CISA added CVE-2026-20253 to its Known Exploited Vulnerabilities catalog after evidence of active exploitation, and Splunk now says it is aware of limited exploitation. Affected self-managed Splunk Enterprise 10.0 and 10.2 systems should upgrade or carefully apply the PostgreSQL sidecar mitigation.