{"cve":{"cve_id":"CVE-2026-20255","is_kev":false,"kev_date_added":null,"kev_vendor_project":null,"kev_product":null,"kev_vulnerability_name":null,"kev_short_description":null,"kev_required_action":null,"kev_due_date":null,"kev_known_ransomware":null,"kev_notes":null,"kev_cwes":null,"epss_score":0.00245,"epss_percentile":0.15382,"epss_as_of":"2026-06-23","description":"In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132, a low-privileged user that does not hold the \"admin\" or \"power\" Splunk roles could craft a malicious classic dashboard that exfiltrates sensitive data to an external server.  \n\nThe vulnerability exists because URL validation on the external content dialog is incomplete, which can allow for requests to untrusted domains when a user interacts with a crafted dashboard.","published_at":"2026-06-10T17:16:00.962000Z","last_modified_at":null,"cvss_v3_score":5.7,"cvss_v3_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N","cvss_v3_severity":"MEDIUM","cvss_v4_score":null,"cvss_v4_vector":null,"cvss_v4_severity":null,"ssvc_decision":null,"ssvc_exploitation":null,"ssvc_automatable":null,"ssvc_technical_impact":null,"cwes":["CWE-20"],"nvd_references":["https://advisory.splunk.com/advisories/SVD-2026-0605"],"vuln_status":null,"trending_score":null,"is_trending":false,"has_trended":false,"trended_number_one":false,"trending_peak_score":null,"trending_peak_rank":null,"started_trending_at":null,"trended_number_one_at":null,"summary_generated":null,"summary_generated_at":null,"summary_model":null,"created_at":"2026-06-24T00:09:39.878444Z","updated_at":"2026-06-28T23:29:03.077147Z"},"effective_severity":"MEDIUM","badges":[],"impact_analysis":[],"cvss_v3_decoded":{"version":"3.1","metrics":[{"metric":"AV","name":"Attack Vector","value":"N","value_label":"Network"},{"metric":"AC","name":"Attack Complexity","value":"L","value_label":"Low"},{"metric":"PR","name":"Privileges Required","value":"L","value_label":"Low"},{"metric":"UI","name":"User Interaction","value":"R","value_label":"Required"},{"metric":"S","name":"Scope","value":"U","value_label":"Unchanged"},{"metric":"C","name":"Confidentiality","value":"H","value_label":"High"},{"metric":"I","name":"Integrity","value":"N","value_label":"None"},{"metric":"A","name":"Availability","value":"N","value_label":"None"}]},"cvss_v4_decoded":{"version":null,"metrics":[]},"affected":[{"vendor_slug":"splunk","vendor_name":"Splunk","product_slug":"splunk-cloud-platform","product_name":"Splunk Cloud Platform","version_start":"9.3.2411","version_start_inclusive":true,"version_end":"9.3.2411.132","version_end_inclusive":false,"cpe23_uri":"cve5:splunk:splunk-cloud-platform:9.3.2411:9.3.2411.132"},{"vendor_slug":"splunk","vendor_name":"Splunk","product_slug":"splunk-cloud-platform","product_name":"Splunk Cloud Platform","version_start":"10.3.2512","version_start_inclusive":true,"version_end":"10.3.2512.13","version_end_inclusive":false,"cpe23_uri":"cve5:splunk:splunk-cloud-platform:10.3.2512:10.3.2512.13"},{"vendor_slug":"splunk","vendor_name":"Splunk","product_slug":"splunk-cloud-platform","product_name":"Splunk Cloud Platform","version_start":"10.2.2510","version_start_inclusive":true,"version_end":"10.2.2510.15","version_end_inclusive":false,"cpe23_uri":"cve5:splunk:splunk-cloud-platform:10.2.2510:10.2.2510.15"},{"vendor_slug":"splunk","vendor_name":"Splunk","product_slug":"splunk-cloud-platform","product_name":"Splunk Cloud Platform","version_start":"10.1.2507","version_start_inclusive":true,"version_end":"10.1.2507.23","version_end_inclusive":false,"cpe23_uri":"cve5:splunk:splunk-cloud-platform:10.1.2507:10.1.2507.23"},{"vendor_slug":"splunk","vendor_name":"Splunk","product_slug":"splunk-enterprise","product_name":"Splunk Enterprise","version_start":"10.2","version_start_inclusive":true,"version_end":"10.2.4","version_end_inclusive":false,"cpe23_uri":"cve5:splunk:splunk-enterprise:10.2:10.2.4"},{"vendor_slug":"splunk","vendor_name":"Splunk","product_slug":"splunk-enterprise","product_name":"Splunk Enterprise","version_start":"10.0","version_start_inclusive":true,"version_end":"10.0.7","version_end_inclusive":false,"cpe23_uri":"cve5:splunk:splunk-enterprise:10.0:10.0.7"},{"vendor_slug":"splunk","vendor_name":"Splunk","product_slug":"splunk-enterprise","product_name":"Splunk Enterprise","version_start":"9.4","version_start_inclusive":true,"version_end":"9.4.12","version_end_inclusive":false,"cpe23_uri":"cve5:splunk:splunk-enterprise:9.4:9.4.12"},{"vendor_slug":"splunk","vendor_name":"Splunk","product_slug":"splunk-enterprise","product_name":"Splunk Enterprise","version_start":"9.3","version_start_inclusive":true,"version_end":"9.3.13","version_end_inclusive":false,"cpe23_uri":"cve5:splunk:splunk-enterprise:9.3:9.3.13"}],"exploit_refs":[],"news":[],"references":[{"url":"https://advisory.splunk.com/advisories/SVD-2026-0605","source_type":"VENDOR_ADVISORY","tags":["advisory"]}],"timeline":[{"type":"published","at":"2026-06-10T17:16:00.962000Z","label":"CVE published","source":null},{"type":"cvss_changed","at":"2026-06-28T17:50:54.673227Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:50:54.673227Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:50:54.673227Z","label":"CVSS score revised","source":"cvelistv5"}]}