CRITICAL
Critical Splunk Enterprise Flaw (CVE-2026-20253, CVSS 9.8) Allows Unauthenticated Remote Code Execution
Splunk released security updates fixing CVE-2026-20253, a critical vulnerability in Splunk Enterprise rated 9.8 on the CVSS scale.
The flaw allows an unauthenticated attacker to perform arbitrary file operations, including creating or truncating files, and can be leveraged for remote code execution.
Affected versions are Splunk Enterprise below 10.2.4 and below 10.0.7.
Given the unauthenticated, remote nature of the flaw, organizations running Splunk Enterprise should patch immediately.