Critical Splunk Enterprise Flaw Lets Attackers Run Code Without Authentication

Jun 13, 2026

Splunk has released security updates to address a critical security flaw in Splunk Enterprise that could be exploited to conduct unauthenticated file operations and even remote code execution.

The vulnerability, tracked as CVE-2026-20253, is rated 9.8 on the CVSS scoring system.

“In Splunk Enterprise versions below 10.2.4 and 10.0.7, an unauthenticated user could create or truncate arbitrary

Critical Splunk Enterprise Flaw Lets Attackers Run Code Without Authentication

Free Network Consultation
||
Free IT Buyers Guide
||
Limited Time Only

CONTACT US

We are always ready to help you

Get Free Report & Network Analysis

Please check your email for the free report.