CVE-2026-20265

🔶 medium

Summary

In Splunk AI Toolkit versions below 5.7.4, a low-privileged user that does not hold the "admin" or "power" Splunk roles could cause the Splunk AI Toolkit to make outbound requests over HTTP to a server that an attacker controls, which could allow for data exfiltration. The vulnerability exists because of an insecure default domain allowlist in the Splunk AI Toolkit, which does not restrict outbound AI agent requests to approved external domains.

CVSS Score

4.3

Medium

EPSS Score

0.2

Exploit Probability

Published Date

2026-06-17

First Seen: 2026-06-25

📊 Relative Risk Intelligence

This CVE is Lower Risk - more severe than 5.4% of all 330,193 vulnerabilities in our database.

#312,358

Below average severity

Severity Percentile

🎯 CISA SSVC Assessment Updated: Jun 17, 2026

🔍 Exploitation Status

None

No known exploits

⚙️ Automatable

Requires human interaction

💥 Technical Impact

Partial

Limited system impact

🏆 Discovered By

Gabriel Nitu, Splunk

SSVC data provided by CISA

Last Modified 2026-06-22

Source NVD 🔗

CVSS Vector 3.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CWE IDs (Weakness Types)

CWE-1188

CVE ID	Severity	CVSS	EPSS	Summary	Published
CVE-2026-20266	⛔ critical	9.1	0.5	In Splunk AI Toolkit versions below 5.7.4, a user who holds the "admin" Splunk role could execute arbitrary OS commands ...	2026-06-17
CVE-2026-20238	🔶 medium	6.5	0.0	In Splunk AI Toolkit versions below 5.7.3, a low-privileged user that does not hold the 'admin' or 'power' roles could a...	2026-05-20

CVE-2026-20265

Summary

📊 Relative Risk Intelligence

🎯 CISA SSVC Assessment Updated: Jun 17, 2026

📦 Affected Products 1

🔗 References 1

🔗 Related CVEs 2