CVE-2026-0270

UNKNOWN 0.0

Cortex XSOAR: Path Traversal Vulnerability

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

A path traversal vulnerability in Palo Alto Networks Cortex XSOAR engine software running on Linux allows an unauthenticated attacker on an adjacent network, with the ability to intercept and manipulate network response traffic via a man-in-the-middle (MITM) attack, to write arbitrary files to the host.

CWE	CWE-22
Vendor	palo alto networks
Product	cortex xsoar
Published	Jun 10, 2026

Stay Ahead of the Next One

Get instant alerts for palo alto networks cortex xsoar

Be the first to know when new unknown vulnerabilities affecting palo alto networks cortex xsoar are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Palo Alto Networks / Cortex XSOAR

8.13 < 8.13.0.11

Palo Alto Networks / Cortex XSOAR

8.12.0 8.11.0 8.10.0

References

NVD ↗ CVE.org ↗ EPSS Data ↗

security.paloaltonetworks.com: https://security.paloaltonetworks.com/CVE-2026-0270 nvd.nist.gov: https://nvd.nist.gov/vuln/detail/CVE-2007-4559

Credits

Palo Alto Networks thanks the internal security team for discovering and reporting this issue.