CVE-2026-20239 – Sensitive Information Disclosure through Log Files in Splunk Enterprise

CVE ID :CVE-2026-20239

Published : May 20, 2026, 6:16 p.m. | 41 minutes ago

Description :In Splunk Enterprise versions below 10.2.2 and 10.0.5, and Splunk Cloud Platform versions below 10.3.2512.8, 10.2.2510.11, 10.1.2507.21, and 10.0.2503.13, a user with a role that has access to the `_internal` index could view session cookies and response bodies that contain sensitive data.

Severity: 7.5 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more… 

نوشته های مشابه

CVE-2026-20240 – Denial of Service through coldToFrozen.sh Script in Splunk Enterprise

CVE-2026-20238 – Improper Access Control through Role Inheritance in Splunk AI Toolkit app

CVE-2026-30691 – Cyntler React Doc Viewer XSS

CVE-2026-9101 – Prototype pollution in csv parsing