Skip to content
  • Home
  • Cyber Map
  • About Us – Contact
  • Disclaimer
  • Terms and Rules
  • Privacy Policy
Cyber Web Spider Blog – News

Cyber Web Spider Blog – News

Globe Threat Map provides a real-time, interactive 3D visualization of global cyber threats. Monitor DDoS attacks, malware, and hacking attempts with geo-located arcs on a rotating globe. Stay informed with live logs and archive stats.

  • Home
  • Cyber Map
  • Cyber Security News
  • Security Week News
  • The Hacker News
  • How To?
  • Toggle search form
Splunk Resolves Vulnerabilities Exposing Data and Causing DoS

Splunk Resolves Vulnerabilities Exposing Data and Causing DoS

Posted on May 22, 2026 By CWS

Splunk has rolled out crucial security updates to tackle several vulnerabilities that could lead to denial-of-service (DoS) conditions and expose sensitive data. These updates impact Splunk Enterprise, Splunk Cloud Platform, and the Splunk AI Toolkit.

Security Flaws Disclosed

The vulnerabilities, made public on May 20, 2026, include CVE-2026-20238, CVE-2026-20239, and CVE-2026-20240. These flaws could potentially disrupt services and compromise data.

AI Toolkit Access Issue

A medium-severity issue, identified as CVE-2026-20238, affects versions of the Splunk AI Toolkit below 5.7.3. The flaw arises from misconfigured role inheritance, which improperly modifies default user roles, potentially allowing unauthorized access to sensitive data.

Splunk has addressed this issue in version 5.7.3. Until updates can be applied, organizations can disable the AI Toolkit or manually adjust the authorization.conf file. However, this workaround may inadvertently broaden access to certain indices, necessitating further restrictions.

Data Exposure from Logs

The vulnerability CVE-2026-20239, rated high-severity, impacts Splunk Enterprise and Splunk Cloud Platform due to poor output sanitization. Attackers could exploit this flaw to access sensitive log information, including session cookies and HTTP responses.

Splunk advises updating to the latest versions and restricting access to critical indexes to prevent unauthorized data retrieval.

Denial-of-Service Risk

Another high-severity flaw, CVE-2026-20240, involves improper input validation in the Splunk Archiver’s coldToFrozen.sh script. This vulnerability could allow low-privileged users to disrupt service by renaming essential directories.

To mitigate this risk, affected organizations should apply the latest patches or temporarily disable the Splunk Archiver app, acknowledging that this may impact data archiving processes.

Recommendations and Future Measures

Splunk strongly recommends updating all affected components and reviewing access controls to ensure security. These steps are essential in maintaining a secure environment and safeguarding against potential exploits.

Proper configuration and timely updates are pivotal in mitigating the risks associated with these vulnerabilities. Security professionals must remain vigilant and proactive in managing potential threats.

Cyber Security News Tags:access control, AI toolkit, cyber threats, Cybersecurity, data exposure, denial of service, input validation, logging security, patch management, security updates, Splunk, Splunk Cloud, Splunk Enterprise, system updates, Vulnerabilities

Post navigation

Previous Post: Major Cybercrime VPN Service Disrupted by Authorities
Next Post: Grafana Confirms Data Breach from TanStack Supply Chain Attack

Related Posts

MonetaStealer Malware Powered with AI Code Attacking macOS Users in the Wild MonetaStealer Malware Powered with AI Code Attacking macOS Users in the Wild Cyber Security News
Notepad++ Vulnerability Let Attackers Hijack Network Traffic to Install Malware via Updates Notepad++ Vulnerability Let Attackers Hijack Network Traffic to Install Malware via Updates Cyber Security News
Threat Actors Weaponize LNK Files With New REMCOS Variant That Bypasses AV Engines Threat Actors Weaponize LNK Files With New REMCOS Variant That Bypasses AV Engines Cyber Security News
Multiple Django Vulnerabilities Enable SQL injection and DoS Attack Multiple Django Vulnerabilities Enable SQL injection and DoS Attack Cyber Security News
Palo Alto Networks Firewall Vulnerability Allows Unauthenticated Attackers to Trigger Denial of Service Palo Alto Networks Firewall Vulnerability Allows Unauthenticated Attackers to Trigger Denial of Service Cyber Security News
Critical Flaw in KMW CCTV Allows Unauthorized Access Critical Flaw in KMW CCTV Allows Unauthorized Access Cyber Security News

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Recent Posts

  • Phishing Campaign Exploits AnyDesk for Espionage
  • GitLost Flaw Exposes GitHub Repos via AI Workflow
  • VECT and TeamPCP: Unveiling the Ransomware Supply Chain Strategy
  • Global Expansion of Gentlemen Ransomware Threats
  • Critical Flaw in Google Dialogflow CX Exposed

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Archives

  • July 2026
  • June 2026
  • May 2026
  • April 2026
  • March 2026
  • February 2026
  • January 2026
  • December 2025
  • November 2025
  • October 2025
  • September 2025
  • August 2025
  • July 2025
  • June 2025
  • May 2025

Recent Posts

  • Phishing Campaign Exploits AnyDesk for Espionage
  • GitLost Flaw Exposes GitHub Repos via AI Workflow
  • VECT and TeamPCP: Unveiling the Ransomware Supply Chain Strategy
  • Global Expansion of Gentlemen Ransomware Threats
  • Critical Flaw in Google Dialogflow CX Exposed

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Copyright © 2026 Cyber Web Spider Blog – News.

Powered by PressBook Masonry Dark