Splunk has released security updates to address multiple vulnerabilities. A remote attacker could exploit some of these vulnerabilities to trigger elevation of privilege and cross-site scripting on the targeted system. Issues affect:

• Splunk Enterprise versions below 9.4.2, 9.3.4 and 9.2.6;

• Splunk Cloud Platform versions below 9.3.2411.102, 9.3.2408.111 and 9.2.2406.118;

• Splunk Universal Forwarder for Windows versions below 9.4.2, 9.3.4, 9.2.6, and 9.1.9.

More information on vulnerabilities and updates is available in the Splunk security advisories:

• SVD-2025-0601

• SVD-2025-0602