splunk

272 tracked vulnerabilities.

CVE-2026-20240 MEDIUM
Denial of Service through coldToFrozen.sh Script in Splunk Enterprise
May 20, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-20239 HIGH
Sensitive Information Disclosure through Log Files in Splunk Enterprise
May 20, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-20238 MEDIUM
Improper Access Control through Role Inheritance in Splunk AI Toolkit app
May 20, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-20205 HIGH
Sensitive Information Disclosure in ''_internal'' index in Splunk MCP Server app
Apr 15, 2026
CVSS 7.2
EPSS 0.00
CVE-2026-20204 HIGH
Improper Handling and Insufficient Isolation of Specific Temporary Files in Splunk Enterprise
Apr 15, 2026
CVSS 7.1
EPSS 0.00
CVE-2026-20203 MEDIUM
Improper Access Control in Data Model Acceleration in Splunk Enterprise
Apr 15, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-20202 MEDIUM
Improper Input Validation during User Account Creation in Splunk Enterprise
Apr 15, 2026
CVSS 6.6
EPSS 0.00
CVE-2026-20166 MEDIUM
Splunk Enterprise <10.2.1 - Info Disclosure
Mar 11, 2026
CVSS 5.4
EPSS 0.00
CVE-2026-20165 MEDIUM
Splunk Enterprise/Cloud - Info Disclosure
Mar 11, 2026
CVSS 6.3
EPSS 0.00
CVE-2026-20164 MEDIUM
Splunk Enterprise <10.2.0 - Info Disclosure
Mar 11, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-20163 HIGH
Splunk Enterprise <10.2.0 - Command Injection
Mar 11, 2026
CVSS 7.2
EPSS 0.00
CVE-2026-20162 MEDIUM
Splunk Enterprise <10.2.0 - Stored XSS
Mar 11, 2026
CVSS 6.3
EPSS 0.00
CVE-2026-20144 MEDIUM
Splunk Enterprise <10.2.0 - Info Disclosure
Feb 18, 2026
CVSS 6.8
EPSS 0.00
CVE-2026-20142 MEDIUM
Splunk Enterprise <10.2.0 - Info Disclosure
Feb 18, 2026
CVSS 6.8
EPSS 0.00
CVE-2026-20141 MEDIUM
Splunk Enterprise <10.0.2/10.0.3/9.4.8/9.3.9 - Info Disclosure
Feb 18, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-20139 MEDIUM
Splunk Enterprise <10.2.0 - DoS
Feb 18, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-20138 MEDIUM
Splunk Enterprise <10.2.0 - Info Disclosure
Feb 18, 2026
CVSS 6.8
EPSS 0.00
CVE-2026-20137 LOW
Splunk Enterprise <10.2.0 - Path Traversal
Feb 18, 2026
CVSS 3.5
EPSS 0.00
CVE-2025-20389 MEDIUM
Splunk Enterprise <10.0.2,9.4.6,9.3.8,9.2.10 - DoS
Dec 03, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-20388 LOW
Splunk <10.0.1-9.2.10 - Info Disclosure
Dec 03, 2025
CVSS 2.7
EPSS 0.00
CVE-2025-20387 HIGH
Splunk Universal Forwarder for Windows < 9.2.10 - Incorrect Permission Assignment for Critical Resource
Dec 03, 2025
CVSS 8.0
EPSS 0.00
CVE-2025-20386 HIGH
Splunk Enterprise <10.0.2-9.4.6-9.3.8-9.2.10 - Info Disclosure
Dec 03, 2025
CVSS 8.0
EPSS 0.00
CVE-2025-20385 LOW
Splunk <10.0.2, 9.4.6, 9.3.8, 9.2.10 - Code Injection
Dec 03, 2025
CVSS 2.4
EPSS 0.00
CVE-2025-20384 MEDIUM
Splunk <10.0.1-9.2.10 - Info Disclosure
Dec 03, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-20383 MEDIUM
Splunk Enterprise <10.0.2,9.4.6,9.3.8,9.2.10 - Info Disclosure
Dec 03, 2025
CVSS 4.3
EPSS 0.00
Products
splunk 192 splunk_cloud_platform 98 universal_forwarder 61 cloud 9 Splunk Enterprise 7 Splunk Cloud Platform 5 splunk_secure_gateway 4 add-on_builder 3 splunk_app_for_lookup_file_editing 3 Splunk MCP Server 2 Splunk Secure Gateway 2 enterprise_security 2 Splunk AI Toolkit 1 Splunk Add-on for Palo Alto Networks 1 Splunk App for SOAR 1 Splunk Supporting Add-on for Active Directory 1 cloudconnect_software_development_kit 1 hadoop_connect 1 it_service_intelligence 1 nozzle 1 soar 1 software_development_kit 1 splunk_app_for_stream 1
Quick Filters
Critical CVEs With Exploits In CISA KEV