Splunk Enterprise
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Splunk Enterprise.
By the Year
In 2026 there have been 0 vulnerabilities in Splunk Enterprise. Splunk Enterprise did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 0 | 0.00 |
| 2023 | 1 | 8.00 |
It may take a day or so for new Splunk Enterprise vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Splunk Enterprise Security Vulnerabilities
XSLT RCE in Splunk Enterprise <9.0.7/9.1.2
CVE-2023-46214
8 - High
- November 16, 2023
In Splunk Enterprise versions below 9.0.7 and 9.1.2, Splunk Enterprise does not safely sanitize extensible stylesheet language transformations (XSLT) that users supply. This means that an attacker can upload malicious XSLT which can result in remote code execution on the Splunk Enterprise instance.
aka Blind XPath Injection
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Splunk Enterprise or by Splunk? Click the Watch button to subscribe.
