Lucene search
K

20788 matches found

CVE
CVE
added 2026/06/10 5:16 p.m.27 views

CVE-2026-20255

The CVE-2026-20255 issue affects Splunk Enterprise (versions below 10.2.4, 10.0.7, 9.4.12, 9.3.13) and Splunk Cloud Platform (below 10.3.2512.13, 10.2.2510.15, 10.1.2507.23, 9.3.2411.132). A low-privilege user can craft a malicious classic dashboard to exfiltrate sensitive data to an external ser...

5.7CVSS5.5AI score0.00245EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/06/10 5:16 p.m.60 views

CVE-2026-20251

CVE-2026-20251 affects Splunk Enterprise (versions below 10.2.4/10.0.7/9.4.12/9.3.13), Splunk Cloud Platform (below 10.3.2512.12/10.2.2510.14/10.1.2507.22/9.3.2411.132), and Splunk Secure Gateway (below 3.10.6/3.9.20/3.8.67). A low-privileged user (not admin/power) can achieve Remote Code Executi...

8.8CVSS5.8AI score0.00575EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2026/06/10 5:16 p.m.32 views

CVE-2026-20251 Remote Code Execution through Deserialization of Untrusted Data in Splunk Secure Gateway

In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, Splunk Cloud Platform versions below 10.3.2512.12, 10.2.2510.14, 10.1.2507.22, and 9.3.2411.132, and Splunk Secure Gateway versions below 3.10.6, 3.9.20, and 3.8.67, a low-privileged user that does not hold the 'admin' or...

8.8CVSS0.00575EPSS
Exploits1References1
CVE
CVE
added 2026/06/10 5:15 p.m.19 views

CVE-2026-20254

The affected products are Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132. A low-privileged user (not admin/power) can craft a malicious classic dashboard that exfiltrates sens...

5.7CVSS5.5AI score0.00247EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/10 5:15 p.m.8 views

CVE-2026-20254 Information Disclosure through External Content Restriction Bypass in Splunk Enterprise

In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132, a low-privileged user that does not hold the 'admin' or 'power' Splunk roles could craft a malicious classic dashboard that...

5.7CVSS5.2AI score0.00247EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/10 5:15 p.m.10 views

EUVD-2026-36081

In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132, a low-privileged user that does not hold the 'admin' or 'power' Splunk roles could craft a malicious classic dashboard that...

5.7CVSS5.5AI score0.00247EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/10 5:15 p.m.27 views

CVE-2026-20254 Information Disclosure through External Content Restriction Bypass in Splunk Enterprise

In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132, a low-privileged user that does not hold the 'admin' or 'power' Splunk roles could craft a malicious classic dashboard that...

5.7CVSS0.00247EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/10 5:15 p.m.11 views

EUVD-2026-36080

In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132, a low-privileged user that does not hold the 'admin' or 'power' Splunk roles could cause data exfiltration through classic...

5.7CVSS5.4AI score0.00252EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/10 5:15 p.m.28 views

CVE-2026-20256 Improper Input Validation through Protocol-Relative URL in Classic Dashboards in Splunk Enterprise

In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132, a low-privileged user that does not hold the 'admin' or 'power' Splunk roles could cause data exfiltration through classic...

5.7CVSS0.00252EPSS
Exploits0References1
CVE
CVE
added 2026/06/10 5:15 p.m.15 views

CVE-2026-20256

Splunk Enterprise (versions < 10.2.4, 10.0.7, 9.4.12, 9.3.13) and Splunk Cloud Platform (versions

5.7CVSS5.4AI score0.00252EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.16 views

PT-2026-48497

In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132, a low-privileged user that does not hold the "admin" or "power" Splunk roles could craft a classic dashboard that exfiltrate...

5.7CVSS5.4AI score0.00198EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.16 views

PT-2026-48491

Name of the Vulnerable Software and Affected Versions Splunk Enterprise versions prior to 10.2.4 Splunk Enterprise versions prior to 10.0.7 Splunk Enterprise versions prior to 9.4.12 Splunk Enterprise versions prior to 9.3.13 Splunk Cloud Platform versions prior to 10.3.2512.12 Splunk Cloud...

8.8CVSS5.9AI score0.00575EPSS
Exploits1References9
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.16 views

PT-2026-48498

In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.11, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132, a low-privileged user that does not hold the "admin" or "power" Splunk roles could store a malicious script in a classic...

7.1CVSS5.7AI score0.00174EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.14 views

Splunk Enterprise 输入验证错误漏洞

Splunk Cloud Platform and Splunk Enterprise are both products of the American company Splunk. Splunk Cloud Platform is a powerful service for data collection, processing, and analysis. Splunk Enterprise is a suite of software for data collection and analysis. There is an input validation...

5.7CVSS5.9AI score0.00198EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.16 views

Splunk Enterprise 跨站脚本漏洞

Splunk Cloud Platform and Splunk Enterprise are both products of the American company Splunk. Splunk Cloud Platform is a powerful service for data collection, processing, and analysis. Splunk Enterprise is a suite of software for data collection and analysis. Both Splunk Cloud Platform and Splunk...

7.1CVSS5.8AI score0.00174EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.12 views

Splunk SOAR 安全漏洞

Splunk SOAR is a security orchestration, automation, and response platform provided by Splunk Inc. Versions of Splunk SOAR prior to 8.5.0 contained a security vulnerability. This vulnerability stemmed from SOAR failing to strip control characters from the HTTP request path before writing...

4.3CVSS5.3AI score0.00199EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.13 views

Splunk Enterprise 输入验证错误漏洞

Splunk Cloud Platform and Splunk Enterprise are both products of the American company Splunk. Splunk Cloud Platform is a powerful service for data collection, processing, and analysis. Splunk Enterprise is a suite of software for data collection and analysis. There is an input validation...

5.7CVSS5.9AI score0.00245EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.12 views

Splunk Enterprise 输入验证错误漏洞

Splunk Cloud Platform and Splunk Enterprise are both products of the American company Splunk. Splunk Cloud Platform is a powerful service for data collection, processing, and analysis. Splunk Enterprise is a suite of software for data collection and analysis. There is an input validation...

5.7CVSS5.8AI score0.00252EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.14 views

Splunk Enterprise 输入验证错误漏洞

Splunk Cloud Platform and Splunk Enterprise are both products of the American company Splunk. Splunk Cloud Platform is a powerful service for data collection, processing, and analysis. Splunk Enterprise is a suite of software for data collection and analysis. There is an input validation...

5.7CVSS5.9AI score0.00247EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.10 views

Splunk Enterprise 服务端请求伪造漏洞

Splunk Cloud Platform and Splunk Enterprise are both products of the American company Splunk. Splunk Cloud Platform is a powerful service for data collection, processing, and analysis. Splunk Enterprise is a suite of software for data collection and analysis. There are code vulnerabilities in...

7.6CVSS6AI score0.00255EPSS
Exploits0References1
Rows per page
Query Builder