{"vulnerability": "CVE-2026-20253", "sightings": [{"uuid": "7d35ed86-ce2b-4d80-bc9f-526375ade751", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20253", "type": "seen", "source": "https://bsky.app/profile/crustytldr.bsky.social/post/3mnxprjs3hj2n", "content": "\ud83d\udd12 Splunk Enterprise PostgreSQL sidecar has no auth (CVE-2026-20253, CVSS 9.8)\n\nA critical vulnerability (CVE-2026-20253, CVSS 9.8) in Splunk Enterprise's PostgreSQL sidecar allows u...\n\nhttps://tinyurl.com/257xzcyw #CyberSecurity #InfoSec #CrustyTLDR", "creation_timestamp": "2026-06-10T22:04:55.260328Z"}, {"uuid": "0ba19640-7152-449e-adee-edc6412159e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-20253", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mnyac2nix62p", "content": "Splunk Enterprise CRITICAL vuln: Unauthenticated file operations via PostgreSQL sidecar endpoint in 10.2 & 10.0. Restrict access ASAP while awaiting patch. Details: https://radar.offseq.com/threat/cve-2026-20253-the-software-does-not-perform-any-a-b96d376c #OffSeq #Splunk #Vuln", "creation_timestamp": "2026-06-11T03:00:30.340014Z"}, {"uuid": "ade6feaa-1dee-4159-9574-0d2114be5ac7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20253", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/116731553105843867", "content": "Attention, elevated activities detected targeting Splunk Enterprise and Cloud Platform (CVE-2026-20253) https://vuldb.com/vuln/370218/cti", "creation_timestamp": "2026-06-11T12:49:06.254176Z"}, {"uuid": "fb92c7f7-75e4-45b0-9fe0-3700c14afab9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-20253", "type": "seen", "source": "https://www.acn.gov.it/portale/w/rilevate-vulnerabilita-in-prodotti-splunk-3", "content": "", "creation_timestamp": "2026-06-11T00:32:43.000000Z"}, {"uuid": "cd7cd914-67a9-47f7-82d8-a565db2675f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20253", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mo57ksxbqi2d", "content": "Top 3 CVE for last 7 days:\nCVE-2026-35273: 49 interactions\nCVE-2026-11645: 29 interactions\nCVE-2025-10263: 25 interactions\n\n\nTop 3 CVE for yesterday:\nCVE-2026-35273: 16 interactions\nCVE-2026-20253: 10 interactions\nCVE-2026-12060: 4 interactions\n", "creation_timestamp": "2026-06-13T02:36:46.598145Z"}, {"uuid": "f5ee0f47-256c-42dc-a4d4-50ba213aee9e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20253", "type": "seen", "source": "https://bsky.app/profile/r-netsec-bot.bsky.social/post/3mo4m5aitce25", "content": "Why Use App-Level Auth When Every Database Has Auth? (Splunk Enterprise CVE-2026-20253 Pre-Auth RCE) - watchTowr Labs", "creation_timestamp": "2026-06-12T20:43:12.680655Z"}, {"uuid": "e73bc09c-8b75-457c-be4f-d1b3e9f183d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-20253", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/splunk-products-multiple-vulnerabilities_20260612", "content": "", "creation_timestamp": "2026-06-11T18:00:00.000000Z"}, {"uuid": "ab2d9784-1ea6-4d6d-a93f-ad35c5b628f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-20253", "type": "published-proof-of-concept", "source": "https://labs.watchtowr.com/why-use-app-level-auth-when-every-database-has-auth-splunk-enterprise-cve-2026-20253-pre-auth-rce", "content": "", "creation_timestamp": "2026-06-12T16:34:13.237000Z"}, {"uuid": "36e95dd6-01d3-4f25-8938-9d5bb7b06add", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20253", "type": "seen", "source": "https://infosec.exchange/users/dragonjar/statuses/116742457490759004", "content": "En las \u00faltimas 24 horas, se han descubierto vulnerabilidades cr\u00edticas en Splunk Enterprise y Windows que permiten ejecuci\u00f3n remota y evasi\u00f3n de sandbox, mientras un fallo de m\u00e1s de una d\u00e9cada en phpBB revela la necesidad de auditor\u00edas continuas; adem\u00e1s, la IA ampl\u00eda la superficie de ataque y AMD enfrenta controversia por retraso en parche y rechazo a recompensa. Descubre estos y m\u00e1s detalles en el siguiente listado de noticias sobre seguridad inform\u00e1tica:\n\ud83d\uddde\ufe0f \u00daLTIMAS NOTICIAS EN SEGURIDAD INFORM\u00c1TICA \ud83d\udd12====| \ud83d\udd25 LO QUE DEBES SABER HOY \ufeff\ufeff13/06/26\ufeff\ufeff  \ud83d\udcc6 |==== \n\ud83d\udd10 VULNERABILIDAD CR\u00cdTICA EN SPLUNK ENTERPRISE CVE-2026-20253\nSe ha revelado una grave vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo (RCE) en Splunk Enterprise, identificada como CVE-2026-20253, que permite a atacantes comprometer sistemas antes de la autenticaci\u00f3n. Este fallo pone en riesgo datos sensibles en entornos empresariales, subrayando la importancia de implementar autenticaci\u00f3n a nivel de aplicaci\u00f3n adem\u00e1s de la propia base de datos. Mantenerse actualizado con los parches y reforzar las capas de seguridad es clave para mitigar este tipo de amenazas. Descubre el an\u00e1lisis completo y recomendaciones de protecci\u00f3n aqu\u00ed \ud83d\udc49 https://djar.co/D5AoI\n\ud83e\udd16 LA INTELIGENCIA ARTIFICIAL EXPANDE LA SUPERFICIE DE ATAQUE\nLa r\u00e1pida adopci\u00f3n de inteligencia artificial est\u00e1 transformando no solo el desarrollo de software, sino tambi\u00e9n la seguridad, ampliando notablemente la superficie de ataque en proyectos de c\u00f3digo abierto, SaaS y equipos \u00e1giles. El desaf\u00edo radica en detectar y anticipar brechas potenciales que ahora pueden surgir desde m\u00faltiples puntos de entrada y procesos automatizados. Adoptar una mentalidad proactiva que asuma la posibilidad de compromiso es vital para fortalecer defensas y limitar da\u00f1os. Profundiza en c\u00f3mo prepararte ante esta nueva realidad de ciberseguridad \ud83d\udc49 https://djar.co/TMCu\n\u26a0\ufe0f AMD RECHAZA PAGO DE RECOMPENSA POR FALLA CR\u00cdTICA QUE TARD\u00d3 124 D\u00cdAS EN PARCHEARSE\nUna vulnerabilidad cr\u00edtica en el actualizador autom\u00e1tico de AMD puso en riesgo sistemas durante m\u00e1s de cuatro meses antes de ser corregida. A pesar de la gravedad, la empresa neg\u00f3 la recompensa de 10,000 d\u00f3lares solicitada por el investigador que report\u00f3 el fallo. Este caso refleja la complejidad y controversia en la gesti\u00f3n de programas de bug bounty, adem\u00e1s de la necesidad de mejorar los tiempos de respuesta ante vulnerabilidades que afectan la cadena de suministro tecnol\u00f3gica. Explora los detalles y lecciones de este incidente aqu\u00ed \ud83d\udc49 https://djar.co/B0LC\n\ud83d\udee1\ufe0f PHPBB SOLUCIONA VULNERABILIDAD DE EVASI\u00d3N DE AUTENTICACI\u00d3N DE M\u00c1S DE UNA D\u00c9CADA\nUna brecha presente durante m\u00e1s de diez a\u00f1os en phpBB, uno de los foros m\u00e1s populares, permit\u00eda a atacantes sortear la autenticaci\u00f3n y obtener acceso con privilegios administrativos. Esta vulnerabilidad cr\u00edtica resalta la importancia de auditor\u00edas continuas en software de larga vida y en proyectos comunitarios. Los administradores deben actualizar inmediatamente para proteger sus comunidades y evitar accesos no autorizados que pueden comprometer la integridad de sus plataformas. Lee el informe completo y aplique las medidas recomendadas \ud83d\udc49 https://t.co/eUXZqMUPpu\n\ud83d\udd75\ufe0f\u200d\u2642\ufe0f CVE-2026-40369: FUGA DE LA SANDBOX DEL NAVEGADOR EN WINDOWS\nUna vulnerabilidad t\u00e9cnica en Windows, identificada como CVE-2026-40369, permite a atacantes evadir la sandbox de los navegadores mediante una manipulaci\u00f3n directa en el kernel, abriendo la puerta a la ejecuci\u00f3n de c\u00f3digo malicioso fuera del entorno seguro habitual. Esta falla representa un riesgo para la seguridad del usuario y la integridad de los datos, especialmente en entornos de navegaci\u00f3n restringida. Mantener los sistemas actualizados y utilizar herramientas de protecci\u00f3n avanzadas es fundamental para mitigar este tipo de amenazas. Revisa el an\u00e1lisis detallado y recomendaciones aqu\u00ed \ud83d\udc49 https://djar.co/vBsmF", "creation_timestamp": "2026-06-13T11:02:14.138854Z"}, {"uuid": "e015ee5a-4779-42c2-99ce-7e58c998a2b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20253", "type": "seen", "source": "https://bsky.app/profile/postac001.bsky.social/post/3mo6f7mfj5y2r", "content": "Splunk Enterprise (v10.2.4/10.0.7\u672a\u6e80)\u306b\u8a8d\u8a3c\u306a\u3057\u3067\u30b3\u30fc\u30c9\u5b9f\u884c\u53ef\u80fd\u306a\u8106\u5f31\u6027(CVE-2026-20253)\u3042\u308a\u3002\u653b\u6483\u8005\u306f\u4efb\u610f\u30d5\u30a1\u30a4\u30eb\u64cd\u4f5c\u3084\u30b3\u30fc\u30c9\u5b9f\u884c\u53ef\u80fd\u3002", "creation_timestamp": "2026-06-13T13:44:35.915786Z"}, {"uuid": "a38e749b-7774-4909-b2f9-95a4498206f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20253", "type": "seen", "source": "https://bsky.app/profile/infosecbriefly.bsky.social/post/3mo6fse272l2z", "content": "CVE-2026-20253 enables unauthenticated file operations and potential pre-authenticated remote code execution in vulnerable Splunk Enterprise versions via PostgreSQL sidecar endpoints.\n", "creation_timestamp": "2026-06-13T13:55:03.883127Z"}, {"uuid": "0912cdf1-4270-481c-aa9a-9bbf1b1c259b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20253", "type": "seen", "source": "https://thehackernews.com/2026/06/critical-splunk-enterprise-flaw-lets.html", "content": "Splunk has released security updates to address a critical security flaw in Splunk Enterprise that could be exploited to conduct unauthenticated file operations and even remote code execution.\n\nThe vulnerability, tracked as CVE-2026-20253, is rated 9.8 on the CVSS scoring system.\n\n\"In Splunk Enterprise versions below 10.2.4 and 10.0.7, an unauthenticated user could create or truncate arbitrary", "creation_timestamp": "2026-06-13T11:23:03.000000Z"}, {"uuid": "d3f94e6e-8540-4832-bb87-ca0dd592bf20", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20253", "type": "seen", "source": "https://bsky.app/profile/undercode.bsky.social/post/3mo7lqcnwqq2j", "content": "\u201cSecurity Tool is the Backdoor\u201d: Inside Splunk\u2019s CVSS 98 Nightmare (CVE-2026-20253)\n\nUnauthenticated Attackers Can Wreak Havoc via a PostgreSQL Sidecar\u2014Update Now. Introduction: A chilling irony has emerged in the cybersecurity world: a security tool designed to be your organization\u2019s eyes and ears\u2026", "creation_timestamp": "2026-06-14T01:13:58.492740Z"}, {"uuid": "75531da0-7774-4f93-b7b9-6cdcf5d36f4e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20253", "type": "seen", "source": "https://bsky.app/profile/PostgreSQL.activitypub.awakari.com.ap.brid.gy/post/3mo72jumcb5p2", "content": "Why Use App-Level Auth When Every Database Has Auth? (Splunk Enterprise CVE-2026-20253 Pre-Auth RCE) Three posts? In three days? Are we insane? We're home alone, there's no one to stop us, ...\n\n\nOrigin | Interest | Match", "creation_timestamp": "2026-06-13T20:09:11.793221Z"}, {"uuid": "ce3761a4-4264-4110-9c1c-69ce9d68bc76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-20253", "type": "seen", "source": "https://mastodon.social/ap/users/115426718704364579/statuses/116749583315802938", "content": "\ud83d\udcf0 Splunk Scrambles to Patch Critical 9.8 CVSS Flaw Allowing Unauthenticated RCE\n\ud83d\udea8 CRITICAL Splunk Enterprise flaw (CVE-2026-20253) allows unauthenticated RCE! CVSS 9.8. Attackers can execute code via an insecure PostgreSQL endpoint. On-premise versions 10.0.x and 10.2.x are vulnerable. Patch now! #Splunk #RCE #CyberSecurity\n\ud83c\udf10 cyber[.]netsecops[.]io\n\ud83d\udd17 https://cyber.netsecops.io/articles/critical-splunk-enterprise-flaw-cve-2026-20253-allows-unauthenticated-rce/?utm_s\u2026", "creation_timestamp": "2026-06-14T17:14:27.256752Z"}, {"uuid": "0e2ca41b-c73d-4ecf-807a-8a472f527c26", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20253", "type": "seen", "source": "https://bsky.app/profile/netsecio.bsky.social/post/3mobbgmm3og2c", "content": "\ud83d\udea8 CRITICAL Splunk Enterprise flaw (CVE-2026-20253) allows unauthenticated RCE! CVSS 9.8. Attackers can execute code via an insecure PostgreSQL endpoint. On-premise versions 10.0.x and 10.2.x are vulnerable. Patch now! #Splunk #RCE #CyberSecurity\n\n\ud83c\udf10 cyber[.]netsecops[.]io", "creation_timestamp": "2026-06-14T17:14:54.834617Z"}, {"uuid": "4c79c5d2-604c-4a5b-b7bd-be1726ca317a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20253", "type": "seen", "source": "https://bsky.app/profile/technoholic.bsky.social/post/3mobkrgxdyr2x", "content": "Splunk released security updates for CVE-2026-20253, a 9.8 flaw in versions below 10.2.4 & 10.0.7. It allows unauthenticated file operations & remote code execution. Update now!", "creation_timestamp": "2026-06-14T20:02:01.409843Z"}, {"uuid": "1b1e7840-eab1-40d5-99a4-eb675097c61d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-20253", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3moaoklb3gd2s", "content": "\ud83d\udccc Analysis of Splunk Enterprise CVE-2026-20253 Pre-Authentication RCE Vulnerability https://www.cyberhub.blog/article/27000-analysis-of-splunk-enterprise-cve-2026-20253-pre-authentication-rce-vulnerability", "creation_timestamp": "2026-06-14T11:37:06.186576Z"}, {"uuid": "56eae5f7-a224-41b3-8292-444a5de29f77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20253", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2026/CVE-2026-20253.yaml", "content": "", "creation_timestamp": "2026-06-12T21:07:17.000000Z"}, {"uuid": "02367972-eb52-4467-8a68-fc64f18f584b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20253", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mob6v3fxvm2x", "content": "CVE-2026-20253 \u2014 Splunk Enterprise Unauthenticated RCE", "creation_timestamp": "2026-06-14T16:29:18.477595Z"}, {"uuid": "dadb2ce8-1f4b-4236-974e-d6b4091155c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-20253", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2026-0198", "content": "", "creation_timestamp": "2026-06-15T01:27:12.000000Z"}, {"uuid": "7d3e0ebb-684b-46f0-ba7c-3f994807c56d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20253", "type": "seen", "source": "https://infosec.exchange/users/tomcat/statuses/116751343889084181", "content": "\ud83d\udea8 ALERT - A critical Splunk Enterprise flaw can go from \u201cno login required\u201d to remote code execution.\nTracked as CVE-2026-20253, the bug carries a 9.8 CVSS score and affects vulnerable Splunk Enterprise servers through exposed PostgreSQL sidecar endpoints.\nThe exploit chain is now public.\nRead the full story: https://thehackernews.com/2026/06/critical-splunk-enterprise-flaw-lets.html", "creation_timestamp": "2026-06-15T00:42:10.016254Z"}, {"uuid": "d5f8d919-cdb2-4dba-9105-207600ab533c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20253", "type": "seen", "source": "https://bsky.app/profile/getpacketai.bsky.social/post/3modnqc3owd2d", "content": "Critical Splunk Enterprise pre-auth RCE discovered: researchers show why app-level auth matters when database security alone isn't enough. CVE-2026-20253\u2026\n\nhttps://www.reddit.com/r/netsec/comments/1u46wbb/why_use_applevel_auth_when_every_database_has/\n\n#cybersecurity #infosec", "creation_timestamp": "2026-06-15T16:00:23.031912Z"}, {"uuid": "bf34af53-bb3b-4304-ae71-b545c68301bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20253", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3modo4fgkeo2f", "content": "\ud83d\udccc CVE-2026-20253 - In Splunk Enterprise versions below 10.2.4 and 10.0.7, and Splunk Cloud Platform versions below 10.4.2604.3 and 10.2.2510.14, an unauthenticated user ... https://www.cyberhub.blog/cves/CVE-2026-20253", "creation_timestamp": "2026-06-15T16:07:09.321371Z"}]}