Where
-Infinity
0

Trending

Last week
Last month
Last year

Splunk Secure GatewayImproper access control through push notifications for reports and alerts in Splunk Secure Gateway app

Risk 22
Severity
4.3
First published (updated )
CVE-2025-20383

Splunk splunkUnauthenticated Log Injection in Splunk Enterprise

Risk 27
Severity
5.3
First published (updated )
CVE-2025-20384

Splunk splunkStored Cross-Site scripting (XSS) through Anchor Tag "href" in Navigation Bar Collections in Splunk Enterprise

Risk 29
Severity
4.8
First published (updated )
CVE-2025-20385

Splunk splunkURL validation bypass through Views Dashboard in Splunk Enterprise

Risk 34
Severity
5.4
First published (updated )
CVE-2025-20382

Splunk EnterpriseUnauthenticated Blind Server Side Request Forgery (SSRF) in Splunk Enterprise

Risk 77
Severity
8.8
First published (updated )
CVE-2025-20371
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Splunk splunkRemote Command Execution through Scripted Input Files in Splunk Enterprise

Risk 62
Severity
6.8
First published (updated )
CVE-2025-20319

Splunk Splunk Cloud PlatformReflected Cross-Site Scripting (XSS) on Splunk Enterprise through dashboard PDF generation component

Risk 34
Severity
5.4
First published (updated )
CVE-2025-20297

Splunk Splunk EnterpriseMissing Access Control and Incorrect Ownership of Data in App Key Value Store (KVStore) collections in the Splunk Secure Gateway App

Risk 38
Severity
6.5
First published (updated )
CVE-2025-20230

Splunk Splunk Cloud PlatformRisky Command Safeguards Bypass in “/app/search/search“ endpoint through “s“ parameter in Splunk Enterprise

Risk 33
Severity
5.7
First published (updated )
CVE-2025-20232

Splunk Splunk Cloud PlatformRisky command safeguards bypass in “/services/streams/search“ endpoint through “q“ parameter in Splunk Enterprise

Risk 33
Severity
5.7
First published (updated )
CVE-2025-20226
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Splunk Splunk Cloud PlatformRisky command safeguards bypass in “/en-US/app/search/report“ endpoint through “s“ parameter

Risk 33
Severity
5.7
First published (updated )
CVE-2024-53244

Splunk Splunk EnterpriseInformation Disclosure in Mobile Alert Responses in Splunk Secure Gateway

Risk 22
Severity
4.3
First published (updated )
CVE-2024-53243

Splunk Splunk Cloud PlatformInformation Disclosure due to Username Collision with a Role that has the same Name as the User

Risk 22
Severity
4.3
First published (updated )
CVE-2024-53245

Splunk Splunk EnterpriseRemote Code Execution through Deserialization of Untrusted Data in Splunk Secure Gateway app

Risk 79
Severity
8.8
First published (updated )
CVE-2024-53247

Splunk splunkRemote Code Execution (RCE) through an external lookup due to “copybuckets.py“ script in the “splunk_archiver“ application in Splunk Enterprise

Risk 79
Severity
8.8
First published (updated )
CVE-2024-36985
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203