Third-Party Package Updates in Splunk Enterprise - May 2026

Advisory ID: SVD-2026-0505

CVE ID:  Multiple

Published: 2026-05-20

Last Update: 2026-05-20

Description

Splunk remedied common vulnerabilities and exposures (CVEs) in Third Party Packages in Splunk Enterprise versions 10.2.3, 10.0.6, 9.4.11, 9.3.12, and higher.

PackageRemediationCVESeverity
[golang.org/x/net](http://golang.org/x/net) 1Upgraded golang net in `spl2-orchestrator` binary to version 0.52.0MultipleHigh
golang2Upgraded golang to Go compiler in `splunk-edge` binary to version go1.25.8MultipleCritical
[github.com/expr-lang/expr](http://github.com/expr-lang/expr) 3Upgraded golang expr-lang to version 1.17.8CVE-2025-68156High

1 Upgraded golang net to version 0.52.0 at /opt/splunk/bin/spl2-orchestrator to remedy CVE-2025-22872, CVE-2025-47911, CVE-2025-58190, and CVE-2026-27141 in Splunk Enterprise version 9.4.11. Splunk Enterprise versions 10.2.x, 10.0.x and 9.3.x are not affected.

2 Upgraded golang in splunk-edge binary to Go compiler version go1.25.8 to remedy CVE-2025-68121, CVE-2025-61732, CVE-2025-61731, CVE-2025-61726 at opt/splunk/etc/apps/splunk_pipeline_builders/binaries/splunk-edge/ in Splunk Enterprise versions 10.0.6 and 10.2.3. splunk-edge binary is not present in Splunk Enterprise versions 9.4.x and 9.3.x.

3 Upgraded golang expr-lang to version 1.17.8 to remedy CVE-2025-68156 at opt/splunk/etc/apps/splunk_pipeline_builders/in Splunk Enterprise.

Solution

Upgrade Splunk Enterprise to versions 10.2.3, 10.0.6, 9.4.11, 9.3.12, or higher.

Product Status

ProductBase VersionAffected VersionFix Version
Splunk Enterprise10.2Below 10.2.310.2.3
Splunk Enterprise10.010.0.0 to 10.0.510.0.6
Splunk Enterprise9.49.4.0 to 9.4.109.4.11
Splunk Enterprise9.39.3.0 to 9.3.119.3.12

Severity

For the CVEs in this list, Splunk adopted the vendor’s severity rating or the National Vulnerability Database (NVD) common vulnerability scoring system (CVSS) rating, as available.