Splunk released eight security advisories on April 15, 2026, addressing vulnerabilities ranging from low-severity third-party package updates to critical flaws across Splunk Enterprise, Splunk Cloud Platform, and the newly launched MCP Server app.
Security teams relying on Splunk for SIEM and observability operations must act immediately, as at least three of the disclosed vulnerabilities present an active exploitation risk, including a Remote Code Execution (RCE) vector accessible to low-privileged users.
Critical RCE & Token Theft Vulnerabilities
Splunk’s April 2026 patch batch (SVD-2026-0401 through SVD-2026-0408) spans four product lines and covers multiple vulnerability classes, including improper input validation, improper access control, sensitive information disclosure, and critical third-party dependency issues. The advisories were published simultaneously on April 15, 2026, as part of Splunk’s coordinated disclosure process.
The most dangerous of the eight advisories involves vulnerabilities that allow low-privileged attackers to perform RCE, expose session tokens in cleartext, and manipulate Data Model Acceleration settings,s all without requiring administrator-level access in some scenarios.
Two advisories, SVD-2026-0408 (Splunk Operator for Kubernetes Add-on) and SVD-2026-0406 (Splunk IT Service Intelligence / IT, SI), carry a Critical severity rating and address vulnerabilities inherited from outdated third-party packages bundled within those products.
While Splunk has not linked specific CVEs to these two advisories in the published data, Critical-rated third-party dependency flaws commonly introduce risks such as arbitrary code execution, privilege escalation, and denial-of-service through known upstream exploits.
Customers running ITSI or Kubernetes-based Splunk deployments should treat these updates as urgent. SVD-2026-0405, which addressed third-party package updates within Splunk Enterprise, was rated High, reinforcing the growing concern about supply chain security in enterprise observability platforms.
RCE via Temporary File Mishandling (CVE-2026-20204)
SVD-2026-0403 is among the most technically severe vulnerabilities disclosed in this batch. Tracked as CVE-2026-20204 with a CVSSv3.1 score of 7.1 (High), this flaw affects Splunk Enterprise versions below 10.2.2, 10.0.5, 9.4.10, and 9.3.11, along with multiple Splunk Cloud Platform builds.
A low-privileged user, one who does not hold the admin or power Splunk roles could potentially achieve Remote Code Execution by uploading a malicious file to the $SPLUNK_HOME/var/run/splunk/apptemp directory, exploiting improper handling and insufficient isolation of temporary files within the apptemp directory.
This makes the flaw particularly dangerous in multi-tenant environments where low-trust users share platform access. Tenable has already flagged a Nessus plugin (ID 306556) for detection of this vulnerability.
Session Token Exposure in Splunk MCP Server (CVE-2026-20205)
SVD-2026-0407 discloses a sensitive information disclosure vulnerability in the Splunk MCP Server app, Splunk’s recently released Model Context Protocol integration, tracked as CCVE-2026-2020, with a CVSSv3.1 score of 7.2 (High).
In the MCP Server app versions below 1.0.3, a user holding a role with access to the _internal index, or possessing the mcp_tool_admin A high-privilege capability could view user sessions and authorization tokens in clear text within log files.
Although exploitation requires either local log file access or administrative access to internal indexes, the exposure of cleartext authentication tokens represents a critical post-compromise risk, particularly as AI-integrated observability tools like MCP Server gain wider enterprise adoption.
The fix is to upgrade to Splunk MCP Server app version 1.0.3 or higher and restrict _internal index access to administrator-level roles only.
Access Control and Input Validation Gaps
SVD-2026-0402 (CVE-2026-20203, CVSS 4.3) reveals an improper access control flaw in Data Model Acceleration within Splunk Enterprise.
A low-privileged user with write permissions to the app but without the accelerate_datamodel The capability could toggle Data Model Acceleration on or off, potentially disrupting accelerated searches and impacting SIEM detection pipelines.
Affected Splunk Enterprise versions span 9.3.0 through 10.2.1 across multiple branch lines. SVD-2026-0401 (CVE-2026-20202, CVSS 6.6) exposes an improper input validation issue during user account creation in Splunk Enterprise.
A user holding the edit_user Capability could craft a username containing null bytes or non-UTF-8 percent-encoded characters, leading to inconsistent storage conversion and account management failures, including the inability to edit or delete those users afterward.
Fixed in versions 10.2.2, 10.0.5, 9.4.10, 9.3.11, corresponding Splunk Cloud Platform builds, and Splunk recommends security Advisories.
Recommended Actions
Security teams should immediately prioritize the following steps:
- Upgrade Splunk Enterprise to versions 10.2.2, 10.0.5, 9.4.10, or 9.3.11 to remediate CVE-2026-20202, CVE-2026-20203, and CVE-2026-20204.
- Upgrade Splunk MCP Server app to version 1.0.3 or later, and restrict access to the
_internalindex to administrator-only roles. - Apply ITSI and Kubernetes Operator updates immediately to close the critical third-party dependency gaps.
- Monitor
apptempdirectory activity and review audit logs for unusual file uploads by low-privileged users.
Frequently Asked Questions
Q1: Who is affected by CVE-2026-20204 (RCE via apptemp)?
Any Splunk Enterprise deployment running versions below 10.2.2, 10.0.5, 9.4.10, or 9.3.1 that allows low-privileged users to upload files is vulnerable.
Q2: Does CVE-2026-20205 impact all Splunk users?
No, it only impacts organizations that have installed the Splunk MCP Server app; users who have never deployed it face no risk.
Q3: Can CVE-2026-20203 cause data loss or outages?
Yes, unauthorized toggling of Data Model Acceleration can break accelerated search pipelines and disrupt SIEM detection workflows that depend on those models.
Q4: Is there a workaround if patching Splunk Enterprise immediately is not possible?
Splunk currently lists no official mitigations for CVE-2026-20202, CVE-2026-20203, or CVE-2026-20204. Upgrading to fixed versions remains the only recommended resolution.
Site: http://thecybrdef.com
About the Author
