CISA has added CVE-2026-20253, a missing authentication vulnerability in Splunk Enterprise, to its Known Exploited Vulnerabilities (KEV) Catalog due to evidence of active exploitation in the wild. The vulnerability allows unauthorized access to critical functions, and organizations are strongly advised to prioritize remediation, particularly for publicly exposed assets that could grant total control post-exploitation.