Splunk and Palo Alto Networks released patches Wednesday for multiple vulnerabilities across their products, with the most severe being a critical flaw in Splunk Enterprise that could allow unauthenticated attackers to create and modify files through an unprotected database service endpoint. Palo Alto addressed a high-severity credential validation issue in its Cortex platforms, while Splunk fixed over a dozen vulnerabilities including bugs that could enable remote code execution and data theft. Neither company has seen evidence of these flaws being actively exploited in the wild.