CVE-2026-20238 – Improper Access Control through Role Inheritance in Splunk AI Toolkit app

CVE ID :CVE-2026-20238

Published : May 20, 2026, 6:16 p.m. | 41 minutes ago

Description :In Splunk AI Toolkit versions below 5.7.3, a low-privileged user that does not hold the ‘admin’ or ‘power’ roles could access confidential data that was restricted through `srchFilter` configurations on custom roles.The app contains an `authorize.conf` configuration file with a `srchFilter` entry that modifies the built-in ‘user’ role. Because the Splunk platform combines inherited search filters with the `OR` SPL operator, the injected filter overrides more restrictive filters on child roles.

Severity: 6.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more… 

نوشته های مشابه

CVE-2026-30691 – Cyntler React Doc Viewer XSS

CVE-2026-20240 – Denial of Service through coldToFrozen.sh Script in Splunk Enterprise

CVE-2026-20239 – Sensitive Information Disclosure through Log Files in Splunk Enterprise

CVE-2026-9101 – Prototype pollution in csv parsing