CVE-2026-20253

CVE Database · CVE-2026-20253

CVE-2026-20253

· CRITICALAnalyzed

CVSS v3.1

9.8

EPSS

1.73%

Published

Jun 10, 2026

Modified

Jun 15, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

In Splunk Enterprise versions below 10.2.4 and 10.0.7, and Splunk Cloud Platform versions below 10.4.2604.3 and 10.2.2510.14, an unauthenticated user could create or truncate arbitrary files through a PostgreSQL sidecar service endpoint.<br><br>The vulnerability exists because the PostgreSQL sidecar service endpoint lacks authentication controls, allowing any network-reachable user to invoke file operations without credentials.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-306

Affected Products (2)

splunk · splunk (up to 10.0.7)vulnerable

splunk · splunk (up to 10.2.4)vulnerable

References (1)

https://advisory.splunk.com/advisories/SVD-2026-0603

Vendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs