CVE-2026-20265
Received Received - Intake

Outbound HTTP Requests in Splunk AI Toolkit

Vulnerability report for CVE-2026-20265, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-06-17

Last updated on: 2026-06-22

Assigner: Cisco Systems, Inc.

Description

In Splunk AI Toolkit versions below 5.7.4, a low-privileged user that does not hold the "admin" or "power" Splunk roles could cause the Splunk AI Toolkit to make outbound requests over HTTP to a server that an attacker controls, which could allow for data exfiltration. The vulnerability exists because of an insecure default domain allowlist in the Splunk AI Toolkit, which does not restrict outbound AI agent requests to approved external domains.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-06-17
Last Modified
2026-06-22
Generated
2026-07-08
AI Q&A
2026-06-17
EPSS Evaluated
2026-07-06
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
splunk ai_toolkit From 5.7.0 (inc) to 5.7.4 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-1188 The product initializes or sets a resource with a default that is intended to be changed by the product's installer, administrator, or maintainer, but the default is not secure.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

CVE-2026-20265 is a vulnerability in Splunk AI Toolkit versions below 5.7.4 that allows a low-privileged user, who does not have admin or power roles, to cause the toolkit to make outbound HTTP requests to servers controlled by an attacker.

This happens because the Splunk AI Toolkit has an insecure default domain allowlist that does not restrict outbound AI agent requests to only approved external domains.

Impact Analysis

The vulnerability can lead to data exfiltration, as an attacker-controlled server can receive outbound HTTP requests initiated by the vulnerable Splunk AI Toolkit.

This means sensitive data could be leaked without proper authorization, potentially compromising confidentiality.

Detection Guidance

No official detection methods or commands are provided by Splunk for this vulnerability.

Mitigation Strategies

To mitigate this vulnerability, upgrade the Splunk AI Toolkit to version 5.7.4 or higher.

Alternatively, manually configure the local/mlspl.conf file to explicitly list approved domains under the [ai:AllowedDomains] stanza and ensure enforce_domain_validation is set to true.

If neither upgrade nor configuration is possible, disable the Splunk AI Toolkit to prevent exploitation.

Compliance Impact

This vulnerability allows low-privileged users to cause the Splunk AI Toolkit to make outbound HTTP requests to attacker-controlled servers, potentially leading to data exfiltration.

Such unauthorized data exfiltration could impact compliance with data protection regulations like GDPR and HIPAA, which require strict controls over personal and sensitive data to prevent unauthorized access or disclosure.

Therefore, if exploited, this vulnerability could lead to violations of these standards by exposing sensitive data to unauthorized parties.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-20265. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart