Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Splunk — Vulnerabilities & Security Advisories 155

Browse all 155 CVE security advisories affecting Splunk. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Splunk operates primarily as a data analytics platform designed for searching, monitoring, and analyzing machine-generated big data via a web interface. Its architecture, which integrates complex data ingestion pipelines with extensive third-party app ecosystems, has historically exposed it to diverse vulnerability classes. Recorded Common Vulnerabilities and Exposures (CVEs) frequently involve remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from improper input validation or insecure default configurations in its web components. While no single catastrophic breach defines its history, the sheer volume of disclosed flaws highlights systemic risks in its expansive feature set. Security practitioners must rigorously patch these instances, as the platform’s central role in enterprise observability makes unmitigated vulnerabilities particularly impactful. The current count of 155 CVEs underscores the necessity for continuous configuration auditing and strict access controls to maintain integrity within organizations relying on this infrastructure.

Top products by Splunk: Splunk Enterprise Splunk Add-on Builder Splunk App for Lookup File Editing Splunk Enterprise Security (ES) Splunk MCP Server Splunk App for Stream Splunk SOAR (On-premises) Splunk ITSI Splunk App for SOAR Splunk Supporting Add-on for Active Directory Splunk/UniversalForwarder for Windows Splunk Add-on for Palo Alto Networks
CVE IDTitleCVSSSeverityPublished
CVE-2026-20205 Sensitive Information Disclosure in ''_internal'' index in Splunk MCP Server app — Splunk MCP ServerCWE-532 7.2 High2026-04-15
CVE-2026-20203 Improper Access Control in Data Model Acceleration in Splunk Enterprise — Splunk EnterpriseCWE-284 4.3 Medium2026-04-15
CVE-2026-20204 Improper Handling and Insufficient Isolation of Specific Temporary Files in Splunk Enterprise — Splunk EnterpriseCWE-377 7.1 High2026-04-15
CVE-2026-20202 Improper Input Validation during User Account Creation in Splunk Enterprise — Splunk EnterpriseCWE-176 6.6 Medium2026-04-15
CVE-2026-20163 Remote Command Execution (RCE) through the '/splunkd/__upload/indexing/preview' REST endpoint in Splunk Enterprise — Splunk EnterpriseCWE-77 8.0 High2026-03-11
CVE-2026-20162 Stored Cross-Site Scripting (XSS) through Path Traversal in Splunk Enterprise — Splunk EnterpriseCWE-79 6.3 Medium2026-03-11
CVE-2026-20166 Sensitive Information Disclosure in Discover Splunk Observability Cloud app for Splunk Enterprise — Splunk EnterpriseCWE-200 5.4 Medium2026-03-11
CVE-2026-20164 Sensitive Information Disclosure through Improper Access Control in Splunk Enterprise — Splunk EnterpriseCWE-200 6.5 Medium2026-03-11
CVE-2026-20165 Sensitive Information Disclosure in MongoClient logging channel in Splunk Enterprise — Splunk EnterpriseCWE-532 6.3 Medium2026-03-11
CVE-2026-20142 Sensitive Information Disclosure in "_internal" index in Splunk Enterprise — Splunk EnterpriseCWE-532 6.8 Medium2026-02-18
CVE-2026-20138 Sensitive Information Disclosure in "_internal" index in Splunk Enterprise — Splunk EnterpriseCWE-532 6.8 Medium2026-02-18
CVE-2026-20139 Client-Side Denial of Service (DoS) through ''/splunkd/__raw/services/authentication/users/username'' REST API endpoint in Splunk Enterprise — Splunk EnterpriseCWE-400 4.3 Medium2026-02-18
CVE-2026-20144 Sensitive Information Disclosure in ''_internal'' index in Splunk Enterprise — Splunk EnterpriseCWE-532 6.8 Medium2026-02-18
CVE-2026-20141 Improper Access Control in Splunk Monitoring Console App — Splunk EnterpriseCWE-200 4.3 Medium2026-02-18
CVE-2026-20137 Risky Commands Safeguards Bypass through preloaded Data Models due to Path Traversal vulnerability in Splunk Enterprise — Splunk EnterpriseCWE-200 3.5 Low2026-02-18
CVE-2025-20388 Blind Server Side Request Forgery (SSRF) through Distributed Search Peers in Splunk Enterprise — Splunk EnterpriseCWE-918 2.7 Low2025-12-03
CVE-2025-20389 Improper Input Validation in "label" column field in Splunk Secure Gateway App — Splunk EnterpriseCWE-20 4.3 Medium2025-12-03
CVE-2025-20387 Incorrect permissions assignment on Splunk Universal Forwarder for Windows during new installation or upgrade — Splunk EnterpriseCWE-732 8.0 High2025-12-03
CVE-2025-20383 Improper access control through push notifications for reports and alerts in Splunk Secure Gateway app — Splunk EnterpriseCWE-200 4.3 Medium2025-12-03
CVE-2025-20384 Unauthenticated Log Injection in Splunk Enterprise — Splunk EnterpriseCWE-117 5.3 Medium2025-12-03
CVE-2025-20386 Incorrect permission assignment on Splunk Enterprise for Windows during new installation or upgrade — Splunk EnterpriseCWE-732 8.0 High2025-12-03
CVE-2025-20385 Stored Cross-Site scripting (XSS) through Anchor Tag "href" in Navigation Bar Collections in Splunk Enterprise — Splunk EnterpriseCWE-79 2.4 Low2025-12-03
CVE-2025-20381 SPL commands allowlist controls bypass in Splunk MCP Server app through "run_splunk_query" MCP tool — Splunk MCP ServerCWE-863 5.4 Medium2025-12-03
CVE-2025-20382 URL validation bypass through Views Dashboard in Splunk Enterprise — Splunk EnterpriseCWE-601 3.5 Low2025-12-03
CVE-2025-20373 Sensitive Information Disclosure in “_internal“ index through Splunk Add-On for Palo Alto Networks — Splunk Add-on for Palo Alto NetworksCWE-532 2.7 Low2025-11-26
CVE-2025-20379 Risky command safeguards bypass using the “/services/streams/search“ REST endpoint through “q“ parameter in Splunk Enterprise — Splunk EnterpriseCWE-200 3.5 Low2025-11-12
CVE-2025-20378 Open Redirect on Web Login endpoint in Splunk Enterprise — Splunk EnterpriseCWE-601 3.1 Low2025-11-12
CVE-2025-20368 Stored Cross-Site Scripting (XSS) through missing field warning messages in Saved Search and Job Inspector on Splunk Enterprise — Splunk EnterpriseCWE-79 5.7 Medium2025-10-01
CVE-2025-20371 Unauthenticated Blind Server Side Request Forgery (SSRF) in Splunk Enterprise — Splunk EnterpriseCWE-918 7.5 High2025-10-01
CVE-2025-20367 Reflected Cross-site Scripting (XSS) in '/app/search/table' endpoint through the 'dataset.command' parameter on Splunk Enterprise — Splunk EnterpriseCWE-79 5.7 Medium2025-10-01

This page lists every published CVE security advisory associated with Splunk. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.