GHSA-7g39-pmpc-x999MediumCVSS 8.8

An arbitrary File Read and Delete Vulnerability in Palo Alto Networks WildFire® WF-500 and WF-500...

Published
May 13, 2026
Last Modified
July 14, 2026

🔗 CVE IDs covered (1)

📋 Description

An arbitrary File Read and Delete Vulnerability in Palo Alto Networks WildFire® WF-500 and WF-500-B appliances enables users to read sensitive information and delete arbitrary files. This vulnerability affects WF-500 and WF-500-B appliances running in the default non-FIPS configuration mode.

The WildFire Appliance (WF-500, WF-500-B) software update is now available to customers that use the WildFire Appliance (WF-500, WF-500-B) for on-premise sandboxing.

Please note that customers using the WildFire Public cloud service are NOT impacted by this vulnerability.

🔗 References (3)