Critical Splunk Enterprise Flaw Lets Attackers Run Code Without Authentication

Splunk patched CVE-2026-20253, a critical flaw rated 9.8 on CVSS, in Splunk Enterprise versions below 10.2.4 and 10.0.7. The vulnerability allows unauthenticated attackers to create or truncate files via a PostgreSQL sidecar endpoint, leading to remote code execution. Splunk Cloud is not affected.