What is CVE-2026-20251?

CVE-2026-20251 is a high-severity vulnerability, classified under Deserialization of Untrusted Data. CVSS score: 8.8/10. Published 2026-06-10.

How severe is CVE-2026-20251?

High severity. CVSS v3 base score is 8.8 out of 10.

CVE-2026-20251

CVE-2026-20251

In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, Splunk Cloud Platform versions below 10.3.2512.12, 10.2.2510.14, 10.1.2507.22, and 9.3.2411.132, and Splunk Secure Gateway versions below 3.10.6, 3.9.20, and 3.8.67, a…

Vulnerability class: Insecure Deserialization

CVSS v3 metric

CVSS v3 base score 8.8 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H.

Weakness classification (CWE)

CWE-502 — Deserialization of Untrusted Data

References

psirt@cisco.com

Frequently asked questions

What is CVE-2026-20251?: CVE-2026-20251 is a high-severity vulnerability, classified under Deserialization of Untrusted Data. CVSS score: 8.8/10. Published 2026-06-10.
How severe is CVE-2026-20251?: High severity. CVSS v3 base score is 8.8 out of 10.