logo

Splunk Enterprise vulnerability: Find impacted assets

ID: aa266c42-53ee-59ce-8b3a-b1f43e448fed

STIX ID: report--aa266c42-53ee-59ce-8b3a-b1f43e448fed

Feed Name: runZero Blog

Threat Score
80/100

Date Published: 2026-06-15

Date Updated: 2026-06-16

Author: Cale Black

...
...

## Executive summary Splunk disclosed a critical vulnerability (CVE-2026-20253, CVSS 9.8) in the PostgreSQL Sidecar Service of Splunk Enterprise that permits unauthenticated remote file uploads enabling forged database connections, administrative actions, and remote code execution; affected versions include 10.0.0–10.0.6 and 10.2.0–10.2.3, and Splunk recommends updating to 10.0.7 or 10.2.4 (or later) and following provided mitigations; the advisory also includes a runZero query to identify potentially impacted assets.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.