Zero Day MonitorZDM

← Back to list

5.5

CVE-2026-20259EXPLOITEDPATCHED

splunk · splunk enterpri

Improper Access Control in Splunk Enterprise

Description

A vulnerability classified as critical was found in Splunk Enterprise and Cloud Platform. This vulnerability affects unknown code of the component Ownership Reassignment Endpoint. The manipulation results in improper access controls. This vulnerability is known as CVE-2026-20259. It is possible to launch the attack remotely. No exploit is available. Upgrading the affected component is advised.

Affected Products

Vendor	Product	Versions
splunk	splunk enterpri	10.2, 10.0, 10.3.2512, 10.2.2510, 10.1.2507, 10.0.2503, 9.3.2411

References

https://advisory.splunk.com/advisories/SVD-2026-0609

Related News (1 articles)

Tier C

VulDB4h ago

CVE-2026-20259 | Splunk Enterprise/Cloud Platform Ownership Reassignment Endpoint access control (SVD-2026-0609)

→ No new info (linked only)

CVSS 3.15.5 CRITICAL

VectorCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N

CISA KEV❌ No

Actively exploited✅ Yes

Patch available

10.2.410.0.710.3.2512.1210.2.2510.1510.1.2507.2310.0.2503.149.3.2411.131

CWECWE-284

PublishedJun 10, 2026

Last enriched3h agov2

Trending Score51

Source articles2

Independent1

Info Completeness9/14

Missing: epss, kev, exploit, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

CRITICALCVE-2026-20251EXP

Remote Code Execution through Deserialization of Untrusted Data in Splunk Secure Gateway

CRITICALCVE-2026-20252EXP

Server-Side Request Forgery (SSRF) through Dashboard Studio PDF Export in Splunk Enterprise

CRITICALCVE-2026-20254EXP

Information Disclosure through External Content Restriction Bypass in Splunk Enterprise

HIGHCVE-2026-20257EXP

Improper Input Validation through Classic Dashboard CSS in Splunk Enterprise

HIGHCVE-2026-20260EXP

Log Injection through HTTP Request Paths in Splunk SOAR

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Vulnerability Timeline

CVE Published

Jun 10, 2026

Discovered by ZDM

Jun 10, 2026

Actively Exploited

Jun 10, 2026

Patch Available

Jun 10, 2026

Updated: description, severity, activelyExploited

Jun 10, 2026

Version History

v2

Last enriched 3h ago

v2Tier C3h ago

Updated severity to CRITICAL, changed exploit availability to false, and provided a new description with additional details.

descriptionseverityactivelyExploited

via VulDB

v16h ago

Initial creation