TECH NEWS

Splunk Enterprise Vulnerability Exploited in Attacks Days After Disclosure

Vulnerabilities

CISA has given federal agencies only three days to patch CVE-2026-20253, which can be exploited for unauthenticated remote code execution.

A critical Splunk Enterprise vulnerability is being exploited in attacks only days after its public disclosure, and organizations have been urged to patch it immediately.

The vulnerability is tracked as CVE-2026-20253 and Splunk’s advisory says it can be exploited by an unauthenticated attacker to create or truncate arbitrary files via a PostgreSQL sidecar service endpoint.

“The vulnerability exists because the PostgreSQL sidecar service endpoint lacks authentication controls, allowing any network-reachable user to invoke file operations without credentials,” Splunk said in its advisory.

The security hole affects Splunk Enterprise versions 10.2 before 10.2.4 and 10.0 before 10.0.7. Cisco-owned Splunk announced the availability of patches on June 10.

Two days after its disclosure, researchers at cybersecurity firm WatchTowr demonstratedhow CVE-2026-20253 can be exploited by an unauthenticated attacker for remote code...

Copyright of this story solely belongs to securityweek.com. To see the full text click HERE

https://platform.theverge.com/wp-content/uploads/sites/2/2026/04/STK155_OPEN_AI_CVirginia_C.jpg?quality=90&strip=all&crop=0%2C10.732984293194%2C100%2C78.534031413613&w=1200

Barret Zoph leaves OpenAI again five months after rejoining in January; Zoph initially left OpenAI in 2024 to serve as Thinking Machines Lab co-founder and CTO

Sponsor Posts Fast, affordable law for startups — Soxton automates startup legal so founders can move faster and sleep better. We handle incorporation, advisor, employment and commercial contracts. Join the waitlist for early access! Accelerate AI Adoption at F5's AI Virtual Summit — Learn how to architect, secure, and scale

https://www.sciencedaily.com/images/1920/spacecraft-satellite-orbiting-earth.webp

SpaceX wants to build AI data centers in space. Will it work?

Imagine if one company could become the railroad, electric utility and cloud-computing provider of the emerging space economy. That potential fueled excitement around the long-anticipated initial public offering of SpaceX. Investors are not simply betting on rockets anymore. They are betting on an entire orbital ecosystem. Among the most ambitious

https://www.cnet.com/a/img/resize/b24f541def97e6dcdaa1fb4607182d8b5dbfc5c1/hub/2026/06/18/577e60d6-4340-4608-b811-b1fa85b742fd/10-bne-suprise-01.png?auto=webp&fit=crop&height=675&width=1200

Grave Seasons Lets You Date the Serial Killer Plaguing Your Cute Town

Nothing says romance like the imminent risk of death -- either to your crush or to whom they've targeted for their next kill. Grave Seasons is the debut game from studio Perfect Garbage Studios, which I tried out at last year's Summer Game Fest with the

Barret Zoph is out at OpenAI again after just five months

Hayden Field is The Verge’s senior AI reporter. An AI beat reporter for more than five years, her work has also appeared in CNBC, MIT Technology Review, Wired UK, and other outlets. Five months after returning to OpenAI, Barret Zoph — the company’s head of enterprise AI sales — has

Vulnerabilities

Read more

Barret Zoph leaves OpenAI again five months after rejoining in January; Zoph initially left OpenAI in 2024 to serve as Thinking Machines Lab co-founder and CTO

SpaceX wants to build AI data centers in space. Will it work?

Grave Seasons Lets You Date the Serial Killer Plaguing Your Cute Town

Barret Zoph is out at OpenAI again after just five months