Splunk Enterprise contains a critical vulnerability that permits unauthenticated users to create or delete arbitrary files via an exposed PostgreSQL sidecar endpoint. The flaw requires immediate patching under CISA’s BOD 26-04 guidance, with a deadline of June 21, 2026. Organizations unable to apply patches should discontinue use or implement appropriate mitigations.

Why it matters in Western Canada: Splunk is widely deployed in Canadian public sector, healthcare, energy, and financial organizations for security monitoring and log analysis. An unauthenticated file manipulation vulnerability poses significant risk to data integrity and system stability across critical infrastructure sectors.

CVEs: CVE-2026-20253

---

Summary generated from the original advisory. Read the full source: cisa-kev