CVE-2026-20265
MEDIUMInsecure Default Domain Allowlist in Splunk AI Toolkit
Title source: cnaDescription
In Splunk AI Toolkit versions below 5.7.4, a low-privileged user that does not hold the "admin" or "power" Splunk roles could cause the Splunk AI Toolkit to make outbound requests over HTTP to a server that an attacker controls, which could allow for data exfiltration. The vulnerability exists because of an insecure default domain allowlist in the Splunk AI Toolkit, which does not restrict outbound AI agent requests to approved external domains.
References (1)
Core 1
Core References
Scores
CVSS v3
4.3
EPSS
0.0022
EPSS Percentile
12.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-1188
Status
published
Products (2)
splunk/ai_toolkit
5.7.0 - 5.7.4
Splunk/Splunk AI Toolkit
5.7 - 5.7.4
Published
Jun 17, 2026
Tracked Since
Jun 17, 2026