Unrated severityNVD Advisory· Published Feb 18, 2026· Updated Feb 18, 2026
Risky Commands Safeguards Bypass through preloaded Data Models due to Path Traversal vulnerability in Splunk Enterprise
CVE-2026-20137
Description
In Splunk Enterprise versions below 10.2.0, 10.0.3, 9.4.5, 9.3.7, and 9.2.9, and Splunk Cloud Platform versions below 10.1.2507.0, 10.0.2503.9, 9.3.2411.112, and 9.3.2408.122, a low-privileged user who does not hold the "admin" or "power" Splunk roles could bypass the SPL safeguards for risky commands when they create a Data Model that contains an injected SPL query within an object. They can bypass the safeguards by exploiting a path traversal vulnerability.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4<9.3.2408.122, <9.3.2411.112, <10.0.2503.9, <10.1.2507.0+ 1 more
- (no CPE)range: <9.3.2408.122, <9.3.2411.112, <10.0.2503.9, <10.1.2507.0
- (no CPE)range: 10.1.2507
<9.2.9, <9.3.7, <9, <9.4.5, <10.0.3, <10.2.0+ 1 more
- (no CPE)range: <9.2.9, <9.3.7, <9, <9.4.5, <10.0.3, <10.2.0
- (no CPE)range: 10.2
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.