CVE-2026-20205: Sensitive Information Disclosure in ''_internal'' index in Splunk MCP Server app
In Splunk MCP Server app versions below 1.0.3 , a user who holds a role with access to the Splunk `_internal` index or possesses the high-privilege capability `mcp_tool_admin` could view users session and authorization tokens in clear text.<br><br>The vulnerability would require either local access to the log files or administrative access to internal indexes, which by default only the admin role receives. <br><br>Review roles and capabilities on your instance and restrict internal index access to administrator-level roles. See [Define roles on the Splunk platform with capabilities](https://docs.splunk.com/Documentation/Splunk/latest/Security/Rolesandcapabilities) and [Connecting to MCP Server and Admin settings](https://help.splunk.com/en/splunk-enterprise/mcp-server-for-splunk-platform/connecting-to-mcp-server-and-admin-settings) in the Splunk documentation for more information.
Affected Software
Event History
Frequently Asked Questions
What is the severity of CVE-2026-20205?
CVE-2026-20205 has been classified as a high severity vulnerability.
How do I fix CVE-2026-20205?
To fix CVE-2026-20205, you should upgrade the Splunk MCP Server app to version 1.0.3 or later.
What types of sensitive information are disclosed by CVE-2026-20205?
CVE-2026-20205 can disclose user session and authorization details.
Who is affected by CVE-2026-20205?
Users with roles that have access to the Splunk `_internal` index or possess the `mcp_tool_admin` capability are affected by CVE-2026-20205.
What versions of the Splunk MCP Server app are vulnerable to CVE-2026-20205?
Splunk MCP Server app versions below 1.0.3 are vulnerable to CVE-2026-20205.