Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1336 CNY

100%

Splunk — Vulnerabilities & Security Advisories 170

Browse all 170 CVE security advisories affecting Splunk. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Splunk operates primarily as a data analytics platform designed for searching, monitoring, and analyzing machine-generated big data via a web interface. Its architecture, which integrates complex data ingestion pipelines with extensive third-party app ecosystems, has historically exposed it to diverse vulnerability classes. Recorded Common Vulnerabilities and Exposures (CVEs) frequently involve remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from improper input validation or insecure default configurations in its web components. While no single catastrophic breach defines its history, the sheer volume of disclosed flaws highlights systemic risks in its expansive feature set. Security practitioners must rigorously patch these instances, as the platform’s central role in enterprise observability makes unmitigated vulnerabilities particularly impactful. The current count of 155 CVEs underscores the necessity for continuous configuration auditing and strict access controls to maintain integrity within organizations relying on this infrastructure.

CVE IDTitleCVSSSeverityPublished
CVE-2026-20266 OS Command Injection in the btool Configuration Helper in Splunk AI Toolkit — Splunk AI ToolkitCWE-78 9.1 Critical2026-06-17
CVE-2026-20265 Insecure Default Domain Allowlist in Splunk AI Toolkit — Splunk AI ToolkitCWE-1188 4.3 Medium2026-06-17
CVE-2026-20258 Stored Cross-Site Scripting (XSS) through Classic Dashboard in Splunk Enterprise — Splunk EnterpriseCWE-79 7.1 High2026-06-10
CVE-2026-20260 Log Injection through HTTP Request Paths in Splunk SOAR — Splunk SOARCWE-117 4.3 Medium2026-06-10
CVE-2026-20253 Unauthenticated Arbitrary File Creation and Truncation in a PostgreSQL Sidecar Service Endpoint in Splunk Enterprise — Splunk EnterpriseCWE-306 9.8 Critical2026-06-10
CVE-2026-20252 Server-Side Request Forgery (SSRF) through Dashboard Studio PDF Export in Splunk Enterprise — Splunk EnterpriseCWE-918 7.6 High2026-06-10
CVE-2026-20257 Improper Input Validation through Classic Dashboard CSS in Splunk Enterprise — Splunk EnterpriseCWE-20 5.7 Medium2026-06-10
CVE-2026-20259 Improper Access Control in Splunk Enterprise — Splunk EnterpriseCWE-284 5.5 Medium2026-06-10
CVE-2026-20255 Improper Input Validation through Classic Dashboards in Splunk Enterprise — Splunk EnterpriseCWE-20 5.7 Medium2026-06-10
CVE-2026-20251 Remote Code Execution through Deserialization of Untrusted Data in Splunk Secure Gateway — Splunk EnterpriseCWE-502 8.8 High2026-06-10
CVE-2026-20254 Information Disclosure through External Content Restriction Bypass in Splunk Enterprise — Splunk EnterpriseCWE-20 5.7 Medium2026-06-10
CVE-2026-20256 Improper Input Validation through Protocol-Relative URL in Classic Dashboards in Splunk Enterprise — Splunk EnterpriseCWE-20 5.7 Medium2026-06-10
CVE-2026-20238 Improper Access Control through Role Inheritance in Splunk AI Toolkit app — Splunk AI ToolkitCWE-863 6.5 Medium2026-05-20
CVE-2026-20239 Sensitive Information Disclosure through Log Files in Splunk Enterprise — Splunk EnterpriseCWE-532 7.5 High2026-05-20
CVE-2026-20240 Denial of Service through coldToFrozen.sh Script in Splunk Enterprise — Splunk EnterpriseCWE-20 7.1 Medium2026-05-20
CVE-2026-20205 Sensitive Information Disclosure in ''_internal'' index in Splunk MCP Server app — Splunk MCP ServerCWE-532 7.2 High2026-04-15
CVE-2026-20203 Improper Access Control in Data Model Acceleration in Splunk Enterprise — Splunk EnterpriseCWE-284 4.3 Medium2026-04-15
CVE-2026-20204 Improper Handling and Insufficient Isolation of Specific Temporary Files in Splunk Enterprise — Splunk EnterpriseCWE-377 7.1 High2026-04-15
CVE-2026-20202 Improper Input Validation during User Account Creation in Splunk Enterprise — Splunk EnterpriseCWE-176 6.6 Medium2026-04-15
CVE-2026-20163 Remote Command Execution (RCE) through the '/splunkd/__upload/indexing/preview' REST endpoint in Splunk Enterprise — Splunk EnterpriseCWE-77 8.0 High2026-03-11
CVE-2026-20162 Stored Cross-Site Scripting (XSS) through Path Traversal in Splunk Enterprise — Splunk EnterpriseCWE-79 6.3 Medium2026-03-11
CVE-2026-20166 Sensitive Information Disclosure in Discover Splunk Observability Cloud app for Splunk Enterprise — Splunk EnterpriseCWE-200 5.4 Medium2026-03-11
CVE-2026-20164 Sensitive Information Disclosure through Improper Access Control in Splunk Enterprise — Splunk EnterpriseCWE-200 6.5 Medium2026-03-11
CVE-2026-20165 Sensitive Information Disclosure in MongoClient logging channel in Splunk Enterprise — Splunk EnterpriseCWE-532 6.3 Medium2026-03-11
CVE-2026-20142 Sensitive Information Disclosure in "_internal" index in Splunk Enterprise — Splunk EnterpriseCWE-532 6.8 Medium2026-02-18
CVE-2026-20138 Sensitive Information Disclosure in "_internal" index in Splunk Enterprise — Splunk EnterpriseCWE-532 6.8 Medium2026-02-18
CVE-2026-20139 Client-Side Denial of Service (DoS) through ''/splunkd/__raw/services/authentication/users/username'' REST API endpoint in Splunk Enterprise — Splunk EnterpriseCWE-400 4.3 Medium2026-02-18
CVE-2026-20144 Sensitive Information Disclosure in ''_internal'' index in Splunk Enterprise — Splunk EnterpriseCWE-532 6.8 Medium2026-02-18
CVE-2026-20141 Improper Access Control in Splunk Monitoring Console App — Splunk EnterpriseCWE-200 4.3 Medium2026-02-18
CVE-2026-20137 Risky Commands Safeguards Bypass through preloaded Data Models due to Path Traversal vulnerability in Splunk Enterprise — Splunk EnterpriseCWE-200 3.5 Low2026-02-18

This page lists every published CVE security advisory associated with Splunk. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.