CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

Splunk security advisory (AV26-614)

critical
Serial number: AV26-614 Date: June 17, 2026 On June 17, 2026, Splunk published security advisories to address vulnerabilities in the following product. Included was a critical update for the following: Splunk AI Toolkit – versions prior to 5.7.4 The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates. OS Command Injection in the btool Configuration Helper in Splunk AI Toolkit Splunk Security Advisories

CSIRTS triage

What
OS Command Injection vulnerability in the btool Configuration Helper.
Who is affected
Users of Splunk AI Toolkit versions prior to 5.7.4.
Urgency
Remediation is critical due to the potential for exploitation.
Action
Update to Splunk AI Toolkit version 5.7.4 or later.

AI-assisted analysis generated from the source advisory — verify against the original.

⚡ Watch Splunk AI Toolkit

Get an email when a new Splunk AI Toolkit advisory drops — max one per day, one-click unsubscribe.

Details

Source
Canadian Centre for Cyber Security (CA · national-cert · site)
Severity
critical
Published
2026-06-17
Exploitation
Not in CISA KEV at last sync

Original advisory: https://cyber.gc.ca/en/alerts-advisories/splunk-security-advisory-av26-614

More from Canadian Centre for Cyber Security