Splunk Warns of Active Exploitation of Critical Code Smuggling Vulnerability in Enterprise Software

Splunk has issued a warning that malicious actors are actively exploiting a critical code smuggling vulnerability in Splunk Enterprise. The company has released updates to address the flaw, though specific technical details such as CVE identifiers, affected versions, or exact exploitation methods were not disclosed. The attacks target the vulnerability to compromise Splunk Enterprise instances, though the precise impact—such as potential data exfiltration or remote code execution—remains unspecified. No timeline for the attacks or patch availability was provided in the notice. The advisory emphasizes the urgency of applying the available updates to mitigate risks.