Improper Verification of Cryptographic Signature in Cortex Platforms by Palo Alto Networks
CVE-2026-0234

7.2HIGH

Key Information:

Vendor: Palo Alto Networks
Status: Cortex Xsoar Microsoft Teams Marketplace; Cortex Xsiam Microsoft Teams Marketplace
Vendor: CVE Published:; 13 April 2026

🔔 Create Palo Alto Networks Vulnerability Alert

Badges

👾 Exploit Exists

What is CVE-2026-0234?

A vulnerability has been identified in Palo Alto Networks' Cortex XSOAR and Cortex XSIAM platforms, which stems from improper cryptographic signature verification during the integration process with Microsoft Teams. This flaw may allow an unauthorized user to gain access to and modify resources that are otherwise protected, potentially leading to unauthorized data disclosure or manipulation. Organizations using these platforms should assess their security measures and apply necessary patches to ensure their environments remain secure.

Affected Version(s)

Cortex XSIAM Microsoft Teams Marketplace 1.5.0 < 1.5.52

Cortex XSOAR Microsoft Teams Marketplace 1.5.0 < 1.5.52

References

https://security.paloaltonetworks.com/CVE-2026-0234

vendor-advisory

CVSS V4

Score:

7.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

👾
Exploit known to exist
Apr 13, 2026
Vulnerability published
Apr 13, 2026
Vulnerability Reserved
Nov 3, 2025

Credit

quinn

CVE-2026-0234 Data

JSON