{"document":{"category":"csaf_vex","csaf_version":"2.0","title":"CVE-2026-20266: OS Command Injection in the btool Configuration Helper in Splunk AI Toolkit","publisher":{"category":"vendor","name":"HarborGuard Database","namespace":"https://database.harborguard.co"},"tracking":{"id":"CVE-2026-20266","status":"final","version":"1","initial_release_date":"2026-06-17T17:07:24.598Z","current_release_date":"2026-06-17T18:04:08.968Z","revision_history":[{"date":"2026-06-17T17:07:24.598Z","number":"1","summary":"Initial machine-readable export from HarborGuard."}]},"distribution":{"tlp":{"label":"WHITE"},"text":"Public CVE data; freely redistributable."},"notes":[{"category":"description","text":"In Splunk AI Toolkit versions below 5.7.4, a user who holds the \"admin\" Splunk role could execute arbitrary OS commands on the host running the Splunk Enterprise instance.  \n\nThe vulnerability is possible because of an unsafe shell execution pattern in the btool configuration helper, which constructs OS command strings from dynamic parameters without disabling shell interpretation.","title":"CVE description"}],"references":[{"category":"self","summary":"CVE-2026-20266 on HarborGuard Database","url":"https://database.harborguard.co/cve/CVE-2026-20266"},{"category":"external","summary":"CVE Record","url":"https://www.cve.org/CVERecord?id=CVE-2026-20266"},{"category":"external","summary":"advisory.splunk.com","url":"https://advisory.splunk.com/advisories/SVD-2026-0614"}]},"product_tree":{"branches":[{"category":"vendor","name":"Splunk","branches":[{"category":"product_name","name":"Splunk AI Toolkit","branches":[{"category":"product_version_range","name":">=5.7 <5.7.4","product":{"name":"Splunk Splunk AI Toolkit >=5.7 <5.7.4","product_id":"CSAFPID-1","product_identification_helper":{"cpe":"cpe:2.3:a:splunk:splunk_ai_toolkit:*:*:*:*:*:*:*:*"}}}]}]}]},"vulnerabilities":[{"cve":"CVE-2026-20266","title":"OS Command Injection in the btool Configuration Helper in Splunk AI Toolkit","notes":[{"category":"description","text":"In Splunk AI Toolkit versions below 5.7.4, a user who holds the \"admin\" Splunk role could execute arbitrary OS commands on the host running the Splunk Enterprise instance.  \n\nThe vulnerability is possible because of an unsafe shell execution pattern in the btool configuration helper, which constructs OS command strings from dynamic parameters without disabling shell interpretation.","title":"CVE description"}],"product_status":{"known_affected":["CSAFPID-1"]},"scores":[{"cvss_v3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H","baseScore":9.1,"baseSeverity":"CRITICAL"},"products":["CSAFPID-1"]}],"remediations":[{"category":"vendor_fix","details":"Update to a fixed version: 5.7.4.","product_ids":["CSAFPID-1"]}]}]}