CVE Vulnerabilities

CVE-2026-0276

Improper Privilege Management

Published: Jul 09, 2026 | Modified: Jul 16, 2026
CVSS 3.x
7.8
HIGH
Source:
NVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu
root.io logo minimus.io logo echo.ai logo

A privilege escalation vulnerability in Palo Alto Networks Cortex® XDR Broker VM enables a locally authenticated user to perform actions as the root user.

Weakness

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

Affected Software

NameVendorStart VersionEnd Version
Cortex_xdr_broker_vmPaloaltonetworks20.0.96 (including)31.0.58 (excluding)

Potential Mitigations

References