The Hacker News

Critical Splunk Enterprise Flaw Lets Attackers Run Code Without Authentication

Splunk issued security updates for a critical CVSS 9.8 vulnerability in Splunk Enterprise that allows unauthenticated remote ...

Splunk Enterprise: Attacks on Code Smuggling Vulnerability

Splunk warns that malicious actors are attacking a critical code smuggling vulnerability in Splunk Enterprise. Updates are ...
latesthackingnews.com

How CVE-2026-20253 Turns Splunk’s PostgreSQL Sidecar Into an Open Door

CVE-2026-20253 is a CVSS 9.8 pre-auth flaw in Splunk Enterprise's PostgreSQL sidecar service. An unauthenticated attacker can ...
HealthcareInfoSecurity

Critical Splunk Vulnerability Actively Exploited

A disclosed Splunk Enterprise vulnerability, CVE-2026-20253, is under active exploitation and can be chained into ...
SecurityWeek

Splunk Enterprise Update Patches Remote Code Execution Vulnerabilities

Splunk has released patches for multiple vulnerabilities in Splunk Enterprise, including two high-severity remote code execution flaws. Splunk on Monday announced fixes for 11 vulnerabilities in ...
thearabianpost

Splunk flaw opens risky code path

Splunk has disclosed a high-severity security flaw that can allow remote code execution in affected Splunk Enterprise and Splunk Cloud Platform deployments, raising concern for organisations that rely ...
SecurityWeek

Splunk Enterprise Vulnerability Exploited in Attacks Days After Disclosure

CISA has given federal agencies only three days to patch CVE-2026-20253, which can be exploited for unauthenticated remote code execution. A critical Splunk Enterprise vulnerability is being exploited ...
techzine

Splunk sues Cribl for copyright infringement

Splunk has taken its competitor Cribl to court over the illegal use of its source code and other technical secrets. With this, Cribl would like to undermine the data platform specialist’s market ...