunk Cloud Platform is a powerful service for data collection, processing, and analysis. Splunk Enterprise is a suite of software for data collection and analysis. There is an input validation...
Splunk Cloud Platform和Splunk Enterprise 跨站脚本漏洞
Splunk Cloud Platform and Splunk Enterprise are both products of the American company Splunk. Splunk Cloud Platform is a powerful service for data collection, processing, and analysis. Splunk Enterprise is a suite of software for data collection and analysis. Both Splunk Cloud Platform and Splunk...
Splunk Enterprise 10.0.0 < 10.0.7, 10.2.0 < 10.2.4 (SVD-2026-0609)
The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2026-0609 advisory. - In Splunk Enterprise versions below 10.2.4 and 10.0.7, and Splunk Cloud Platform versions below 10.4.2604.0, 10.3.2512.12,...
Splunk Enterprise 10.0.0 < 10.0.7, 10.2.0 < 10.2.4 (SVD-2026-0603)
The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2026-0603 advisory. - In Splunk Enterprise versions below 10.2.4 and 10.0.7, and Splunk Cloud Platform versions below 10.4.2604.3 and 10.2.2510.14,...
Splunk SOAR 安全漏洞
Splunk SOAR is a security orchestration, automation, and response platform provided by Splunk Inc. Versions of Splunk SOAR prior to 8.5.0 contained a security vulnerability. This vulnerability stemmed from SOAR failing to strip control characters from the HTTP request path before writing...
PT-2026-48492
🚨 CVE-2026-20252 In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.4.2604.3, 10.3.2512.12, 10.2.2510.14, 10.1.2507.22, and 9.3.2411.132, a low-privileged user that does not hold the "admin" or "power" Splunk roles could send...