CVE-2026-0274 – Cortex XSIAM CommvaultSecurityIQ Marketplace

CVSS 9.1 CRITICAL High with EoP or RCE – Expedited Deployment

“When credentials are not validated correctly, protected resources stop being protected.”

Palo Alto Networks patched CVE-2026-0274 in the CommvaultSecurityIQ integration for Cortex XSOAR and Cortex XSIAM. This improper credential validation vulnerability could allow an unauthenticated attacker to access and modify protected resources without authorization. The CVSS score is 8.1, which is High severity.

The vulnerability impacts authentication controls and can lead to unauthorized access to sensitive resources. No verified exploitation, zero-day activity, or public proof-of-concept activity has been confirmed.

Key Details

Affected Product
Paloaltonetworks Cortex Xsiam Commvaultsecurityiq Marketplace
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
CWE Classification
CWE-1390
Patch this CVE on all your endpoints in under 5 minutes. First 200 endpoints are free forever, scale as needed.