Access Control Flaw in Splunk Enterprise and Cloud Platforms
CVE-2026-20259
5.5MEDIUM
Key Information:
- Vendor
Splunk
- Vendor
- CVE Published:
- 10 June 2026
What is CVE-2026-20259?
An access control vulnerability exists in Splunk Enterprise and Cloud products that allows users with the high-privilege role 'edit_saved_search_owner' to improperly reassign ownership of saved searches to unauthorized users. This flaw arises from the lack of proper access control at the ownership reassignment endpoint, potentially leading to privilege escalation and unauthorized access to sensitive configurations.
Affected Version(s)
Splunk Cloud Platform 10.3.2512 < 10.3.2512.12
Splunk Cloud Platform 10.2.2510 < 10.2.2510.15
Splunk Cloud Platform 10.1.2507 < 10.1.2507.23