Third-Party Package Updates in Splunk Enterprise - April 2026
Advisory ID: SVD-2026-0405
CVE ID: Multiple
Published: 2026-04-15
Last Update: 2026-04-15
Description
Splunk remedied common vulnerabilities and exposures (CVEs) in Third Party Packages in Splunk Enterprise versions 10.2.2, 10.0.5, 9.4.10, 9.3.11, and higher.
| Package | Remediation | CVE | Severity |
|---|---|---|---|
| protobuf1 | Upgraded protobuf to version 5.29.6 | CVE-2026-0994 | High |
| postgresql2 | Upgraded postgresql to version 17.7 | Multiple | Medium |
| azure-core3 | Upgraded azure-core to version 1.38.0 | Multiple | High |
| OpenSSL4 | Upgraded OpenSSL to version 1.0.2zo | CVE-2026-22796 | Low |
1 Upgraded protobuf to version 5.29.6 to remedy CVE-2026-0994 at $SPLUNK_HOME/etc/apps/splunk_secure_gateway/lib/protobuf in Splunk Secure Gateway versions 3.10.3, 3.9.17, and 3.8.64
2 Upgraded postgresql to version 17.7 to remedy CVE-2025-12817 and CVE-2025-12818 in Splunk Enterprise versions 10.2.2 and 10.0.5. Splunk Enterprise versions 9.4 and 9.3 are not affected
3 Upgraded azure-core to version 1.38.0 to remedy CVE-2026-21226 in Splunk Enterprise version 9.4.10. Splunk Enterprise 9.3 versions do not include azure-core.
4 Upgraded OpenSSL to version 1.0.2zo to remedy CVE-2026-22796 at $SPLUNK_HOME/lib/libcrypto.so.1.0.0, and $SPLUNK_HOME/lib/libssl.so.1.0.0 in Splunk Enterprise versions 9.4.10 and 9.3.11
Solution
Upgrade Splunk Enterprise to versions 10.2.2, 10.0.5, 9.4.10, 9.3.11, or higher.
Product Status
| Product | Base Version | Affected Version | Fix Version |
|---|---|---|---|
| Splunk Enterprise | 10.2 | 10.2.0 to 10.2.1 | 10.2.2 |
| Splunk Enterprise | 10.0 | 10.0.0 to 10.0.4 | 10.0.5 |
| Splunk Enterprise | 9.4 | 9.4.0 to 9.4.9 | 9.4.10 |
| Splunk Enterprise | 9.3 | 9.3.0 to 9.3.10 | 9.3.11 |
Severity
For the CVEs in this list, Splunk adopted the vendor’s severity rating or the National Vulnerability Database (NVD) common vulnerability scoring system (CVSS) rating, as available.