CVE-2026-20253 — Splunk Enterprise Missing Authentication for Critical Function Vulnerability

Description

Splunk Enterprise contains a missing authentication for critical function vulnerability which could allow an unauthenticated user to create or truncate arbitrary files through a PostgreSQL sidecar service endpoint.

How to fix CVE-2026-20253

No package mapping is available — consult the references below for vendor-specific guidance.

Is CVE-2026-20253 being exploited?

Yes — CVE-2026-20253 is on the CISA Known Exploited Vulnerabilities (KEV) catalog. Patch immediately.

Affected packages (0)

No package mapping in OSV.