Third-Party Package Updates in Splunk Universal Forwarder - July 2026
Advisory ID: SVD-2026-0706
CVE ID: Multiple
Published: 2026-07-15
Last Update: 2026-07-15
Description
Splunk remedied common vulnerabilities and exposures (CVEs) in Third Party Packages in Splunk Universal Forwarder versions 10.4.1, 10.2.5, 10.0.8, 9.4.13, and higher.
| Package | Remediation | CVE | Severity |
|---|---|---|---|
| OpenSSL1 | Upgraded OpenSSL to version 1.0.2zp | Multiple | Low |
1 Upgraded OpenSSL to version 1.0.2zp to remedy CVE-2026-28388, CVE-2026-28389, and CVE-2026-28390 at $SPLUNK_HOME/lib/libcrypto.so.1.0.0 and $SPLUNK_HOME/lib/libssl.so.1.0.0.
Solution
Upgrade Splunk Universal Forwarder to versions 10.4.1, 10.2.5, 10.0.8, 9.4.13, or higher.
Product Status
| Product | Base Version | Affected Version | Fix Version |
|---|---|---|---|
| Splunk Universal Forwarder | 10.4 | Below 10.4.1 | 10.4.1 |
| Splunk Universal Forwarder | 10.2 | 10.2.0 to 10.2.4 | 10.2.5 |
| Splunk Universal Forwarder | 10.0 | 10.0.0 to 10.0.7 | 10.0.8 |
| Splunk Universal Forwarder | 9.4 | 9.4.0 to 9.4.12 | 9.4.13 |
Severity
For the CVEs in this list, Splunk adopted the vendor’s severity rating or the National Vulnerability Database (NVD) common vulnerability scoring system (CVSS) rating, as available.