CVE-2026-20141

MEDIUM

Splunk Enterprise <10.0.2/10.0.3/9.4.8/9.3.9 - Info Disclosure

Title source: llm

Description

In Splunk Enterprise versions below 10.0.2, 10.0.3, 9.4.8, and 9.3.9, a low-privileged user who does not hold the "admin" Splunk role could access the Splunk Monitoring Console App endpoints due to an improper access control. This could lead to a sensitive information disclosure.<br><br>The Monitoring Console app is a bundled app that comes with Splunk Enterprise. It is not available for download on SplunkBase, and is not installed on Splunk Cloud Platform instances. This vulnerability does not affect [Cloud Monitoring Console](https://help.splunk.com/en/splunk-cloud-platform/administer/admin-manual/10.2.2510/monitor-your-splunk-cloud-platform-deployment/introduction-to-the-cloud-monitoring-console).

References (1)

[Various Sources] https://advisory.splunk.com/advisories/SVD-2026-0206

Scores

CVSS v3 4.3

EPSS 0.0005

EPSS Percentile 14.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-200

Status published

Products (1)

splunk/splunk 9.3.0 - 9.3.9

Published Feb 18, 2026

Tracked Since Feb 18, 2026