Improper Cert Sig Verif in Palo Alto Cortex XSOAR/XSIAM Teams Integration
CVE-2026-0234 Published on April 13, 2026

Cortex XSOAR: Improper Verification of Cryptographic Signature in Microsoft Teams integration
An improper verification of cryptographic signature vulnerability exists in Cortex XSOAR and Cortex XSIAM platforms during integration of Microsoft Teams that enables an unauthenticated user to access and modify protected resources.

Vendor Advisory NVD

Timeline

2026-04-08

Initial Publication

Weakness Type

Improper Verification of Cryptographic Signature

The software does not verify, or incorrectly verifies, the cryptographic signature for data.

Products Associated with CVE-2026-0234

stack.watch emails you whenever new vulnerabilities are published in Palo Alto Networks Cortex Xsoar Microsoft Teams Marketplace or Palo Alto Networks Cortex Xsiam Microsoft Teams Marketplace. Just hit a watch button to start following.

Palo Alto Networks Cortex Xsoar Microsoft Teams Marketplace

Palo Alto Networks Cortex Xsiam Microsoft Teams Marketplace

Affected Versions

Palo Alto Networks Cortex XSOAR Microsoft Teams Marketplace:

Version 1.5.0 and below 1.5.52 is affected.

Palo Alto Networks Cortex XSIAM Microsoft Teams Marketplace:

Version 1.5.0 and below 1.5.52 is affected.

Exploit Probability

EPSS

0.03%

Percentile

7.35%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.