CVE-2026-0279
- EPSS -
- Veröffentlicht 09.07.2026 19:08:41
- Zuletzt bearbeitet 09.07.2026 19:38:09
Multiple cross site scripting vulnerabilities in the User-ID™ Authentication Portal (aka Captive Portal) service, GlobalProtect™ gateway/portal features and Clientless VPN of Palo Alto Networks PAN-OS® software enables a malicious unauthenticated use...
CVE-2026-0281
- EPSS -
- Veröffentlicht 09.07.2026 19:03:44
- Zuletzt bearbeitet 09.07.2026 19:38:09
An information disclosure vulnerability in Palo Alto Networks PAN-OS® software enables an unauthenticated attacker with network access to the management web interface to obtain web session tokens. This requires a legitimate user to first click on a m...
CVE-2026-0282
- EPSS -
- Veröffentlicht 09.07.2026 19:02:26
- Zuletzt bearbeitet 09.07.2026 19:38:09
A file deletion vulnerability in Palo Alto Networks PAN-OS® software enables an unauthenticated attacker with network access to the management web interface to delete files from a temporary directory. The security risk posed by this issue is minimiz...
- EPSS -
- Veröffentlicht 09.07.2026 18:56:29
- Zuletzt bearbeitet 09.07.2026 19:38:09
A command injection vulnerability in the management plane of Palo Alto Networks PAN-OS® software enables an authenticated administrator to execute arbitrary OS commands as root. The security risk posed by this issue is significantly minimized when...
CVE-2026-0273
- EPSS 1.19%
- Veröffentlicht 10.06.2026 21:01:45
- Zuletzt bearbeitet 11.06.2026 15:21:30
A command injection vulnerability in Palo Alto Networks PAN-OS® software enables an authenticated administrator to bypass system restrictions and run arbitrary commands as a root user. To be able to exploit this issue, the user must have access to th...
- EPSS 0.24%
- Veröffentlicht 10.06.2026 21:01:10
- Zuletzt bearbeitet 11.06.2026 15:21:30
A privilege escalation vulnerability in Palo Alto Networks PAN-OS® software allows an authenticated administrator with access to the Command Line Interface (CLI) to perform actions on the device with root privileges. The security risk posed by thi...
CVE-2026-0266
- EPSS 0.21%
- Veröffentlicht 10.06.2026 20:30:04
- Zuletzt bearbeitet 11.06.2026 15:21:30
A cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS® software enables a malicious authenticated administrator to store a JavaScript payload using the web interface. This issue is applicable to PAN-OS software on PA-Series and VM...
CVE-2026-0256
- EPSS 0.28%
- Veröffentlicht 13.05.2026 18:18:05
- Zuletzt bearbeitet 09.06.2026 10:16:39
A stored cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS® software enables a malicious authenticated administrator to store a JavaScript payload using the web interface. This issue is applicable to PAN-OS software on PA-Series...
CVE-2026-0261
- EPSS 1.34%
- Veröffentlicht 13.05.2026 17:59:31
- Zuletzt bearbeitet 09.06.2026 10:16:40
Multiple command injection vulnerabilities in Palo Alto Networks PAN-OS® software enable an authenticated administrator to bypass system restrictions and run arbitrary commands as a root user. To be able to exploit this issue, the user must have acce...
CVE-2026-0265
- EPSS 0.44%
- Veröffentlicht 13.05.2026 17:38:33
- Zuletzt bearbeitet 09.06.2026 10:16:42
An authentication bypass vulnerability in Palo Alto Networks PAN-OS® software enables an unauthenticated attacker with network access to bypass authentication controls when Cloud Authentication Service (CAS) is enabled. The risk is higher if CAS i...