CVE-2026-20253 is a critical unauthenticated RCE in Splunk Enterprise (CVSS 9.8, EPSS 99.75th percentile) disclosed in advisory SVD-2026-0601. An attacker with no credentials can execute arbitrary code on the Splunk platform, which in most enterprise environments serves as the primary security operations hub with broad access to sensitive log data and event feeds — making Splunk compromise a direct attack on the organization’s detection and response capability.