IOC Radar
TLP:WHITE1 IOC

Critical Splunk Enterprise Flaw Enables Unauthenticated Remote Code Execution

CP
Cyber Press
Published June 13, 2026Original Report

Diamond Model

Attack Flow7 steps · MITRE ATT&CK mapped

Initial AccessTA0001·T1190
1/7
Exploit Public-Facing Application
ActionExploit public-facing application
Attackers exploit a vulnerability in Splunk Enterprise's PostgreSQL Sidecar Service API, accessible via the main web application proxy.

5W+H Threat Analysis

Analysis unavailable

Indicators of Compromise

Indicators of Compromise1

TypeIndicatorConfidenceScoreFirst Seen
CVECVE-2026-20253
exploitintel-blogvulnerability
Medium
54
Jun 12, 26

IOC Relationship Graph

IOC Relationship Graph1 total IOCs
CVE
CVE1REPORTCritical Splunk Enterprise
scroll to zoom · drag to pan · click IOC to open