CVE-2025-20231

Affected software: Splunk Enterprise (versions below 9.4.1, 9.3.3, 9.2.5, 9.1.8) and Splunk Secure Gateway app (Splunk Cloud Platform) below 3.8.38 and 3.7.23. Description: a low-privileged user without admin/power roles can perform a search using the permissions of a higher-privileged user, risk...

CVE-2025-20230

Summary of CVE-2025-20230 : In Splunk Enterprise, affected versions below 9.4.1, 9.3.3, 9.2.5, and 9.1.8, and in Splunk Cloud Platform’s Splunk Secure Gateway app below 3.8.38 and 3.7.23, a low-privileged user without admin/power roles could edit and delete other users’ data in App KVStore collec...

CVE-2026-20251

CVE-2026-20251 affects Splunk Enterprise (versions below 10.2.4/10.0.7/9.4.12/9.3.13), Splunk Cloud Platform (below 10.3.2512.12/10.2.2510.14/10.1.2507.22/9.3.2411.132), and Splunk Secure Gateway (below 3.10.6/3.9.20/3.8.67). A low-privileged user (not admin/power) can achieve Remote Code Executi...

CVE-2025-20383

CVE-2025-20383 affects Splunk Enterprise (below 10.0.2 and older 9.x branches) and the Splunk Secure Gateway app (below 3.7.28/3.8.58/3.9.10) in Splunk Cloud Platform. A low-privilege user with mobile push notifications enabled can see the title and description of reports/alerts they are not auth...

CVE-2025-20389

CVE-2025-20389 affects Splunk Enterprise and the Splunk Secure Gateway app. A low-privilege user (not admin/power) can craft a malicious payload via the label column after adding a new device in Splunk Secure Gateway, potentially causing a client-side DoS. Affected versions: Splunk Enterprise &lt...