CVE-2026-0270
published 2026-06-10CVE-2026-0270: A path traversal vulnerability in Palo Alto Networks Cortex XSOAR engine software running on Linux allows an unauthenticated attacker on an adjacent network…
PriorityP428medium4.8CVSS 4.0
AVAACHATPPRNUIPVCHVIHVAHSCNSINSANEUCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUYRUVDREMUAmber
EPSS
0.16%
5.1th percentile
A path traversal vulnerability in Palo Alto Networks Cortex XSOAR engine software running on Linux allows an unauthenticated attacker on an adjacent network, with the ability to intercept and manipulate network response traffic via a man-in-the-middle (MITM) attack, to write arbitrary files to the host.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| palo_alto_networks | cortex_xsoar | — | — |
| palo_alto_networks | cortex_xsoar | — | — |
| palo_alto_networks | cortex_xsoar | — | — |
| palo_alto_networks | cortex_xsoar | >= 8.13 < 8.13.0.11 | 8.13.0.11 |
| paloalto | cortex_xsoar | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Palo Alto
Cortex XSOAR: Path Traversal Vulnerability
vendor_paloalto·CVSS 4.8
CVE-2026-0270 [MEDIUM] CWE-22 Cortex XSOAR: Path Traversal Vulnerability
Cortex XSOAR: Path Traversal Vulnerability
A path traversal vulnerability in Palo Alto Networks Cortex XSOAR engine software running on Linux allows an unauthenticated attacker on an adjacent network, with the ability to intercept and manipulate network response traffic via a man-in-the-middle (MITM) attack, to write arbitrary files to the host.
Affected products: Cortex XSOAR
Solution: VERSION MINOR VERSION SUGGESTED SOLUTION
Cortex XSOAR 8.13 on Linux 8.13.0 Upgrade to 8.13.0.11 or later.
Workaround: Palo Alto Networks is not aware of any malicious exploitation of these issues.
Citrix
Citrix Security Bulletin CTX220329
vendor_citrix·CVSS 5.9
CVE-2016-0270 [MEDIUM] Citrix Security Bulletin CTX220329
Citrix Security Bulletin CTX220329
CVE References: CVE-2016-0270, CVE-2017-5933, CVE-2025-12101, CVE-2025-62626, CVE-2026-23554, CVE-2026-3055, CVE-2026-4368, CVE-2026-4397
Affected Products: Citrix ADM, Citrix Hypervisor, Citrix Virtual Apps and Desktops, Endpoint Management, NetScaler ADC, NetScaler Gateway, XenServer
GHSA
A path traversal vulnerability in Palo Alto Networks Cortex XSOAR engine software running on Linux allows an unauthenticated attacker on an adjacent network, with the ability to intercept and manipul
ghsa_unreviewed·2026-06-11
CVE-2026-0270 [MEDIUM] CWE-22 A path traversal vulnerability in Palo Alto Networks Cortex XSOAR engine software running on Linux allows an unauthenticated attacker on an adjacent network, with the ability to intercept and manipul
A path traversal vulnerability in Palo Alto Networks Cortex XSOAR engine software running on Linux allows an unauthenticated attacker on an adjacent network, with the ability to intercept and manipulate network response traffic via a man-in-the-middle (MITM) attack, to write arbitrary files to the host.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2026-06-10
Published