Third-Party Package Updates in Splunk AppDynamics Java Agent - March 2026
Advisory ID: SVD-2026-0310
CVE ID: Multiple
Published: 2026-03-11
Last Update: 2026-03-11
Description
Splunk remedied common vulnerabilities and exposures (CVEs) in Third Party Packages in Splunk AppDynamics Java Agent version 26.1.0, and higher, including the following:
| Package | Remediation | CVE | Severity |
|---|---|---|---|
| apache-log4j | Upgraded to version 2.25.3 | CVE-2025-68161 | Medium |
| gnupg | Upgraded to version 2.3.3-5 | CVE-2025-68973 | High |
Solution
Upgrade Splunk AppDynamics Java Agent to versions 26.1.0 or higher.
Product Status
| Product | Base Version | Affected Version | Fix Version |
|---|---|---|---|
| Splunk AppDynamics Java Agent | 26.1 | Below 26.1.0 | 26.1.0 |
Severity
For the CVEs in this list, Splunk adopted the vendor’s severity rating or the National Vulnerability Database (NVD) common vulnerability scoring system (CVSS) rating, as available.