CVE Catalog

CVE-2026-0234

CriticalCVSS 9.1
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.23%

14th percentile - higher than 14% of all known CVEs

Summary

An improper verification of cryptographic signature vulnerability in Cortex XSOAR and Cortex XSIAM platforms during Microsoft Teams integration allows an unauthenticated user to access and modify protected resources.

Risk Assessment

The organization is at risk of unauthorized access to sensitive data and potential modification by an unauthenticated attacker, compromising system integrity and confidentiality.

Recommendation

Apply the security update provided by the vendor for Cortex XSOAR and Cortex XSIAM immediately, and verify the Microsoft Teams integration configuration.

Original NVD description (English source)

An improper verification of cryptographic signature vulnerability exists in Cortex XSOAR and Cortex XSIAM platforms during integration of Microsoft Teams that enables an unauthenticated user to access and modify protected resources.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS