THREAT OPS › CVEs › CVE-2026-20253
CVE-2026-20253 — Splunk Enterprise Missing Authentication for Critical Function Vulnerability
Splunk Enterprise contains a missing authentication for critical function vulnerability which could allow an unauthenticated user to create or truncate arbitrary files through a PostgreSQL sidecar service endpoint.
Vulnerability details
- Affected productsEnterprise
- KEV remediation due2026-06-21
Related reporting
- Critical Unauthenticated Remote Code Execution in Splunk Enterprise (CVE-2026-20253)zscaler_threatlabz
- [CISA KEV] CVE-2026-20253 — Splunk Enterprise: Splunk Enterprise Missing Authentication for Critical Function Vulnerabilitycisa_kev
- Why Use App-Level Auth When Every Database Has Auth? (Splunk Enterprise CVE-2026-20253 Pre-Auth RCE)watchtowr
- June 2026 CVE Landscaperecordedfuture