Chronocollector Unauth Info Disclosure (CVE-2026-0239)
CVE-2026-0239 Published on May 13, 2026
Chronosphere Chronocollector Information Disclosure Vulnerability
An information disclosure vulnerability in the Chronosphere Chronocollector enables an unauthenticated attacker with network access to the collector service to retrieve sensitive information.
Timeline
Initial publication.
Weakness Type
Exposure of Sensitive System Information to an Unauthorized Control Sphere
The application does not properly prevent sensitive system-level information from being accessed by unauthorized actors who do not have the same level of access to the underlying system as the application does.
Products Associated with CVE-2026-0239
Want to know whenever a new CVE is published for Palo Alto Networks Chronosphere Chronocollector? stack.watch will email you.
Affected Versions
Palo Alto Networks Chronosphere Chronocollector:- Version 0.0.0 and below v0.116.0 is affected.