CVE Catalog

CVE-2026-20266

CriticalCVSS 9.1
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.45%

36th percentile — higher than 36% of all known CVEs

Summary

In Splunk AI Toolkit versions below 5.7.4, a user with the 'admin' role can execute arbitrary OS commands on the host running the Splunk Enterprise instance. The vulnerability is due to an unsafe shell execution pattern in the btool configuration helper.

Risk Assessment

The organization may be exposed to unauthorized execution of OS commands, potentially leading to serious security breaches and data loss.

Recommendation

It is recommended to upgrade to Splunk AI Toolkit version 5.7.4 or later to mitigate this vulnerability.

Original NVD description (English source)

In Splunk AI Toolkit versions below 5.7.4, a user who holds the "admin" Splunk role could execute arbitrary OS commands on the host running the Splunk Enterprise instance. The vulnerability is possible because of an unsafe shell execution pattern in the btool configuration helper, which constructs OS command strings from dynamic parameters without disabling shell interpretation.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS