CVE-2026-20265

MEDIUM 4.3

Insecure Default Domain Allowlist in Splunk AI Toolkit

CVSS Score

4.3

EPSS Score

0.0%

EPSS Percentile

0th

In Splunk AI Toolkit versions below 5.7.4, a low-privileged user that does not hold the "admin" or "power" Splunk roles could cause the Splunk AI Toolkit to make outbound requests over HTTP to a server that an attacker controls, which could allow for data exfiltration. The vulnerability exists because of an insecure default domain allowlist in the Splunk AI Toolkit, which does not restrict outbound AI agent requests to approved external domains.

CWE	CWE-1188
Vendor	splunk
Product	splunk ai toolkit
Published	Jun 17, 2026
Last Updated	Jun 17, 2026

Stay Ahead of the Next One

Get instant alerts for splunk splunk ai toolkit

Be the first to know when new medium vulnerabilities affecting splunk splunk ai toolkit are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

Affected Versions

Splunk / Splunk AI Toolkit

5.7 < 5.7.4

References

NVD ↗ CVE.org ↗ EPSS Data ↗

advisory.splunk.com: https://advisory.splunk.com/advisories/SVD-2026-0613

Credits

Gabriel Nitu, Splunk