CVE-2026-20239
HIGH NVDCVSS Score
7.5
Severity
HIGH
Source
NVD
Published
May 20, 2026
Description
In Splunk Enterprise versions below 10.2.2 and 10.0.5, and Splunk Cloud Platform versions below 10.3.2512.8, 10.2.2510.11, 10.1.2507.21, and 10.0.2503.13, a user with a role that has access to the `_internal` index could view session cookies and response bodies that contain sensitive data.