CVE-2026-7589

Name of the Vulnerable Software and Affected Versions ghantakiran splunk-mcp-integration versions up to 0b86b09d5e5adf0433acd43c975951224613a1a6

Description A path traversal issue exists in the CSV Export component. A remote attacker can exploit this by manipulating the job name argument within the create csv export() function located in the 'services/csv-export-service/app/api/v1/endpoints/csv export.py' file. Path traversal is a technique that allows an attacker to access files and directories that are stored outside the intended folder.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, consider restricting the use of the job name argument in the create csv export() function to minimize the risk of exploitation.