【Vulnerability Alert】Splunk Enterprise, Splunk Cloud Platform, and Splunk Secure Gateway Contain a High-Risk Security Vulnerability (CVE-2026-20251). Please Confirm and Apply Patches as Soon as Possible

publish date : 2026-07-13 update date : 2026-07-13

Source: Ministry of education information & communication security contingency platform

"" "" ""

Publication Number TACERT-ANA-2026070710075959 Publication Time 2026-07-07 10:37:00
Incident Type ANA-Vulnerability Alert Discovery Time 2026-07-07 10:37:00
Impact Level Middle  
[Subject]
【Vulnerability Alert】Splunk Enterprise, Splunk Cloud Platform, and Splunk Secure Gateway Contain a High-Risk Security Vulnerability (CVE-2026-20251). Please Confirm and Apply Patches as Soon as Possible
[Content]

Forwarded from the National Institute of Cyber Security Cybersecurity Alert NISAC-200-202607-00000001

Researchers discovered that Splunk Enterprise, Splunk Cloud Platform, and Splunk Secure Gateway contain an insecure deserialization vulnerability (CVE-2026-20251). An authenticated remote attacker may deserialize untrusted data to execute arbitrary code on the affected server. Please confirm and apply patches as soon as possible.

Information Sharing Level: WHITE (the intelligence content is information that may be publicly disclosed)

[Affected Platform]

Splunk Enterprise versions 10.2.0 to 10.2.3

Splunk Enterprise versions 10.0.0 to 10.0.6

Splunk Enterprise versions 9.4.0 to 9.4.11

Splunk Enterprise versions 9.3.0 to 9.3.12

Splunk Cloud Platform versions prior to 10.3.2512.12 (exclusive)

Splunk Cloud Platform versions prior to 10.2.2510.14 (exclusive)

Splunk Cloud Platform versions prior to 10.1.2507.22 (exclusive)

Splunk Cloud Platform versions prior to 9.3.2411.132 (exclusive)

Splunk Secure Gateway versions prior to 3.10.6 (exclusive)

Splunk Secure Gateway versions prior to 3.9.20 (exclusive)

Splunk Secure Gateway versions prior to 3.8.67 (exclusive)

[Recommended Actions]

The official vendor has released a remediation update for the vulnerability. Please refer to the official instructions for updating. The URL is as follows: https://advisory.splunk.com/advisories/SVD-2026-0601

[Reference]

1. https://nvd.nist.gov/vuln/detail/CVE-2026-20251
2. https://advisory.splunk.com/advisories/SVD-2026-0601

(This notification is for informational purposes only and does not constitute a cybersecurity incident).
If you have questions or suggestions regarding this notification, please feel free to contact us.
Ministry of education information & communication security contingency platform
Website: https://info.cert.tanet.edu.tw/
Phone: +886-7-5250211
Internet Phone: 98400000
E-Mail: service@cert.tanet.edu.tw
Organizer: Computer Center