wid-sec-w-2026-1877 · Published 2026-06-14 · View on BSI CERT-Bund ↗

Splunk Enterprise: Multiple Vulnerabilities

CVSS N/A NONE CISA KEV — Known Exploited

Risk Summary

Ein Angreifer kann mehrere Schwachstellen in Splunk Enterprise ausnutzen, um beliebigen Code auszuführen, Cross-Site-Scripting-Angriffe durchzuführen, Daten zu manipulieren, Sicherheitsmaßnahmen zu umgehen oder vertrauliche Informationen offenzulegen.

CVEs (9)

CVE-2026-20251 CVE-2026-20252 CVE-2026-20254 CVE-2026-20255 CVE-2026-20256 CVE-2026-20257 CVE-2026-20258 CVE-2026-20259 CVE-2026-20253

Affected Vendors

Splunk

Affected Products (10)

Splunk · Splunk Enterprise <10.4.0

Splunk · Splunk Enterprise 10.4.0

Splunk · Splunk Enterprise <10.2.4

Splunk · Splunk Enterprise 10.2.4

Splunk · Splunk Enterprise <10.0.7

Splunk · Splunk Enterprise 10.0.7

Splunk · Splunk Enterprise <9.4.12

Splunk · Splunk Enterprise 9.4.12

Splunk · Splunk Enterprise <9.3.13

Splunk · Splunk Enterprise 9.3.13

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more