What is CVE-2026-20260?

CVE-2026-20260 is a medium-severity vulnerability, classified under Improper Output Neutralization for Logs. CVSS score: 4.3/10. Published 2026-06-10.

How severe is CVE-2026-20260?

Medium severity. CVSS v3 base score is 4.3 out of 10.

CVE-2026-20260

CVE-2026-20260

In Splunk SOAR (Security Orchestration, Automation, and Response) versions below 8.5.0, an unauthenticated attacker could inject American National Standards Institute (ANSI) escape codes into SOAR application log files through specially cr…

CVSS v3 metric

CVSS v3 base score 4.3 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N.

Weakness classification (CWE)

CWE-117 — Improper Output Neutralization for Logs

References

psirt@cisco.com

Frequently asked questions

What is CVE-2026-20260?: CVE-2026-20260 is a medium-severity vulnerability, classified under Improper Output Neutralization for Logs. CVSS score: 4.3/10. Published 2026-06-10.
How severe is CVE-2026-20260?: Medium severity. CVSS v3 base score is 4.3 out of 10.