https://vulnerability.circl.lu/sightings/feed 2026-06-15T16:05:09.810397+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/75531da0-7774-4f93-b7b9-6cdcf5d36f4e/export 2026-06-15T16:05:09.816828+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "75531da0-7774-4f93-b7b9-6cdcf5d36f4e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20253", "type": "seen", "source": "https://bsky.app/profile/PostgreSQL.activitypub.awakari.com.ap.brid.gy/post/3mo72jumcb5p2", "content": "Why Use App-Level Auth When Every Database Has Auth? (Splunk Enterprise CVE-2026-20253 Pre-Auth RCE) Three posts? In three days? Are we insane? We're home alone, there's no one to stop us, ...\n\n\nOrigin | Interest | Match", "creation_timestamp": "2026-06-13T20:09:11.793221Z"} 2026-06-13T20:09:11.793221+00:00 https://vulnerability.circl.lu/sighting/d3f94e6e-8540-4832-bb87-ca0dd592bf20/export 2026-06-15T16:05:09.816745+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "d3f94e6e-8540-4832-bb87-ca0dd592bf20", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20253", "type": "seen", "source": "https://bsky.app/profile/undercode.bsky.social/post/3mo7lqcnwqq2j", "content": "\u201cSecurity Tool is the Backdoor\u201d: Inside Splunk\u2019s CVSS 98 Nightmare (CVE-2026-20253)\n\nUnauthenticated Attackers Can Wreak Havoc via a PostgreSQL Sidecar\u2014Update Now. Introduction: A chilling irony has emerged in the cybersecurity world: a security tool designed to be your organization\u2019s eyes and ears\u2026", "creation_timestamp": "2026-06-14T01:13:58.492740Z"} 2026-06-14T01:13:58.492740+00:00 https://vulnerability.circl.lu/sighting/1b1e7840-eab1-40d5-99a4-eb675097c61d/export 2026-06-15T16:05:09.816661+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "1b1e7840-eab1-40d5-99a4-eb675097c61d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-20253", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3moaoklb3gd2s", "content": "\ud83d\udccc Analysis of Splunk Enterprise CVE-2026-20253 Pre-Authentication RCE Vulnerability https://www.cyberhub.blog/article/27000-analysis-of-splunk-enterprise-cve-2026-20253-pre-authentication-rce-vulnerability", "creation_timestamp": "2026-06-14T11:37:06.186576Z"} 2026-06-14T11:37:06.186576+00:00 https://vulnerability.circl.lu/sighting/02367972-eb52-4467-8a68-fc64f18f584b/export 2026-06-15T16:05:09.816591+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "02367972-eb52-4467-8a68-fc64f18f584b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20253", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mob6v3fxvm2x", "content": "CVE-2026-20253 \u2014 Splunk Enterprise Unauthenticated RCE", "creation_timestamp": "2026-06-14T16:29:18.477595Z"} 2026-06-14T16:29:18.477595+00:00 https://vulnerability.circl.lu/sighting/ce3761a4-4264-4110-9c1c-69ce9d68bc76/export 2026-06-15T16:05:09.816509+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "ce3761a4-4264-4110-9c1c-69ce9d68bc76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-20253", "type": "seen", "source": "https://mastodon.social/ap/users/115426718704364579/statuses/116749583315802938", "content": "\ud83d\udcf0 Splunk Scrambles to Patch Critical 9.8 CVSS Flaw Allowing Unauthenticated RCE\n\ud83d\udea8 CRITICAL Splunk Enterprise flaw (CVE-2026-20253) allows unauthenticated RCE! CVSS 9.8. Attackers can execute code via an insecure PostgreSQL endpoint. On-premise versions 10.0.x and 10.2.x are vulnerable. Patch now! #Splunk #RCE #CyberSecurity\n\ud83c\udf10 cyber[.]netsecops[.]io\n\ud83d\udd17 https://cyber.netsecops.io/articles/critical-splunk-enterprise-flaw-cve-2026-20253-allows-unauthenticated-rce/?utm_s\u2026", "creation_timestamp": "2026-06-14T17:14:27.256752Z"} 2026-06-14T17:14:27.256752+00:00 https://vulnerability.circl.lu/sighting/0e2ca41b-c73d-4ecf-807a-8a472f527c26/export 2026-06-15T16:05:09.816433+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "0e2ca41b-c73d-4ecf-807a-8a472f527c26", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20253", "type": "seen", "source": "https://bsky.app/profile/netsecio.bsky.social/post/3mobbgmm3og2c", "content": "\ud83d\udea8 CRITICAL Splunk Enterprise flaw (CVE-2026-20253) allows unauthenticated RCE! CVSS 9.8. Attackers can execute code via an insecure PostgreSQL endpoint. On-premise versions 10.0.x and 10.2.x are vulnerable. Patch now! #Splunk #RCE #CyberSecurity\n\n\ud83c\udf10 cyber[.]netsecops[.]io", "creation_timestamp": "2026-06-14T17:14:54.834617Z"} 2026-06-14T17:14:54.834617+00:00 https://vulnerability.circl.lu/sighting/4c79c5d2-604c-4a5b-b7bd-be1726ca317a/export 2026-06-15T16:05:09.816345+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "4c79c5d2-604c-4a5b-b7bd-be1726ca317a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20253", "type": "seen", "source": "https://bsky.app/profile/technoholic.bsky.social/post/3mobkrgxdyr2x", "content": "Splunk released security updates for CVE-2026-20253, a 9.8 flaw in versions below 10.2.4 & 10.0.7. It allows unauthenticated file operations & remote code execution. Update now!", "creation_timestamp": "2026-06-14T20:02:01.409843Z"} 2026-06-14T20:02:01.409843+00:00 https://vulnerability.circl.lu/sighting/7d3e0ebb-684b-46f0-ba7c-3f994807c56d/export 2026-06-15T16:05:09.816255+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "7d3e0ebb-684b-46f0-ba7c-3f994807c56d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20253", "type": "seen", "source": "https://infosec.exchange/users/tomcat/statuses/116751343889084181", "content": "\ud83d\udea8 ALERT - A critical Splunk Enterprise flaw can go from \u201cno login required\u201d to remote code execution.\nTracked as CVE-2026-20253, the bug carries a 9.8 CVSS score and affects vulnerable Splunk Enterprise servers through exposed PostgreSQL sidecar endpoints.\nThe exploit chain is now public.\nRead the full story: https://thehackernews.com/2026/06/critical-splunk-enterprise-flaw-lets.html", "creation_timestamp": "2026-06-15T00:42:10.016254Z"} 2026-06-15T00:42:10.016254+00:00 https://vulnerability.circl.lu/sighting/dadb2ce8-1f4b-4236-974e-d6b4091155c7/export 2026-06-15T16:05:09.815529+00:00 Joseph Lee https://cvepremium.circl.lu/user/syspect {"uuid": "dadb2ce8-1f4b-4236-974e-d6b4091155c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-20253", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2026-0198", "content": "", "creation_timestamp": "2026-06-15T01:27:12.000000Z"} 2026-06-15T01:27:12+00:00 https://vulnerability.circl.lu/sighting/d5f8d919-cdb2-4dba-9105-207600ab533c/export 2026-06-15T16:05:09.814237+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "d5f8d919-cdb2-4dba-9105-207600ab533c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20253", "type": "seen", "source": "https://bsky.app/profile/getpacketai.bsky.social/post/3modnqc3owd2d", "content": "Critical Splunk Enterprise pre-auth RCE discovered: researchers show why app-level auth matters when database security alone isn't enough. CVE-2026-20253\u2026\n\nhttps://www.reddit.com/r/netsec/comments/1u46wbb/why_use_applevel_auth_when_every_database_has/\n\n#cybersecurity #infosec", "creation_timestamp": "2026-06-15T16:00:23.031912Z"} 2026-06-15T16:00:23.031912+00:00