Third-Party Package Updates in Splunk Universal Forwarder - May 2026
Advisory ID: SVD-2026-0506
CVE ID: Multiple
Published: 2026-05-20
Last Update: 2026-05-20
Description
Splunk remedied common vulnerabilities and exposures (CVEs) in Third Party Packages in Splunk Universal Forwarder versions 9.4.11, and higher.
| Package | Remediation | CVE | Severity |
|---|---|---|---|
| rsync1 | Upgraded rsync to version 3.4.1 | Multiple | Critical |
1 Upgraded rsync to version 3.4.1 to remedy CVE-2024-12084, CVE-2024-12086, CVE-2024-12087, and CVE-2024-12088 in Splunk Enterprise version 9.4.11. Splunk Universal Forwarder 10.2.x, 10.1.x, 10.0.x, 9.3.x does not have rsync.
Solution
Upgrade Splunk Universal Forwarder to versions 10.2.3, 10.0.6, 9.4.11, 9.3.12, or higher.
Product Status
| Product | Base Version | Affected Version | Fix Version |
|---|---|---|---|
| Splunk Universal Forwarder | 9.4 | 9.4.0 to 9.4.10 | 9.4.11 |
Severity
For the CVEs in this list, Splunk adopted the vendor’s severity rating or the National Vulnerability Database (NVD) common vulnerability scoring system (CVSS) rating, as available.