{"data":{"id":"d37258e9-dfab-423a-81a6-9919c45edf51","title":"CVE-2026-20253: Splunk Enterprise Missing Authentication for Critical Function Vulnerability","summary":"Splunk Enterprise has a critical security flaw where a PostgreSQL sidecar service endpoint (a supporting service that handles database connections) doesn't require authentication (proof of identity), allowing an attacker without credentials to create or delete arbitrary files. This vulnerability is currently being exploited in real attacks in the wild.","solution":"N/A -- no mitigation discussed in source. The advisory instructs users to apply mitigations \"in accordance with vendor instructions\" and follow CISA BOD 26-04 guidance, but does not specify what those mitigations or patches are. Users should consult the Splunk advisory (https://advisory.splunk.com/advisories/SVD-2026-0603) for specific vendor-provided fixes.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2026-20253","publishedAt":"2026-06-18T00:00:00.000Z","cveId":"CVE-2026-20253","cweIds":["CWE-306"],"cvssScore":null,"cvssSeverity":null,"severity":"high","attackType":["other"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["Splunk Enterprise"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"active","epssScore":0.01731,"patchAvailable":true,"disclosureDate":"2026-06-18T00:00:00.000Z","capecIds":["CAPEC-115"],"crossRefCount":0,"attackSophistication":"trivial","impactType":["integrity","availability"],"aiComponentTargeted":null,"llmSpecific":false,"classifierConfidence":0.7,"researchCategory":null,"atlasIds":null}}