CVE-2026-20253 is a critical unauthenticated file write and remote code execution vulnerability in Splunk Enterprise affecting versions 10.0.0-10.0.6 and 10.2.0-10.2.3, with a public proof-of-concept exploit available and an EPSS score at the 95th percentile. A successful compromise of Splunk does not affect one application — it hands attackers visibility into and potential control over the entire security monitoring stack, turning the detection platform into a persistence and blind-spot mechanism. Patch before end of this week.