CVE Catalog

CVE-2026-0270

MediumCVSS 4.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.03%

9th percentile — higher than 9% of all known CVEs

Summary

A path traversal vulnerability in Palo Alto Networks Cortex XSOAR engine software running on Linux allows an unauthenticated attacker on an adjacent network to write arbitrary files to the host.

Risk Assessment

An attacker conducting a man-in-the-middle attack can manipulate network traffic, posing a serious threat to the integrity and confidentiality of organizational data.

Recommendation

It is recommended to implement appropriate security measures, such as monitoring network traffic and updating the software to the latest version to minimize risk.

Original NVD description (English source)

A path traversal vulnerability in Palo Alto Networks Cortex XSOAR engine software running on Linux allows an unauthenticated attacker on an adjacent network, with the ability to intercept and manipulate network response traffic via a man-in-the-middle (MITM) attack, to write arbitrary files to the host.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS