May 20, 2026

CVE-2026-0264HighCVE-2026-0264

CVE-2026-0264 PAN-OS: Heap-Based Buffer Overflow in DNS Proxy and DNS Server Allows Unauthenticated Remote Code Execution

May 20, 2026

CVE-2026-0256MediumCVE-2026-0256

CVE-2026-0256 PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in the Web Interface

May 20, 2026

CVE-2026-0262MediumCVE-2026-0262

CVE-2026-0262 PAN-OS: Denial of Service Vulnerabilities in Network Traffic Parsing

May 20, 2026

CVE-2026-0258MediumCVE-2026-0258

CVE-2026-0258 PAN-OS: Server-Side Request Forgery (SSRF) in IKEv2 Certificate URL Fetching

May 20, 2026

CVE-2026-0265HighCVE-2026-0265

CVE-2026-0265 PAN-OS: Authentication Bypass with Cloud Authentication Service (CAS) enabled

May 20, 2026

CVE-2026-0259MediumCVE-2026-0259

CVE-2026-0259 WildFire WF-500 and WF-500-B: Arbitrary File Read and Delete Vulnerability in WildFire Appliance (WF-500, WF-500-B)

May 20, 2026

CVE-2026-0261MediumCVE-2026-0261

CVE-2026-0261 PAN-OS: Authenticated Admin Command Injection Vulnerability

May 20, 2026

CVE-2026-0257HighCVE-2026-0257

CVE-2026-0257 PAN-OS: GlobalProtect Authentication Bypass Vulnerabilities

May 19, 2026

CVE-2026-0251MediumCVE-2026-0251

CVE-2026-0251 GlobalProtect App: Local Privilege Escalation Vulnerabilities

May 16, 2026

CVE-2026-0300CriticalCVE-2026-0300

CVE-2026-0300 PAN-OS: Unauthenticated user initiated Buffer Overflow Vulnerability in User-ID™ Authentication Portal

May 13, 2026

CVE-2026-0240MediumCVE-2026-0240

CVE-2026-0240 Trust Protection Foundation: Sensitive Information Disclosure Vulnerability

May 13, 2026

CVE-2026-0249MediumCVE-2026-0249

CVE-2026-0249 GlobalProtect App: Certificate Validation Bypass Vulnerabilities

May 13, 2026

CVE-2026-0263HighCVE-2026-0263

CVE-2026-0263 PAN-OS: Remote Code Execution (RCE) in IKEv2 Processing

May 13, 2026

CVE-2026-0238LowCVE-2026-0238

CVE-2026-0238 Broker VM: Improper Input Validation in Broker VM Certificate and Key Fields

May 13, 2026

PAN-SA-2026-0007MediumDisclosed before NVD

PAN-SA-2026-0007 Chromium and Prisma Browser: Monthly Vulnerability Update (May 2026)

May 13, 2026

CVE-2026-0245MediumCVE-2026-0245

CVE-2026-0245 Prisma Access Agent: Information Disclosure Vulnerabilities

May 13, 2026

CVE-2026-0239MediumCVE-2026-0239

CVE-2026-0239 Chronosphere Chronocollector Information Disclosure Vulnerability

May 13, 2026

CVE-2026-0250MediumCVE-2026-0250

CVE-2026-0250 GlobalProtect App: Buffer Overflow Vulnerability during connection to Portal or Gateway

May 13, 2026

CVE-2026-0244MediumCVE-2026-0244

CVE-2026-0244 Prisma SD-WAN: Improper Certificate Validation Vulnerability

May 13, 2026

CVE-2026-0248MediumCVE-2026-0248

CVE-2026-0248 Prisma Access Agent: Improper Certificate Validation Vulnerability

May 13, 2026

CVE-2026-0246MediumCVE-2026-0246

CVE-2026-0246 Prisma Access Agent: Local Privilege Escalation Vulnerability

May 13, 2026

CVE-2026-0243MediumCVE-2026-0243

CVE-2026-0243 Prisma SD-WAN: Denial of Service (DoS) Vulnerability Through IPv6 Crafted Packet

May 13, 2026

CVE-2026-0242MediumCVE-2026-0242

CVE-2026-0242 Trust Protection Foundation: SQL Injection Vulnerability

May 13, 2026

CVE-2026-0247MediumCVE-2026-0247

CVE-2026-0247 Prisma Access Agent Endpoint DLP: Authorization Bypass Vulnerabilities

May 13, 2026

CVE-2026-0241MediumCVE-2026-0241

CVE-2026-0241 Trust Protection Foundation: Multiple Authorization Bypass Vulnerabilities