CVE-2026-20204 – Splunk Enterprise
CVSS 7.1
IMPORTANT
“When visibility tools are compromised, the blind spots spread across the entire operation.”
Splunk has released a security patch for CVE-2026-20204 affecting Splunk Enterprise. This vulnerability impacts core platform behavior and could allow attackers to interfere with how data is processed or accessed within the system. Given Splunk’s role in monitoring and analytics, this creates risk around data integrity and operational visibility. The CVSS score is 7.1, which is High severity.
There is no verified evidence of real-world exploitation or publicly available proof-of-concept code. Despite this, the vulnerability poses a significant risk to environments relying on Splunk for security monitoring and log management.
Key Details
- Affected Product
- Splunk Splunk
- Attack Vector
- Network
- Attack Complexity
- High
- Privileges Required
- Low
- User Interaction
- Required
- CWE Classification
- CWE-377
Patch this CVE on all your endpoints in under 5 minutes.
First 200 endpoints are free forever, scale as needed.