Splunk Enterprise Unauthenticated Arbitrary File Operations/RCE (CVE-2026-20253): Overview and Takeaways
Splunk disclosed CVE-2026-20253 on June 10, 2026, affecting Splunk Enterprise versions in the 10.0.x and 10.2.x branches. The flaw stems from a PostgreSQL sidecar service endpoint that completely…
Read the full articleYou might also wanna read

Critical RCE Vulnerability (CVE-2026-20251) Found in Splunk Products via Unsafe Deserialization
In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, Splunk Cloud Platform versions below 10.3.2512.12, 10.2.2510.14, 10.

WAF - WAF Release - 2025-10-06
This week’s highlights prioritise an emergency Oracle E-Business Suite RCE rule deployed to block active, high-impact exploitation. Also add
Microsoft patches high-severity SharePoint RCE vulnerability CVE-2026-45659
A high-severity remote code execution vulnerability (CVE-2026-45659) in SharePoint may be exploited in low-complexity attacks.

SharePoint RCE CVE-2026-45659 Added to CISA KEV After Active Exploitation
CISA has added SharePoint CVE-2026-45659 to its Known Exploited Vulnerabilities catalog after evidence showed active exploitation in the wil
Unpacking CVE-2025-55182: React Server Components RCE Exploit Deep Dive and SBOM-Driven Identification
A critical pre-authenticated remote code execution vulnerability (CVE-2025-55182) was disclosed in React Server Components, affecting Next.j

WAF - WAF Release - 2025-05-27
This week’s roundup covers nine vulnerabilities, including six critical RCEs and one dangerous file upload. Affected platforms span cloud se

Comments
Sign in to join the conversation.
No comments yet. Be the first.