VDB

CVE-2026-20144

CVE-2026-20144 PUBLISHED CVSS 6.800000190734863 MEDIUM

In Splunk Enterprise versions below 10.2.0, 10.0.2, 9.4.7, 9.3.8, and 9.2.11, and Splunk Cloud Platform versions below 10.2.2510.0, 10.1.2507.11, 10.0.2503.9, and 9.3.2411.120, a user of a Splunk Search Head Cluster (SHC) deployment who holds a role with access to the the Splunk _internal index could view the Security Assertion Markup Language (SAML) configurations for Attribute query requests (AQRs) or Authentication extensions in plain text within the conf.log file, depending on which feature is configured.

EPSS 0.08% · 24.0th percentile

Risk Scores

CVSS 3.1
6.800000190734863
CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS Score
0.08%
24.0th percentile

Affected Products

VendorProductVersions
splunksplunk_cloud_platform10.1.2507, 9.3.2411, 10.0.2503
SplunkSplunk Cloud Platform10.1.2507, 9.3.2411, 10.0.2503
SplunkSplunk Enterprise9.2, 10.0, 9.3
splunksplunk9.3.0, 9.4.0, 9.2.0

Timeline

  • Oct 8, 2025 CVE ID Reserved
  • Feb 18, 2026 CVE Published
  • Feb 19, 2026 EPSS Score
  • Feb 21, 2026 EPSS Score
  • Feb 22, 2026 EPSS Score
  • Feb 24, 2026 EPSS Score
  • Feb 26, 2026 EPSS Score
  • Feb 26, 2026 CVE Updated
  • Feb 28, 2026 EPSS Score
  • Mar 1, 2026 EPSS Score
  • Mar 3, 2026 EPSS Score
  • Mar 5, 2026 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›