A critical vulnerability in Splunk Enterprise elevates what was initially reported as an arbitrary file-creation flaw to unauthenticated Remote Code Execution (RCE). Tracked as CVE-2026-20253, the vulnerability carries a maximum CVSS score of 9.8. It specifically impacts the PostgreSQL Sidecar Service introduced in Splunk version 10. According to Watchtowr, the sidecar service is not installed […]
The post Critical Splunk Enterprise Flaw Enables Unauthenticated Remote Code Execution appeared first on Cyber Security News.