Vulnerability Details CVE-2026-20253
In Splunk Enterprise versions below 10.2.4 and 10.0.7, and Splunk Cloud Platform versions below 10.4.2604.3 and 10.2.2510.14, an unauthenticated user could create or truncate arbitrary files through a PostgreSQL sidecar service endpoint.<br><br>The vulnerability exists because the PostgreSQL sidecar service endpoint lacks authentication controls, allowing any network-reachable user to invoke file operations without credentials.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.017
EPSS Ranking 73.9%
CVSS Severity
CVSS v3 Score 9.8
Products affected by CVE-2026-20253
-
cpe:2.3:a:splunk:splunk:10.0.0
-
cpe:2.3:a:splunk:splunk:10.0.1
-
cpe:2.3:a:splunk:splunk:10.0.2
-
cpe:2.3:a:splunk:splunk:10.0.3
-
cpe:2.3:a:splunk:splunk:10.0.4
-
cpe:2.3:a:splunk:splunk:10.0.5
-
cpe:2.3:a:splunk:splunk:10.2.0
-
cpe:2.3:a:splunk:splunk:10.2.1
-
cpe:2.3:a:splunk:splunk:10.2.2