Zero Day MonitorZDM

← Back to list

EST

PRE-CVE

splunk

Multiple vulnerabilities in Splunk products

72% confidence

Description

Multiple vulnerabilities have been identified in various Splunk products including Splunk Operator for Kubernetes Add-on, Splunk MCP Server, Splunk IT Service Intelligence (ITSI), Splunk Enterprise, and Splunk Cloud Platform. Users are advised to update to fixed versions to mitigate these vulnerabilities.

Affected Products

Vendor	Product	Versions
splunk	—	< 3.1.0 (Splunk Operator for Kubernetes Add-on), < 1.0.3 (Splunk MCP Server), < 4.21.2 (Splunk IT Service Intelligence), multiple versions (Splunk Enterprise), multiple versions (Splunk Cloud Platform)

Related News (1 articles)

Tier B

CCCS Canada4h ago

Splunk security advisory (AV26-356)

→ No new info (linked only)

CISA KEV❌ No

Actively exploited❌ No

PublishedApr 15, 2026

Last enriched4h ago

Tags

multiple productssecurity advisory

Trending Score20

Source articles1

Independent1

Info Completeness4/14

Missing: cve_id, product, cvss, epss, cwe, kev, exploit, patch, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

HIGHCVE-2026-20204EXP

Improper Handling and Insufficient Isolation of Specific Temporary Files in Splunk Enterprise

HIGHCVE-2026-20205EXP

Sensitive Information Disclosure in ''_internal'' index in Splunk MCP Server app

MEDIUMCVE-2026-20202EXP

Improper Input Validation during User Account Creation in Splunk Enterprise

MEDIUMCVE-2026-20203EXP

Improper Access Control in Data Model Acceleration in Splunk Enterprise

MEDIUMCVE-2026-20144

In Splunk Enterprise versions below 10.2.0, 10.0.2, 9.4.7, 9.3.8, and 9.2.11, and Splunk Cloud Platform versions below 10.2.2510.0, 10.1.2507.11, 10.0.2503.9, and 9.3.2411.120, a user of a Splunk Sear

Pin to Dashboard

Verification

State: reported

Confidence: 72%

Vulnerability Timeline

CVE Published

Apr 15, 2026

Discovered by ZDM

Apr 15, 2026