OS Command Injection in the btool Configuration Helper in Splunk AI Toolkit
Advisory ID: SVD-2026-0614
CVE ID: CVE-2026-20266
Published: 2026-06-17
Last Update: 2026-06-17
CVSSv3.1 Score: 9.1, Critical
CVSSv3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
CWE: CWE-78
Bug ID: VULN-65723
Description
In Splunk AI Toolkit versions below 5.7.4, a user who holds the “admin” Splunk role could execute arbitrary OS commands on the host running the Splunk Enterprise instance.
The vulnerability is possible because of an unsafe shell execution pattern in the btool configuration helper, which constructs OS command strings from dynamic parameters without disabling shell interpretation.
Solution
Upgrade Splunk AI Toolkit to version 5.7.4 or higher.
Product Status
| Product | Base Version | Affected Version | Fix Version |
|---|---|---|---|
| Splunk AI Toolkit | 5.7 | Below 5.7.4 | 5.7.4 |
Mitigations and Workarounds
Uninstall the Splunk AI Toolkit. See Manage app and add-on objects in the Splunk documentation.
Detections
None
Severity
Splunk rates this vulnerability a 9.1, Critical, with a CVSSv3.1 vector of CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H.
Acknowledgments
Gabriel Nitu, Splunk