The Hacker News

Critical Splunk Enterprise Flaw Lets Attackers Run Code Without Authentication

Splunk issued security updates for a critical CVSS 9.8 vulnerability in Splunk Enterprise that allows unauthenticated remote ...

Splunk Enterprise: Attacks on Code Smuggling Vulnerability

Splunk warns that malicious actors are attacking a critical code smuggling vulnerability in Splunk Enterprise. Updates are ...
latesthackingnews.com

How CVE-2026-20253 Turns Splunk’s PostgreSQL Sidecar Into an Open Door

CVE-2026-20253 is a CVSS 9.8 pre-auth flaw in Splunk Enterprise's PostgreSQL sidecar service. An unauthenticated attacker can ...
HealthcareInfoSecurity

Critical Splunk Vulnerability Actively Exploited

A disclosed Splunk Enterprise vulnerability, CVE-2026-20253, is under active exploitation and can be chained into ...
SecurityWeek

Atlassian, Splunk Patch Critical Vulnerabilities

Atlassian and Splunk have released patches for critical vulnerabilities, including dozens of flaws in third-party ...