A vulnerability classified as critical was found in Splunk AI Toolkit up to 5.7.3 . The affected element is an unknown function of the component Configuration Handler . Such manipulation leads to os command injection. This vulnerability is uniquely identified as CVE-2026-20266 . The attack can be launched remotely. No exploit exists. Upgrading the affected component is advised.