External Publication
Visit Post

Splunk Enterprise Flaw Exposes Pre-Auth RCE Chain Through PostgreSQL Sidecar Service

VPN Central [Unofficial] June 17, 2026
Source
Splunk has patched a critical Splunk Enterprise vulnerability that can let unauthenticated attackers create or truncate files through a PostgreSQL sidecar service endpoint. The flaw is tracked as CVE-2026-20253 and carries a CVSS 3.1 score of 9.8. The official issue is described as unauthenticated arbitrary file creation and truncation. However, watchTowr Labs showed how the […] The post Splunk Enterprise Flaw Exposes Pre-Auth RCE Chain Through PostgreSQL Sidecar Service appeared first on VPN Central.

Discussion in the ATmosphere

Loading comments...