Path traversal in Palo Alto Cortex XSOAR (Linux) allows arbitrary file write
CVE-2026-0270 Published on June 10, 2026
Cortex XSOAR: Path Traversal Vulnerability
A path traversal vulnerability in Palo Alto Networks Cortex XSOAR engine software running on Linux allows an unauthenticated attacker on an adjacent network, with the ability to intercept and manipulate network response traffic via a man-in-the-middle (MITM) attack, to write arbitrary files to the host.
Timeline
Initial publication
Weakness Type
What is a Directory traversal Vulnerability?
The software uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the software does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.
CVE-2026-0270 has been classified to as a Directory traversal vulnerability or weakness.
Products Associated with CVE-2026-0270
Want to know whenever a new CVE is published for Palo Alto Networks Cortex Xsoar? stack.watch will email you.
Affected Versions
Palo Alto Networks Cortex XSOAR:- Version 8.13 and below 8.13.0.11 is affected.
- Version 8.12.0 is affected.
- Version 8.11.0 is affected.
- Version 8.10.0 is affected.
- Version 6.14.0 is unaffected.
- Version 6.13.0 is unaffected.
- Version 6.12.0 is unaffected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.