Third-Party Package Updates in Splunk AppDynamics Python Agent - May 2026

Advisory ID: SVD-2026-0511

CVE ID:  Multiple

Published: 2026-05-20

Last Update: 2026-05-20

Description

Splunk remedied common vulnerabilities and exposures (CVEs) in Third Party Packages in Splunk AppDynamics Python Agent version 26.4.1, and higher, including the following:

PackageRemediationCVESeverity
alpine1Upgraded to version 3.23.4MultipleHigh
openjdk2Upgraded to version 11.0.30u7MultipleHigh
libpng3Upgraded to version 1.6.54MultipleHigh
log4j-coreUpgraded from version 2.17.1 to version 2.25.3CVE-2025-68161Medium

1 Upgraded alpine from version 3.22.2 to version 3.23.4, which updated the transient OS packages to remedy CVE-2025-15467, CVE-2025-69420, CVE-2025-69421, CVE-2025-69419, CVE-2025-11187, CVE-2025-15468, CVE-2025-66199, CVE-2026-22795, CVE-2026-22796, CVE-2025-68160, CVE-2025-69418, CVE-2026-28387, CVE-2026-2673, CVE-2026-28388, CVE-2026-28389, CVE-2026-28390, CVE-2026-31790, CVE-2026-31789, CVE-2026-40200, CVE-2026-6042, CVE-2025-46394, CVE-2024-58251, CVE-2026-27171, and CVE-2026-27456.

2 Upgraded OpenJDK from version 11.0.27u6 to version 11.0.30u7 to remedy CVE-2025-50059, CVE-2025-30749, CVE-2025-50106, CVE-2025-53066, CVE-2026-21945, CVE-2026-21932, CVE-2026-21933, CVE-2025-30761, CVE-2025-53057, CVE-2025-30754, and CVE-2026-21925.

3 Upgraded libpng from version 1.6.43 to version 1.6.54 to remedy CVE-2026-22801, CVE-2025-64720, CVE-2025-65018, CVE-2025-66293, CVE-2026-22695, CVE-2025-64505, CVE-2025-64506, CVE-2025-28162, and CVE-2025-28164.

Solution

Upgrade Splunk AppDynamics Python Agent to version 26.4.1 or higher.

Product Status

ProductBase VersionAffected VersionFix Version
Splunk AppDynamics Python Agent26.4Below 26.4.126.4.1

Severity

For the CVEs in this list, Splunk adopted the vendor’s severity rating or the National Vulnerability Database (NVD) common vulnerability scoring system (CVSS) rating, as available.