The Hacker News

Critical Splunk Enterprise Flaw Lets Attackers Run Code Without Authentication

Splunk issued security updates for a critical CVSS 9.8 vulnerability in Splunk Enterprise that allows unauthenticated remote ...
latesthackingnews.com

How CVE-2026-20253 Turns Splunk’s PostgreSQL Sidecar Into an Open Door

CVE-2026-20253 is a CVSS 9.8 pre-auth flaw in Splunk Enterprise's PostgreSQL sidecar service. An unauthenticated attacker can ...
TechRepublic

New Splunk Windows Flaw Enables Privilege Escalation Attacks

Splunk for Windows has a high-severity flaw that lets local users escalate privileges through misconfigured file permissions. Learn how to fix it. A newly disclosed high-severity flaw in Splunk for ...