CVE-2026-0238

A vulnerability in Palo Alto Networks Broker VM allows an authenticated administrator to inject arbitrary content into certain Broker VM fields...

CVE-2026-41044

A flaw was found in Apache ActiveMQ. An authenticated attacker can exploit an improper input validation vulnerability in the admin web console to craft a malicious broker name. This malicious name, containing an xbean binding, can be used by a virtual machine VM transport to load a remote Spring...

EUVD-2026-11251

An information disclosure vulnerability in Palo Alto Networks Cortex XDR® Broker VM allows an authenticated user to obtain and modify sensitive information by triggering live terminal session via Cortex UI and modifying any configuration setting. The attacker must have network access to the Broke...

CVE-2026-0231 Cortex XDR Broker VM: Sensitive Information Disclosure Vulnerability

An information disclosure vulnerability in Palo Alto Networks Cortex XDR® Broker VM allows an authenticated user to obtain and modify sensitive information by triggering live terminal session via Cortex UI and modifying any configuration setting. The attacker must have network access to the Broke...

EUVD-2025-24615

Malicious code in bioql PyPI...

CVE-2025-2184

A credential management flaw in Palo Alto Networks Cortex XDR® Broker VM causes different Broker VM images to share identical default credentials for internal services. Users knowing these default credentials could access internal services on other Broker VM installations. The attacker must have...

CVE-2025-2184

A credential management flaw in Palo Alto Networks Cortex XDR® Broker VM causes different Broker VM images to share identical default credentials for internal services. Users knowing these default credentials could access internal services on other Broker VM installations. The attacker must have...

CVE-2025-2184

Summary: CVE-2025-2184 describes a credential management flaw in Palo Alto Networks Cortex XDR® Broker VM. Different Broker VM images reportedly share identical default credentials for internal services, enabling an attacker with network access to access internal services on other Broker VM insta...

CVE-2025-2184 Cortex XDR Broker VM: Secrets Shared Across Multiple Broker VM Images

A credential management flaw in Palo Alto Networks Cortex XDR® Broker VM causes different Broker VM images to share identical default credentials for internal services. Users knowing these default credentials could access internal services on other Broker VM installations. The attacker must have...

CVE-2025-0134

A code injection vulnerability in the Palo Alto Networks Cortex XDR® Broker VM allows an authenticated user to execute arbitrary code with root privileges on the host operating system running Broker VM...

Palo Alto Networks Cortex XDR Broker VM 访问控制错误漏洞

Palo Alto Networks Cortex XDR Broker VM is a secure virtual machine from Palo Alto Networks, Inc. that integrates with Cortex XDR to bridge the network and Cortex XDR. A security vulnerability exists in the Palo Alto Networks Cortex XDR Broker VM that stems from a lack of authentication that coul...

Palo Alto Networks Cortex XDR Broker VM 操作系统命令注入漏洞

Palo Alto Networks Cortex XDR Broker VM is a secure virtual machine from Palo Alto Networks, Inc. that integrates with Cortex XDR to bridge the network and Cortex XDR. A security vulnerability exists in the Palo Alto Networks Cortex XDR Broker VM, which stems from command injection and could lead...

PT-2025-33024

Name of the Vulnerable Software and Affected Versions: Palo Alto Networks Cortex XDR® Broker VM affected versions not specified Description: A credential management flaw exists in Palo Alto Networks Cortex XDR® Broker VM where different Broker VM images share identical default credentials for...