Splunk Enterprise Vulnerabilities Expose Systems to RCE, XSS, SSRF, and Data Theft
VPN Central [Unofficial]
June 16, 2026
Splunk has patched multiple vulnerabilities in Splunk Enterprise and Splunk Cloud Platform that could allow attackers to create or truncate files, run malicious scripts in a user’s browser, exfiltrate data from dashboards, and trigger server-side requests to internal systems. The most severe issue is CVE-2026-20253, a critical unauthenticated file creation and truncation flaw in a […]
The post Splunk Enterprise Vulnerabilities Expose Systems to RCE, XSS, SSRF, and Data Theft appeared first on VPN Central.
Discussion in the ATmosphere