CVE-2026-20266

CRITICAL 9.1

OS Command Injection in the btool Configuration Helper in Splunk AI Toolkit

CVSS Score

9.1

EPSS Score

0.0%

EPSS Percentile

0th

In Splunk AI Toolkit versions below 5.7.4, a user who holds the "admin" Splunk role could execute arbitrary OS commands on the host running the Splunk Enterprise instance. The vulnerability is possible because of an unsafe shell execution pattern in the btool configuration helper, which constructs OS command strings from dynamic parameters without disabling shell interpretation.

CWE	CWE-78
Vendor	splunk
Product	splunk ai toolkit
Published	Jun 17, 2026
Last Updated	Jun 17, 2026

Stay Ahead of the Next One

Get instant alerts for splunk splunk ai toolkit

Be the first to know when new critical vulnerabilities affecting splunk splunk ai toolkit are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

Affected Versions

Splunk / Splunk AI Toolkit

5.7 < 5.7.4

References

NVD ↗ CVE.org ↗ EPSS Data ↗

advisory.splunk.com: https://advisory.splunk.com/advisories/SVD-2026-0614

Credits

Gabriel Nitu, Splunk