CVE-2026-20266
published 2026-06-17CVE-2026-20266: In Splunk AI Toolkit versions below 5.7.4, a user who holds the "admin" Splunk role could execute arbitrary OS commands on the host running the Splunk…
PriorityP261critical9.1CVSS 3.1
AVNACLPRHUINSCCHIHAH
EPSS
0.47%
37.1th percentile
In Splunk AI Toolkit versions below 5.7.4, a user who holds the "admin" Splunk role could execute arbitrary OS commands on the host running the Splunk Enterprise instance.
The vulnerability is possible because of an unsafe shell execution pattern in the btool configuration helper, which constructs OS command strings from dynamic parameters without disabling shell interpretation.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| splunk | ai_toolkit | >= 5.7.0 < 5.7.4 | 5.7.4 |
| splunk | splunk_ai_toolkit | >= 5.7 < 5.7.4 | 5.7.4 |
CVSS provenance
nvdv3.19.1CRITICALCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
cvelistv5v3.19.1CRITICALCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
In Splunk AI Toolkit versions below 5.7.4, a user who holds the "admin" Splunk role could execute arbitrary OS commands on the host running the Splunk Enterprise instance.
ghsa_unreviewed·2026-06-17
CVE-2026-20266 [CRITICAL] CWE-78 In Splunk AI Toolkit versions below 5.7.4, a user who holds the "admin" Splunk role could execute arbitrary OS commands on the host running the Splunk Enterprise instance.
In Splunk AI Toolkit versions below 5.7.4, a user who holds the "admin" Splunk role could execute arbitrary OS commands on the host running the Splunk Enterprise instance.
The vulnerability is possible because of an unsafe shell execution pattern in the btool configuration helper, which constructs OS command strings from dynamic parameters without disabling shell interpretation.
VulDB
Splunk AI Toolkit up to 5.7.3 Configuration os command injection (SVD-2026-0614)
vuldb·2026-06-17
CVE-2026-20266 [CRITICAL] Splunk AI Toolkit up to 5.7.3 Configuration os command injection (SVD-2026-0614)
A vulnerability classified as critical was found in Splunk AI Toolkit up to 5.7.3. The affected element is an unknown function of the component Configuration Handler. Such manipulation leads to os command injection.
This vulnerability is uniquely identified as CVE-2026-20266. The attack can be launched remotely. No exploit exists.
Upgrading the affected component is advised.
CVEList
OS Command Injection in the btool Configuration Helper in Splunk AI Toolkit
cvelistv5·2026-06-17·CVSS 9.1
CVE-2026-20266 [CRITICAL] CWE-78 OS Command Injection in the btool Configuration Helper in Splunk AI Toolkit
OS Command Injection in the btool Configuration Helper in Splunk AI Toolkit
In Splunk AI Toolkit versions below 5.7.4, a user who holds the "admin" Splunk role could execute arbitrary OS commands on the host running the Splunk Enterprise instance.
The vulnerability is possible because of an unsafe shell execution pattern in the btool configuration helper, which constructs OS command strings from dynamic parameters without disabling shell interpretation.
No detection rules found.
No public exploits indexed.
2026-06-17
Published