Splunk Enterprise CVE-2026-20253: KEV Arbitrary File Creation via PostgreSQL Sidecar
CISA added Splunk Enterprise CVE-2026-20253 to KEV on 2026-06-18. The vulnerability allows an unauthenticated user to create or truncate arbitrary files through a PostgreSQL sidecar service endpoint in affected Splunk Enterprise releases.