Splunk Cloud Platform Maintenance Patch Release Information
List of issues that are fixed in maintenance patch releases of Splunk Cloud Platform. Maintenance patch release notes are updated Monday to Friday, typically around 2AM UTC and 12.30PM UTC. If your upgrade details aren't yet visible, please check back after this time.
List of issues that are fixed in maintenance patch releases of Splunk Cloud Platform. Maintenance patch release notes are updated Monday to Friday, typically around 2AM UTC and 12.30PM UTC. If your upgrade details aren't yet visible, please check back after this time.
10.2.2510.X Fixed Issues
This section includes information on fixed issues in 10.2.2510.X
10.2.2510.9
Publication Date: February 25, 2026
Security Fixes:
| Security Level | Count |
|---|---|
| CRITICAL | 0 |
| HIGH | 0 |
| MEDIUM | 1 |
| LOW | 0 |
Fixed Issues:
Uncategorized issues
| Issue Number | Description |
|---|---|
| SPL-296478 | Nascent sidecar(etcd) does not initialize in SH cluster after upgrade to 10.2 |
| SPL-296525 | Ingest Actions - crash during serialization when receiving malformed metadata |
| SPL-296653 | SPL2_Orchestrator sidecar not initializing properly after 10.2 upgrade |
| SPL-296742 | Forwarding - 9.4.5 - Heavy forwarder reports downstream indexer has paused data flow though indexer queue is clear and not paused |
| SPL-296916 | Unable to Start Splunk on Windows |
| SPL-297001 | Recurring S2 bucket upload failures on Noah due to racing between delete and freeze for misconfigured data |
10.2.2510.8
Publication Date: February 23, 2026
Security Fixes:
| Security Level | Count |
|---|---|
| CRITICAL | 0 |
| HIGH | 0 |
| MEDIUM | 1 |
| LOW | 0 |
Fixed Issues:
Uncategorized issues
| Issue Number | Description |
|---|---|
| SPL-295085 | implementation of kvstoreSslClientConfig stanza and testing |
| SPL-296210 | Revisit Enterprise installer changes for 10.2 that removed domain account |
| SPL-296344 | Implement Per-Request Config for updateLastModifiedTime |
| SPL-296516 | GODEBUG setting removal |
10.2.2510.7
Publication Date: February 12, 2026
Fixed Issues:
Uncategorized issues
| Issue Number | Description |
|---|---|
| SPL-294995 | Make go binary splunk-spotlight portable |
| SPL-295105 | Ingest Actions File System Memory deadlock issue |
| SPL-295364 | WLM is not logging placement rules triggers |
| SPL-295511 | Upgrade to Python 3.13.11 |
| SPL-295600 | Restore full backtracing capability to Splunk (crashlogs, etc). |
| SPL-295649 | Skip KV Store invalidation for search‑session tokens to reduce logout‑invalidation load |
| SPL-295685 | Respect minFreeSpace for Bulk Data Move split operations |
| SPL-295856 | Contention on WLM can cause search head to hang |
| SPL-295973 | Remove AssertionConsumerServiceURL from unsigned SAML AuthnRequests |
| SPL-296086 | Create a migration tool that can help Splunk app authors update their apps to use Python 3.13 version |
| SPL-296094 | Debug Sync issues in GCP w/ ES ITSI |
10.2.2510.6
Publication Date: February 02, 2026
Fixed Issues:
Admin and CLI issues
| Issue Number | Description |
|---|---|
| SPL-293952 | Splunk calls systemctl with LD_LIBRARY_PATH pointed to $SPLUNK_HOME/lib |
Distributed search and search head clustering issues
| Issue Number | Description |
|---|---|
| SPL-294629 | Indexer cluster peer crashes at startup on Windows right after logging that it's downloaded its cluster bundle and it's about to restart. |
Uncategorized issues
| Issue Number | Description |
|---|---|
| SPL-292190 | SF/RF values shown wrong on the Monitoring console and Indexers |
| SPL-295087 | Fixed incorrect app update notifications caused by version comparison errors |
10.1.2507.X Fixed Issues
This section includes information on fixed issues in 10.1.2507.X
10.1.2507.18
Publication Date: February 23, 2026
Security Fixes:
| Security Level | Count |
|---|---|
| CRITICAL | 0 |
| HIGH | 0 |
| MEDIUM | 1 |
| LOW | 0 |
Fixed Issues:
Universal forwarder issues
| Issue Number | Description |
|---|---|
| SPL-296342 | Update Telemetry App version |
Uncategorized issues
| Issue Number | Description |
|---|---|
| SPL-296515 | GODEBUG setting removal |
| SPL-296524 | Ingest Actions - crash during serialization when receiving malformed metadata |
10.1.2507.17
Publication Date: February 13, 2026
Fixed Issues:
Universal forwarder issues
| Issue Number | Description |
|---|---|
| SPL-294054 | Splunk calls systemctl with LD_LIBRARY_PATH pointed to $SPLUNK_HOME/lib |
Search issues
| Issue Number | Description |
|---|---|
| SPL-295193 | mvexpand command may lose result fields under certain circumstances (most often when it is used inside appendpipe command and processes large number of results) |
Uncategorized issues
| Issue Number | Description |
|---|---|
| SPL-294995 | Make go binary splunk-spotlight portable |
| SPL-295086 | Fixed incorrect app update notifications caused by version comparison errors |
| SPL-295104 | Ingest Actions File System Memory deadlock issue |
| SPL-295363 | WLM is not logging placement rules triggers |
| SPL-295648 | Skip KV Store invalidation for search‑session tokens to reduce logout‑invalidation load |
| SPL-295855 | Contention on WLM can cause search head to hang |
| SPL-295972 | Remove AssertionConsumerServiceURL from unsigned SAML AuthnRequests |
| SPL-296093 | Debug Sync issues in GCP w/ ES ITSI |
10.1.2507.16
Publication Date: January 23, 2026
Security Fixes:
| Security Level | Count |
|---|---|
| CRITICAL | 0 |
| HIGH | 2 |
| MEDIUM | 3 |
| LOW | 0 |
Fixed Issues:
Distributed search and search head clustering issues
| Issue Number | Description |
|---|---|
| SPL-293979 | clustered_bucket_database_granularity=index feature toggle breaks '|delete' command on classic clustering stacks |
Uncategorized issues
| Issue Number | Description |
|---|---|
| SPL-289636 | DDSS is not supported on GCP NOAH |
| SPL-291572 | Fix error reading app.conf file |
| SPL-292166 | Ingestor app uninstall/implicit remove reload(no restart) |
| SPL-293681 | SAML AuthN Requests do not contain a ReplyURL unless 'signAuthnRequest' is true |
| SPL-294132 | Build supervisor with proper go build toolchain |
10.1.2507.15
Publication Date: January 09, 2026
Security Fixes:
| Security Level | Count |
|---|---|
| CRITICAL | 0 |
| HIGH | 1 |
| MEDIUM | 0 |
| LOW | 0 |
Fixed Issues:
Splunk Web and interface issues
| Issue Number | Description |
|---|---|
| SPL-292914 | ES Content Updates app is missing on the GCP sh stack |
| SPL-293083 | splunkd crash occurring on stack ES SH by incorrect SPL |
Upgrade issues
| Issue Number | Description |
|---|---|
| SPL-293091 | MainThread crash on start after upgrading from v9.3.1 |
10.1.2507.14
Publication Date: December 23, 2025
Fixed Issues:
Saved search, alerting, scheduling, and job management issues
| Issue Number | Description |
|---|---|
| SPL-290995 | High search periods lead to higher skips in pull |
| SPL-291890 | Fetcher to Scheduler copy takes a long time, leading to a degradation of scheduled search throughput |
| SPL-291898 | Making copy of Saved Search object in scheduler hot path leads to large degradation or pause of scheduled search thruput |
Search issues
| Issue Number | Description |
|---|---|
| SPL-291641 | Prevent stats from creating unlimited temp files without disk space restriction |
| SPL-291805 | Search results discrepancy for marker_name field |
| SPL-292038 | Auto adjusting idle search processes on hostwide memory usage |
Uncategorized issues
| Issue Number | Description |
|---|---|
| SPL-289606 | IPC Broker client crashes the Supervisor if Splunk API is not available |
| SPL-291960 | Newly created rules aren't affecting already running searches on single search head |
| SPL-292154 | INDX have finished the search properly but SH is not handling the closing properly and marking the search as failed |
| SPL-292556 | ReceiptValidator asserts on optional receipt.json field |
| SPL-292733 | DDAA GCP 'ExpireTime' as INT is not being indexed |
| SPL-292832 | Prevent crashes when ingesting events with Full TimeZone names |
10.1.2507.13
Publication Date: December 03, 2025
Fixed Issues:
Admin and CLI issues
| Issue Number | Description |
|---|---|
| SPL-290473 | Redact fields that match server.conf | encrypt_fields before writing to conf.log |
Monitoring Console/DMC issues
| Issue Number | Description |
|---|---|
| SPL-290867 | Investigate and repair broken links to Splunkbase apps |
Uncategorized issues
| Issue Number | Description |
|---|---|
| SPL-290701 | Correct Python libraries dependencies for Splunk 10.1 |
| SPL-291221 | Deadlock between _workloadMutex and _workloadMetricsMutex while computing workload metrics |
| SPL-291483 | Fallback download fails on TAI list generation |
| SPL-291578 | Exit early by default on app_list generation if it already exists |
10.1.2507.12
Publication Date: November 21, 2025
Fixed Issues:
Indexer and indexer clustering issues
| Issue Number | Description |
|---|---|
| SPL-286574 | Updated timestamp in output of rest api services/cluster/manager/info is incorrect |
Distributed search and search head clustering issues
| Issue Number | Description |
|---|---|
| SPL-289098 | SHPoolingListeners::notifyPeerHeartbeat hangs while holding SHPCaptain mutex bringing down scheduler and SHC functionality |
Splunk Web and interface issues
| Issue Number | Description |
|---|---|
| SPL-290860 | MaxLength property prevents clients to enter all the data they need |
Uncategorized issues
| Issue Number | Description |
|---|---|
| SPL-290291 | Fix missing fields in SAML config assignment operator and add missing values in conf persistence. |
10.1.2507.11
Publication Date: November 10, 2025
Security Fixes:
| Security Level | Count |
|---|---|
| CRITICAL | 0 |
| HIGH | 1 |
| MEDIUM | 0 |
| LOW | 0 |
Fixed Issues:
Distributed search and search head clustering issues
| Issue Number | Description |
|---|---|
| SPL-288714 | Superfluous WARN error message in search.log concerning search manifest granularity |
Upgrade issues
| Issue Number | Description |
|---|---|
| SPL-288840 | Upgrade Splunk is crashing after upgrading from 9.2.1 to 9.3.1. |
Indexer and indexer clustering issues
| Issue Number | Description |
|---|---|
| SPL-289711 | Splunk cluster manager - cluster bundle is stuck in Bundle validation is in progress |
Uncategorized issues
| Issue Number | Description |
|---|---|
| SPL-288478 | Modify replication default timeout and failure behavior |
| SPL-288565 | FPT_AEX_EXT.1.5 Safelogic's fips140-3/fips.so is built without stack protection |
| SPL-288699 | preventing subsearches from using Pure streaming optimizations added in SPL-284820 |
| SPL-284820 | Pure streaming queries take much longer for federated search |
| SPL-289044 | Dynamodb distributed locking replies with 500 instead of 503 |
| SPL-289131 | Fix double base64 encoding under OpenSSL3 |
| SPL-289170 | Splunkd crashes when attempting to remove a security token that is assigned to an LDAP user that has been removed. |
| SPL-289392 | Setup certificates across SHU |
10.0.2503.X Fixed Issues
This section includes information on fixed issues in 10.0.2503.X
10.0.2503.12
Publication Date: February 17, 2026
Security Fixes:
| Security Level | Count |
|---|---|
| CRITICAL | 0 |
| HIGH | 1 |
| MEDIUM | 2 |
| LOW | 0 |
Fixed Issues:
Universal forwarder issues
| Issue Number | Description |
|---|---|
| SPL-293950 | Splunk calls systemctl with LD_LIBRARY_PATH pointed to $SPLUNK_HOME/lib |
Search issues
| Issue Number | Description |
|---|---|
| SPL-295051 | mvexpand command may lose result fields under certain circumstances |
Uncategorized issues
| Issue Number | Description |
|---|---|
| SPL-291110 | Allow Go 1.25 sidecars to run in FIPS Mode |
| SPL-292190 | SF/RF values shown wrong on the Monitoring console and Indexers |
| SPL-294995 | Make go binary splunk-spotlight portable |
| SPL-295102 | Ingest Actions File System Memory deadlock issue |
| SPL-295362 | WLM is not logging placement rules triggers |
| SPL-295647 | Skip KV Store invalidation for search‑session tokens to reduce logout‑invalidation load |
| SPL-295969 | Remove AssertionConsumerServiceURL from unsigned SAML AuthnRequests |
10.0.2503.11
Publication Date: January 12, 2026
Security Fixes:
| Security Level | Count |
|---|---|
| CRITICAL | 0 |
| HIGH | 1 |
| MEDIUM | 2 |
| LOW | 1 |
Fixed Issues:
Saved search, alerting, scheduling, and job management issues
| Issue Number | Description |
|---|---|
| SPL-288831 | Making copy of Saved Search object in scheduler hot path leads to large degradation or pause of scheduled search thruput |
| SPL-291891 | Fetcher to Scheduler copy takes a long time, leading to a degradation of scheduled search throughput |
Admin and CLI issues
| Issue Number | Description |
|---|---|
| SPL-290472 | Redact fields that match server.conf | encrypt_fields before writing to conf.log |
| SPL-291227 | Observing the warning "egrep: warning: egrep is obsolescent; using grep -E" when trying the start Splunk on version 10. |
Monitoring Console/DMC issues
| Issue Number | Description |
|---|---|
| SPL-290865 | Fix the links pointing to Splunkbase apps in Apps UI |
Search issues
| Issue Number | Description |
|---|---|
| SPL-291639 | Prevent stats from creating unlimited temp files without disk space restriction |
| SPL-291804 | Search results discrepancy for marker_name field |
| SPL-292037 | Auto adjusting idle search processes on hostwide memory usage |
Distributed search and search head clustering issues
| Issue Number | Description |
|---|---|
| SPL-292912 | Bundle Replication Failure and searches not working in search Head Clustering (SHC) |
Splunk Web and interface issues
| Issue Number | Description |
|---|---|
| SPL-293082 | splunkd crash occurring on stack ES SH by incorrect SPL |
Upgrade issues
| Issue Number | Description |
|---|---|
| SPL-293089 | MainThread crash on start after upgrading from v9.3.1 |
Distributed deployment, forwarder, deployment server issues
| Issue Number | Description |
|---|---|
| SPL-293201 | Update serverclass.conf documentation |
Uncategorized issues
| Issue Number | Description |
|---|---|
| SPL-289606 | IPC Broker client crashes the Supervisor if Splunk API is not available |
| SPL-291958 | Newly created rules aren't affecting already running searches on single search head |
| SPL-292078 | Aging_out might OOM on older releases |
| SPL-292556 | ReceiptValidator asserts on optional receipt.json field |
| SPL-292831 | Prevent crashes when ingesting events with Full TimeZone names |
| SPL-293072 | FS fails with socket error if one of the RSH hogs the results queue for more than 5 minutes |
| SPL-293678 | SAML AuthN Requests do not contain a ReplyURL unless 'signAuthnRequest' is true |
10.0.2503.10
Publication Date: November 22, 2025
Fixed Issues:
Indexer and indexer clustering issues
| Issue Number | Description |
|---|---|
| SPL-286573 | updated timestamp in output of rest api services/cluster/manager/info is incorrect |
Distributed search and search head clustering issues
| Issue Number | Description |
|---|---|
| SPL-289097 | SHPoolingListeners::notifyPeerHeartbeat hangs while holding SHPCaptain mutex bringing down scheduler and SHC functionality |
Splunk Web and interface issues
| Issue Number | Description |
|---|---|
| SPL-290858 | MaxLength property prevents clients to enter all the data they need |
Uncategorized issues
| Issue Number | Description |
|---|---|
| SPL-289131 | Fix double base64 encoding under OpenSSL3 |
| SPL-290288 | Fix missing fields in SAML config assignment operator and add missing values in conf persistence. |
| SPL-290966 | Remove size check for evtFormatMsg() in splunk_winevtlog |
10.0.2503.9
Publication Date: November 04, 2025
Security Fixes:
| Security Level | Count |
|---|---|
| CRITICAL | 0 |
| HIGH | 1 |
| MEDIUM | 0 |
| LOW | 0 |
Fixed Issues:
Upgrade issues
| Issue Number | Description |
|---|---|
| SPL-288838 | Upgrade Splunk is crashing after upgrading from 9.2.1 to 9.3.1. |
Uncategorized issues
| Issue Number | Description |
|---|---|
| SPL-284619 | Stop the request if content-length exceeds the limit. |
| SPL-285860 | Rolling upgrade CLI help does not work for cluster-manager |
| SPL-288476 | Modify replication default timeout and failure behavior |
| SPL-288564 | FPT_AEX_EXT.1.5 Safelogic's fips140-3/fips.so is built without stack protection |
| SPL-288698 | preventing subsearches from using Pure streaming optimizations added in SPL-284820 |
| SPL-284820 | Pure streaming queries take much longer for federated search |
| SPL-288866 | AppExport throwing ImportError |
| SPL-289169 | Splunkd crashes when attempting to remove a security token that is assigned to an LDAP user that has been removed. |
9.3.2411.X Fixed Issues
This section includes information on fixed issues in 9.3.2411.X
9.3.2411.126
Publication Date: February 23, 2026
Security Fixes:
| Security Level | Count |
|---|---|
| CRITICAL | 0 |
| HIGH | 0 |
| MEDIUM | 1 |
| LOW | 0 |
9.3.2411.125
Publication Date: February 13, 2026
Fixed Issues:
Uncategorized issues
| Issue Number | Description |
|---|---|
| SPL-295646 | Skip KV Store invalidation for search‑session tokens to reduce logout‑invalidation load |
| SPL-295970 | Remove AssertionConsumerServiceURL from unsigned SAML AuthnRequests |
9.3.2411.124
Publication Date: February 04, 2026
Security Fixes:
| Security Level | Count |
|---|---|
| CRITICAL | 0 |
| HIGH | 1 |
| MEDIUM | 1 |
| LOW | 0 |
Fixed Issues:
Uncategorized issues
| Issue Number | Description |
|---|---|
| SPL-294695 | Fix crashes during heap dump collection on search heads |
9.3.2411.123
Publication Date: January 13, 2026
Security Fixes:
| Security Level | Count |
|---|---|
| CRITICAL | 0 |
| HIGH | 0 |
| MEDIUM | 1 |
| LOW | 2 |
Fixed Issues:
Search issues
| Issue Number | Description |
|---|---|
| SPL-292047 | Auto adjusting idle search processes on hostwide memory usage |
Splunk Web and interface issues
| Issue Number | Description |
|---|---|
| SPL-293086 | splunkd crash occurring on stack ES SH by incorrect SPL |
Uncategorized issues
| Issue Number | Description |
|---|---|
| SPL-289606 | IPC Broker client crashes the Supervisor if Splunk API is not available |
| SPL-292336 | Update to NFR license expiring 2026/12/31 |
9.3.2411.122
Publication Date: December 15, 2025
Fixed Issues:
Splunk Web and interface issues
| Issue Number | Description |
|---|---|
| SPL-285822 | UI slowness/timeouts while accessing macros and searches |
Admin and CLI issues
| Issue Number | Description |
|---|---|
| SPL-290471 | Redact fields that match server.conf | encrypt_fields before writing to conf.log |
Monitoring Console/DMC issues
| Issue Number | Description |
|---|---|
| SPL-290866 | Fix the links pointing to Splunkbase apps in Apps UI |
Search issues
| Issue Number | Description |
|---|---|
| SPL-291640 | Prevent stats from creating unlimited temp files without disk space restriction |
Saved search, alerting, scheduling, and job management issues
| Issue Number | Description |
|---|---|
| SPL-291892 | Fetcher to Scheduler copy takes a long time, leading to a degradation of scheduled search throughput |
| SPL-291900 | Making copy of Saved Search object in scheduler hot path leads to large degradation or pause of scheduled search thruput |
Uncategorized issues
| Issue Number | Description |
|---|---|
| SPL-291959 | Newly created rules aren't affecting already running searches on single search head |
| SPL-292077 | Aging_out might OOM on older releases |
9.3.2411.121
Publication Date: November 22, 2025
Fixed Issues:
Distributed search and search head clustering issues
| Issue Number | Description |
|---|---|
| SPL-289104 | SHPoolingListeners::notifyPeerHeartbeat hangs while holding SHPCaptain mutex bringing down scheduler and SHC functionality |
Splunk Web and interface issues
| Issue Number | Description |
|---|---|
| SPL-290859 | MaxLength property prevents clients to enter all the data they need |
Uncategorized issues
| Issue Number | Description |
|---|---|
| SPL-289168 | Splunkd crashes when attempting to remove a security token that is assigned to an LDAP user that has been removed. |
| SPL-289441 | Stop the request if content-length exceeds the limit. |
| SPL-290289 | Fix missing fields in SAML config assignment operator and add missing values in conf persistence. |
9.3.2411.120
Publication Date: November 05, 2025
Security Fixes:
| Security Level | Count |
|---|---|
| CRITICAL | 0 |
| HIGH | 1 |
| MEDIUM | 1 |
| LOW | 0 |
Fixed Issues:
Upgrade issues
| Issue Number | Description |
|---|---|
| SPL-288880 | Upgrade Splunk is crashing after upgrading from 9.2.1 to 9.3.1. |
Uncategorized issues
| Issue Number | Description |
|---|---|
| SPL-285861 | Rolling upgrade CLI help does not work for cluster-manager |
| SPL-287907 | DMC HEC input support for _meta in inputs.conf |
| SPL-288477 | Modify replication default timeout and failure behavior |