CISA: Splunk Enterprise flaw actively exploited, patch by Sunday

CISA ordered federal agencies to patch a critical Splunk Enterprise vulnerability, CVE-2026-20253, by Sunday due to active exploitation. The flaw affects versions 10.2.0 to 10.2.3 and 10.0.0 to 10.0.6, allowing unauthenticated remote attackers to create or truncate files via a PostgreSQL sidecar endpoint.