Data Exfiltration Vulnerability in Splunk Enterprise and Cloud Platform
CVE-2026-20256
5.7MEDIUM
Key Information:
- Vendor
Splunk
- Vendor
- CVE Published:
- 10 June 2026
What is CVE-2026-20256?
In specific versions of Splunk Enterprise and Splunk Cloud Platform, a vulnerability allows low-privileged users to perform data exfiltration by utilizing protocol-relative URLs in dashboard drill-down links. The URL classifier fails to recognize these URLs and does not prompt users with a warning when an external site is accessed. This flaw can lead to unauthorized access to sensitive data, highlighting the need for updated security measures and awareness among users.
Affected Version(s)
Splunk Cloud Platform 10.3.2512 < 10.3.2512.13
Splunk Cloud Platform 10.2.2510 < 10.2.2510.15
Splunk Cloud Platform 10.1.2507 < 10.1.2507.23