CVE-2026-20202Improper Handling of Unicode Encoding in Cloud Platform

CWE-176Improper Handling of Unicode Encoding4 documents4 sources
Severity
6.6MEDIUMNVD
EPSS
0.0%
top 88.34%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Splunk Cloud PlatformSplunk Enterprise
Timeline
PublishedApr 15

Description

In Splunk Enterprise versions below 10.2.2, 10.0.5, 9.4.10, and 9.3.11, and Splunk Cloud Platform versions below 10.4.2603.0, 10.3.2512.6, 10.2.2510.10, 10.1.2507.20, 10.0.2503.13, and 9.3.2411.127, a user who holds a role that contains the high-privilege capability `edit_user`could create a specially crafted username that includes a null byte or a non-UTF-8 percent-encoded byte due to improper input validation.This could lead to inconsistent conversion of usernames into a proper format for stor

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 0.7 | Impact: 5.9

Affected Packages2 packages

CVEListV5splunk/splunk_cloud_platform10.4.2603Not Affected+5
CVEListV5splunk/splunk_enterprise10.210.2.2+3

🔴Vulnerability Details

3
VulDB
Splunk Enterprise/Cloud Platform Username edit_user unicode encoding (SVD-2026-0401)2026-04-15
CVEList
Improper Input Validation during User Account Creation in Splunk Enterprise2026-04-15
GHSA
GHSA-p3vg-7hj9-6f24: In Splunk Enterprise versions below 102026-04-15