CVE-2026-20265
Received Received - Intake
BaseFortify

Publication date: 2026-06-17

Last updated on: 2026-06-17

Assigner: Cisco Systems, Inc.

Description
In Splunk AI Toolkit versions below 5.7.4, a low-privileged user that does not hold the "admin" or "power" Splunk roles could cause the Splunk AI Toolkit to make outbound requests over HTTP to a server that an attacker controls, which could allow for data exfiltration. The vulnerability exists because of an insecure default domain allowlist in the Splunk AI Toolkit, which does not restrict outbound AI agent requests to approved external domains.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-17
Last Modified
2026-06-17
Generated
2026-06-18
AI Q&A
2026-06-17
EPSS Evaluated
N/A
NVD
CVE-2026-20265
EUVD
EUVD-2026-37767
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
splunk splunk_ai_toolkit to 5.7.4 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-1188 The product initializes or sets a resource with a default that is intended to be changed by the product's installer, administrator, or maintainer, but the default is not secure.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-20265 is a vulnerability in Splunk AI Toolkit versions below 5.7.4 that allows a low-privileged user, who does not have admin or power roles, to cause the toolkit to make outbound HTTP requests to servers controlled by an attacker.

This happens because the Splunk AI Toolkit has an insecure default domain allowlist that does not restrict outbound AI agent requests to only approved external domains.

Impact Analysis

The vulnerability can lead to data exfiltration, as an attacker-controlled server can receive outbound HTTP requests initiated by the vulnerable Splunk AI Toolkit.

This means sensitive data could be leaked without proper authorization, potentially compromising confidentiality.

Detection Guidance

No official detection methods or commands are provided by Splunk for this vulnerability.

Mitigation Strategies

To mitigate this vulnerability, upgrade the Splunk AI Toolkit to version 5.7.4 or higher.

Alternatively, manually configure the local/mlspl.conf file to explicitly list approved domains under the [ai:AllowedDomains] stanza and ensure enforce_domain_validation is set to true.

If neither upgrade nor configuration is possible, disable the Splunk AI Toolkit to prevent exploitation.

Compliance Impact

This vulnerability allows low-privileged users to cause the Splunk AI Toolkit to make outbound HTTP requests to attacker-controlled servers, potentially leading to data exfiltration.

Such unauthorized data exfiltration could impact compliance with data protection regulations like GDPR and HIPAA, which require strict controls over personal and sensitive data to prevent unauthorized access or disclosure.

Therefore, if exploited, this vulnerability could lead to violations of these standards by exposing sensitive data to unauthorized parties.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-20265. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart