Data Exposure Vulnerability in Splunk Enterprise and Splunk Cloud Platform
CVE-2026-20239

7.5HIGH

Key Information:

Vendor: Splunk
Status: Splunk Enterprise; Splunk Cloud Platform
Vendor: CVE Published:; 20 May 2026

What is CVE-2026-20239?

In specific versions of Splunk Enterprise and Splunk Cloud Platform, an unauthorized role could exploit access to the _internal index, allowing them to view session cookies and response bodies containing sensitive user data. This presents a significant risk for organizations relying on these platforms to manage and secure their data.

Affected Version(s)

Splunk Cloud Platform 10.3.2512 < 10.3.2512.8

Splunk Cloud Platform 10.2.2510 < 10.2.2510.11

Splunk Cloud Platform 10.1.2507 < 10.1.2507.21

References

https://advisory.splunk.com/advisories/SVD-2026-0503

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 20, 2026
Vulnerability Reserved
Oct 8, 2025

Credit

Charlie Huggard, Splunk

CVE-2026-20239 Data

JSON