A critical vulnerability chain in Splunk Enterprise has been disclosed, enabling unauthenticated attackers to achieve remote code execution (RCE) through a misconfigured PostgreSQL sidecar service. Tracked as CVE-2026-20253, the flaw has a CVSS score of 9.8 and affects Splunk Enterprise 10 and...

#Sicherheitslücke

Original-Artikel öffnen Zurück zur Übersicht

ARTICLEVIEW

Splunk Enterprise Pre-Auth RCE Chain Exposes Database With Zero Authentication

VERWANDTEARTIKEL

Critical Wazuh Vulnerability Lets Attackers Tamper with Alerts and Delete Security Evidence

WinRAR Vulnerability Exploited by Russian Hackers to Deploy GIFTEDCROOK Stealer

Palo Alto Warns of GlobalProtect VPN Vulnerability Actively Exploited in the Wild

Cybergang ShinyHunters attackiert Oracle-PeopleSoft-Schwachstelle

Palo Alto Warns of Active Exploitation of PAN-OS GlobalProtect VPN Flaw

CVE-2026-12220 - Yealink SIP-T46U Firmware Chunk Upload handler accupgradebychunk mod_upgrade.SparePartsUpload stack-based overflow