Third-Party Package Updates in Splunk Universal Forwarder - May 2026

Advisory ID: SVD-2026-0506

CVE ID: Multiple

Published: 2026-05-20

Last Update: 2026-07-01

Description

Splunk remedied common vulnerabilities and exposures (CVEs) in Third Party Packages in Splunk Universal Forwarder versions 9.4.11, and higher.

PackageRemediationCVESeverity
rsync1Upgraded rsync to version 3.4.1MultipleCritical

1 Upgraded rsync to version 3.4.1 to remedy CVE-2024-12084, CVE-2024-12086, CVE-2024-12087, and CVE-2024-12088 in Splunk Universal Forwarder version 9.4.11 on Linux. Splunk Universal Forwarder for Windows and Splunk Universal Forwarder for macOS do not include rsync or rsync-ssl and are not affected. Splunk Universal Forwarder 10.2.x, 10.1.x, and 10.0.x do not include rsync.

Solution

Upgrade Splunk Universal Forwarder to versions 10.2.3, 10.0.6, 9.4.11, 9.3.12, or higher.

Product Status

ProductBase VersionAffected VersionFix Version
Splunk Universal Forwarder9.49.4.0 to 9.4.109.4.11

Severity

For the CVEs in this list, Splunk adopted the vendor’s severity rating or the National Vulnerability Database (NVD) common vulnerability scoring system (CVSS) rating, as available.

Changelog

  • 2026-07-01: Updated advisory notes to reflect the affected Splunk Universal Forwarder versions.