CVE-2026-0270
MediumCVSS 4.8Exploitation Probability (EPSS)
Low risk9th percentile — higher than 9% of all known CVEs
Summary
A path traversal vulnerability in Palo Alto Networks Cortex XSOAR engine software running on Linux allows an unauthenticated attacker on an adjacent network to write arbitrary files to the host.
Risk Assessment
An attacker conducting a man-in-the-middle attack can manipulate network traffic, posing a serious threat to the integrity and confidentiality of organizational data.
Recommendation
It is recommended to implement appropriate security measures, such as monitoring network traffic and updating the software to the latest version to minimize risk.
Original NVD description (English source)
A path traversal vulnerability in Palo Alto Networks Cortex XSOAR engine software running on Linux allows an unauthenticated attacker on an adjacent network, with the ability to intercept and manipulate network response traffic via a man-in-the-middle (MITM) attack, to write arbitrary files to the host.

