【Security Vulnerability Alert】Splunk Enterprise、Splunk Cloud Platform and Splunk Secure Gateway have a high-risk security vulnerability (CVE-2026-20251), please confirm as soon as possible

 
2026/7/9 ~ 2027/1/9
View Count:18

Forwarded National Information Security Analysis and Sharing Center Security Advisory Alert NISAC-200-202607-00000001

[Description]
Researchers have discovered an insecure deserialization vulnerability (Insecure Deserialization) (CVE-2026-20251) in Splunk Enterprise, Splunk Cloud Platform, and Splunk Secure Gateway. Authenticated remote attackers can exploit the deserialization of untrusted data to execute arbitrary code on affected servers. Please confirm and apply patches as soon as possible.

[Affected Platform]
Splunk Enterprise 10.2.0 to 10.2.3 versions
Splunk Enterprise 10.0.0 to 10.0.6 versions
Splunk Enterprise 9.4.0 to 9.4.11 versions
Splunk Enterprise 9.3.0 to 9.3.12 versions
Splunk Cloud Platform versions prior to 10.3.2512.12 (not including)
Splunk Cloud Platform versions prior to 10.2.2510.14 (not including)
Splunk Cloud Platform versions prior to 10.1.2507.22 (not including)
Splunk Cloud Platform versions prior to 9.3.2411.132 (not including)
Splunk Secure Gateway versions prior to 3.10.6 (not including)
Splunk Secure Gateway versions prior to 3.9.20 (not including)
Splunk Secure Gateway versions prior to 3.8.67 (not including)

[Recommendations]
The official has released fixes for the vulnerability. Please refer to the official instructions for updates at the following URL: https://advisory.splunk.com/advisories/SVD-2026-0601

[References]
1.https://nvd.nist.gov/vuln/detail/CVE-2026-20251
2.https://advisory.splunk.com/advisories/SVD-2026-0601

Files
system_update_alt參考資料1
system_update_alt參考資料2
Top↑