CVE-2026-0288
- EPSS 0.52%
- Veröffentlicht 08.07.2026 20:14:32
- Zuletzt bearbeitet 09.07.2026 16:39:17
Multiple buffer overflow vulnerabilities in the User-ID Terminal Server Agent (TSA) component of Palo Alto Networks PAN-OS software allow an unauthenticated attacker with network access to cause a denial of service (DoS) condition or potentially exec...
CVE-2026-0273
- EPSS 1.19%
- Veröffentlicht 10.06.2026 21:01:45
- Zuletzt bearbeitet 11.06.2026 15:21:30
A command injection vulnerability in Palo Alto Networks PAN-OS® software enables an authenticated administrator to bypass system restrictions and run arbitrary commands as a root user. To be able to exploit this issue, the user must have access to th...
- EPSS 0.24%
- Veröffentlicht 10.06.2026 21:01:10
- Zuletzt bearbeitet 11.06.2026 15:21:30
A privilege escalation vulnerability in Palo Alto Networks PAN-OS® software allows an authenticated administrator with access to the Command Line Interface (CLI) to perform actions on the device with root privileges. The security risk posed by thi...
CVE-2026-0269
- EPSS 0.19%
- Veröffentlicht 10.06.2026 20:54:29
- Zuletzt bearbeitet 11.06.2026 15:21:30
A memory corruption vulnerability in the processing of tunnel traffic in Palo Alto Networks PAN-OS® software allows an authenticated user to initiate system reboots using a maliciously crafted packet. Repeated attempts to initiate a reboot causes the...
CVE-2026-0266
- EPSS 0.21%
- Veröffentlicht 10.06.2026 20:30:04
- Zuletzt bearbeitet 11.06.2026 15:21:30
A cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS® software enables a malicious authenticated administrator to store a JavaScript payload using the web interface. This issue is applicable to PAN-OS software on PA-Series and VM...
CVE-2026-0256
- EPSS 0.28%
- Veröffentlicht 13.05.2026 18:18:05
- Zuletzt bearbeitet 09.06.2026 10:16:39
A stored cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS® software enables a malicious authenticated administrator to store a JavaScript payload using the web interface. This issue is applicable to PAN-OS software on PA-Series...
CVE-2026-0257
- EPSS 86.68%
- Veröffentlicht 13.05.2026 18:15:10
- Zuletzt bearbeitet 09.06.2026 12:47:03
Authentication bypass vulnerabilities in the GlobalProtect portal and gateway of Palo Alto Networks PAN-OS® software allows the attacker to bypass security restrictions and establish an unauthorized VPN connection. Panorama and Cloud NGFW are not im...
CVE-2026-0258
- EPSS 0.32%
- Veröffentlicht 13.05.2026 18:08:36
- Zuletzt bearbeitet 09.06.2026 10:16:40
A server-side request forgery (SSRF) vulnerability in the IKEv2 implementation of Palo Alto Networks PAN-OS® software allows an unauthenticated attacker to cause the firewall to send network requests to unintended destinations or cause a denial of se...
CVE-2026-0261
- EPSS 1.34%
- Veröffentlicht 13.05.2026 17:59:31
- Zuletzt bearbeitet 09.06.2026 10:16:40
Multiple command injection vulnerabilities in Palo Alto Networks PAN-OS® software enable an authenticated administrator to bypass system restrictions and run arbitrary commands as a root user. To be able to exploit this issue, the user must have acce...
CVE-2026-0262
- EPSS 0.34%
- Veröffentlicht 13.05.2026 17:49:43
- Zuletzt bearbeitet 09.06.2026 10:16:41
Multiple denial of service vulnerabilities in Palo Alto Networks PAN-OS® software allow an unauthenticated attacker with network access to cause a denial of service (DoS) condition by sending specially crafted network traffic. Panorama and Cloud NG...