cvedb.io
CVE-2026-20265
MEDIUM · CVSS 4.3
EPSS exploitation probability: 0%
Published 2026-06-17T18:17:40.600 · Last modified 2026-06-22T12:46:06.703

Summary

In Splunk AI Toolkit versions below 5.7.4, a low-privileged user that does not hold the "admin" or "power" Splunk roles could cause the Splunk AI Toolkit to make outbound requests over HTTP to a server that an attacker controls, which could allow for data exfiltration. The vulnerability exists because of an insecure default domain allowlist in the Splunk AI Toolkit, which does not restrict outbound AI agent requests to approved external domains.

Affected products

splunk — ai_toolkit

Does this affect you?

Add your gear to cvedb and we'll alert you only when splunk ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.