CVE-2026-0239

Summary

An information disclosure vulnerability in the Chronosphere Chronocollector enables an unauthenticated attacker with network access to the collector service to retrieve sensitive information.

Affected Software

VendorProductVersion RangeStatus
Palo Alto NetworksChronosphere Chronocollector0.0.0 < v0.116.0affected

Weaknesses

  • CWE-497: CWE-497 Exposure of Sensitive System Information to an Unauthorized Control Sphere

Workarounds

No known workarounds exist for this issue.

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References