Severity: CRITICAL

Splunk has issued patches for a critical vulnerability, CVE-2026-20253 (CVSS 9.8), in Splunk Enterprise. This flaw allows an unauthenticated attacker to perform arbitrary file operations, including creating or truncating files, and can lead to remote code execution. The vulnerability affects versions below 10.2.4 and 10.0.7, making immediate patching essential for all Splunk Enterprise deployments.

Source: The Hacker News