Data Exfiltration Vulnerability in Splunk Enterprise and Cloud Platform
CVE-2026-20255

5.7MEDIUM

Key Information:

Vendor

Splunk

Vendor
CVE Published:
10 June 2026

What is CVE-2026-20255?

In certain versions of Splunk Enterprise and Splunk Cloud Platform, a vulnerability allows low-privileged users to create malicious dashboards that can exfiltrate sensitive data to external servers. This occurs due to incomplete URL validation, enabling crafted dashboards to connect to untrusted domains and potentially compromising sensitive information. Effective mitigation involves validating user inputs and securing content access configurations.

Affected Version(s)

Splunk Cloud Platform 10.3.2512 < 10.3.2512.13

Splunk Cloud Platform 10.2.2510 < 10.2.2510.15

Splunk Cloud Platform 10.1.2507 < 10.1.2507.23

References

CVSS V3.1

Score:
5.7
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Tony Tong (tongster)
.