MEDIUM✓ PATCH🇬🇧 English

CVE-2026-20265

CVSS 4.3v3.1pub. 2026-06-17upd. 2026-06-22

In Splunk AI Toolkit versions below 5.7.4, a low-privileged user that does not hold the "admin" or "power" Splunk roles could cause the Splunk AI Toolkit to make outbound requests over HTTP to a server that an attacker controls, which could allow for data exfiltration. The vulnerability exists because of an insecure default domain allowlist in the Splunk AI Toolkit, which does not restrict outbound AI agent requests to approved external domains.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  • Splunk Ai Toolkit

    APP
    Splunk
    5.7.0 – 5.7.4 (bez)
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
CWE
Referencje

Powiązane podatności

CVE-2026-20266CRITICAL9.1ten sam produkt

In Splunk AI Toolkit versions below 5.7.4, a user who holds the "admin" Splunk role could execute arbitrary OS...

CVE-2026-20238MEDIUM6.5ten sam produkt

In Splunk AI Toolkit versions below 5.7.3, a low-privileged user that does not hold the 'admin' or 'power' rol...

CVE-2026-20253CRITICAL9.8⚠ KEVPL ✓ten sam vendor

Splunk Enterprise — tworzenie/skracanie plików bez uwierzytelnienia przez sidecar PostgreSQL

CVE-2023-23914CRITICAL9.1ten sam vendor

A cleartext transmission of sensitive information vulnerability exists in curl <v7.88.0 that could cause HSTS ...

CVE-2022-32221CRITICAL9.8ten sam vendor

When doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask ...