> TritonInfoSec News
Home / Jun 20, 2026 / Story
0
#3 BleepingComputer general June 19, 2026 at 10:39 UTC

CISA: Splunk Enterprise flaw actively exploited, patch by Sunday

By Sergiu Gatlan

AI Summary

CISA added a critical Splunk Enterprise vulnerability to its Known Exploited Vulnerabilities catalog and mandated that U.S. federal agencies patch by Sunday, June 22, 2026, indicating active exploitation in the wild. The flaw resides in Splunk's AI Toolkit and enables OS command injection. Organizations running Splunk Enterprise should prioritize this patch given active exploitation and the prevalence of Splunk in SOC environments.

Read full article → https://www.bleepingcomputer.com/news/security/cis…

Relevance score: 87.0/100

# More from June 20

  1. 1
    CISA Warns Fortinet Customers as FortiBleed Hits 86,644 FortiGate Devices The Hacker News
  2. 2
    Operation Endgame Disrupts SocGholish Servers, Cleans 14,971 WordPress Sites The Hacker News
  3. 4
    Unpatchable 'usbliter8' Exploit Breaks Apple A12 and A13 SecureROM Boot Chain The Hacker News
  4. 5
    Salesforce Disables Klue App Integration After OAuth Token Abuse Exposes Customer Data The Hacker News
  5. 6
    F5 Patches Two Critical NGINX Open Source Flaws Enabling Remote Code Execution The Hacker News
  6. 7
    Microsoft Details Windows Clipper Malware Campaign Using USB LNK Worm and Tor-Based C2 The Hacker News
  7. 8
    The Gentlemen RaaS Uses GentleKiller EDR Framework Targeting 400 Security Processes The Hacker News
  8. 9
    Texas govt data breach exposes over 3 million driver’s licenses BleepingComputer
  9. 10
    Critical Command Execution Vulnerability Patched in Cisco ISE SecurityWeek