CVE-2026-0274 – Cortex XSIAM CommvaultSecurityIQ Marketplace
CVSS 9.1
CRITICAL
High with EoP or RCE – Expedited Deployment
“When credentials are not validated correctly, protected resources stop being protected.”
Palo Alto Networks patched CVE-2026-0274 in the CommvaultSecurityIQ integration for Cortex XSOAR and Cortex XSIAM. This improper credential validation vulnerability could allow an unauthenticated attacker to access and modify protected resources without authorization. The CVSS score is 8.1, which is High severity.
The vulnerability impacts authentication controls and can lead to unauthorized access to sensitive resources. No verified exploitation, zero-day activity, or public proof-of-concept activity has been confirmed.
Key Details
- Affected Product
- Paloaltonetworks Cortex Xsiam Commvaultsecurityiq Marketplace
- Attack Vector
- Network
- Attack Complexity
- Low
- Privileges Required
- None
- User Interaction
- None
- CWE Classification
- CWE-1390
Patch this CVE on all your endpoints in under 5 minutes.
First 200 endpoints are free forever, scale as needed.