Do Son 
- Product: Splunk AI Toolkit
- Vulnerabilities: 2 flaws (CVE-2026-20266, CVE-2026-20265)
- Highest severity: 9.1 (Critical)
- Worst impact: OS Command Injection
- Status: No confirmed exploitation yet; patches available
- Action: Update Splunk AI Toolkit to 5.7.4 now
| CVE | CVSS | Type | Fixed in | Status |
|---|---|---|---|---|
| CVE-2026-20266 | 9.1 | OS Command Injection in the btool Configuration Helper in | 5.7.4 | Not exploited |
| CVE-2026-20265 | 4.3 | Insecure Default Domain Allowlist in | 5.7.4 | Not exploited |
Administrators must address new Splunk AI Toolkit vulnerabilities immediately. Recently, security researchers disclosed two significant flaws affecting the platform. Specifically, these issues expose enterprise systems to severe risks. Therefore, organizations running older versions must prioritize patching.
Severe OS Command Injection Flaw
The most critical issue is CVE-2026-20266. It carries a severe CVSS score of 9.1. This flaw allows a user with the “admin” role to execute arbitrary OS commands. Consequently, attackers can compromise the host running the Splunk Enterprise instance.
The vulnerability stems from an unsafe shell execution pattern. Specifically, the btool configuration helper constructs OS command strings from dynamic parameters. Unfortunately, it fails to disable shell interpretation. You can find more details in the official Splunk advisory for SVD-2026-0614.
Insecure Domain Allowlist Risk
Furthermore, a second flaw tracks as CVE-2026-20265. It features a moderate CVSS score of 4.3. However, it still presents a notable security risk. In vulnerable versions, a low-privileged user can force the toolkit to make outbound HTTP requests. Consequently, this action could allow for data exfiltration to an attacker-controlled server.
This issue exists because of an insecure default domain allowlist. It does not properly restrict outbound AI agent requests. For complete context, review the Splunk advisory for SVD-2026-0613.
Required Remediation Steps
Thankfully, patching these Splunk AI Toolkit vulnerabilities is straightforward. Both flaws affect toolkit versions below 5.7.4. Therefore, users must upgrade their Splunk AI Toolkit to version 5.7.4 or higher. First, verify your current installation version. Next, apply the necessary updates promptly. Ultimately, swift patching prevents potential system compromises and data leaks.
Support Our Threat Intelligence
If you find our CVE report and cybersecurity news helpful, consider supporting our work.
Buy Me a Coffee
PayPal
