CVE-2026-20254 | Splunk Enterprise/Cloud Platform CSS injection (SVD-2026-0604)

June 10, 2026 Yanac

A vulnerability was found in Splunk Enterprise and Cloud Platform and classified as critical. This issue affects some unknown processing of the component CSS Handler. Such manipulation leads to injection.

This vulnerability is referenced as CVE-2026-20254. It is possible to launch the attack remotely. No exploit is available.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More