Threat Intelligence Database
Comprehensive database of the latest cyber threats affecting organizations worldwide. Filter and search to find specific threat intelligence relevant to your organization.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Search Results: "CVE-2026-20253"
Click on any threat for detailed analysis and mitigation recommendations
Splunk Enterprise Vulnerability Exploited in Attacks Days After Disclosure 0 A critical vulnerability (CVE-2026-20253) in Splunk Enterprise allows unauthenticated attackers to create or truncate arbitrary files via a PostgreSQL sidecar service endpoint lacking authentication controls. The flaw affects Splunk Enterprise versions 10.2 before 10.2.4 and 10.0 before 10.0.7. Exploitation was confirmed shortly after public disclosure, with proof-of-concept code published. CISA has added this vulnerability to its Known Exploited Vulnerabilities catalog and mandated rapid patching for federal agencies. Splunk has released patches to remediate the issue and strongly recommends upgrading to fixed versions. Join the discussion | Reddit Cybersecurity | 06/19/2026, 05:28:00 UTC Added: 06/19/2026, 05:49:56 UTC |
Splunk Enterprise had an unauthenticated RCE sitting in your security stack 0 CVE-2026-20253 is a critical unauthenticated remote code execution vulnerability in Splunk Enterprise affecting versions below 10.0.7 and 10.2.4. The flaw exists due to a lack of authentication on the PostgreSQL sidecar service endpoints, allowing any network-reachable attacker to perform arbitrary file operations and execute code remotely. Splunk Cloud is not affected. A patch is available and users are strongly advised to update to fixed versions. Join the discussion | Reddit Cybersecurity | 06/13/2026, 13:59:24 UTC Added: 06/13/2026, 14:09:17 UTC |
CVE-2026-20253: The software does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources. in Splunk Splunk EnterpriseCVE-2026-20253 0 In Splunk Enterprise 10.2 versions below 10.2.4 and 10 versions below 10.0.7, an unauthenticated user could create or truncate arbitrary files through a PostgreSQL sidecar service endpoint. The vulnerability exists because the PostgreSQL sidecar service endpoint lacks authentication controls, allowing any network-reachable user to invoke file operations without credentials. Splunk Enterprise versions 9.4 and earlier are not affected. If you cannot immediately upgrade to a fixed version, you can mitigate this vulnerability by disabling the PostgreSQL sidecar service. Join the discussion | CVE Database V5 | 06/10/2026, 17:16:21 UTC Added: 06/10/2026, 18:17:15 UTC |
Showing 1 to 3 of 3 results