Palo Alto Networks PSIRT
PAN-OS, GlobalProtect, Prisma, WildFire, Cortex security advisories — frequent KEV-listed CVEs (CVE-2024-3400 et al).
50 advisories tracked · showing 50
- Jul 8, 2026CVE-2026-0284MediumCVE-2026-0284
CVE-2026-0284 PAN-OS: XML Injection Vulnerability in Large Scale VPN (LSVPN)
- Jul 8, 2026CVE-2026-0287MediumCVE-2026-0287
CVE-2026-0287 PAN-OS: Denial of Service Vulnerabilities in Network Traffic Processing
- Jul 8, 2026CVE-2026-0276LowCVE-2026-0276
CVE-2026-0276 Cortex XDR Broker VM: Privilege Escalation (PE) Vulnerability
- Jul 8, 2026CVE-2026-0283MediumCVE-2026-0283
CVE-2026-0283 PAN-OS: Authentication Bypass Vulnerability in Large Scale VPN (LSVPN)
- Jul 8, 2026CVE-2026-0285MediumCVE-2026-0285
CVE-2026-0285 PAN-OS: Server-Side Request Forgery Vulnerability in Management Web Interface
- Jul 8, 2026PAN-SA-2026-0010HighDisclosed before NVD
PAN-SA-2026-0010 Chromium and Prisma Browser: Monthly Vulnerability Update (July 2026)
- Jul 8, 2026CVE-2026-0288HighCVE-2026-0288
CVE-2026-0288 PAN-OS: Buffer Overflow Vulnerabilities in User-ID Terminal Server Agent
- Jul 8, 2026CVE-2026-0278MediumCVE-2026-0278
CVE-2026-0278 Prisma Access Agent: Multiple DLP Policy Bypass Vulnerabilities on Windows
- Jul 8, 2026CVE-2026-0280LowCVE-2026-0280
CVE-2026-0280 PAN-OS: IPv6 Firewall Policy Bypass
- Jul 8, 2026CVE-2026-0286MediumCVE-2026-0286
CVE-2026-0286 PAN-OS: Authenticated Command Injection in CLI
- Jul 8, 2026CVE-2026-0282LowCVE-2026-0282
CVE-2026-0282 PAN-OS: File Deletion Vulnerability in Management Web Interface
- Jul 8, 2026CVE-2026-0279LowCVE-2026-0279
CVE-2026-0279 PAN-OS: Multiple Cross-Site Scripting (XSS) Vulnerabilities
- Jul 8, 2026CVE-2026-0277MediumCVE-2026-0277
CVE-2026-0277 Prisma Access Agent: Improper Certificate Validation on iOS
- Jul 8, 2026CVE-2026-0281LowCVE-2026-0281
CVE-2026-0281 PAN-OS: Information Disclosure Vulnerability in Management Web Interface
- Jun 10, 2026CVE-2026-0266LowCVE-2026-0266
CVE-2026-0266 PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in the Web Interface
- Jun 10, 2026CVE-2026-0268MediumCVE-2026-0268
CVE-2026-0268 Prisma Access Agent: Local Authenticated VPN Enforcement Bypass on Linux
- Jun 10, 2026CVE-2026-0274HighCVE-2026-0274
CVE-2026-0274 Cortex XSOAR: Improper Validation of Credentials in CommvaultSecurityIQ integration
- Jun 10, 2026PAN-SA-2026-0009Disclosed before NVD
PAN-SA-2026-0009 Informational Bulletin: Impact assessment of OSS CVEs in Prisma SD-WAN ION (Severity: INFORMATIONAL)
- Jun 10, 2026CVE-2026-0269MediumCVE-2026-0269
CVE-2026-0269 PAN-OS: Denial of Service (DoS) in Tunnel Traffic Processing
- Jun 10, 2026CVE-2026-0273MediumCVE-2026-0273
CVE-2026-0273 PAN-OS: Authenticated Admin Command Injection Vulnerability via CLI or Web UI
- Jun 10, 2026PAN-SA-2026-0008HighDisclosed before NVD
PAN-SA-2026-0008 Chromium: Monthly Vulnerability Update (June 2026)
- Jun 10, 2026CVE-2026-0272MediumCVE-2026-0272
CVE-2026-0272 PAN-OS: Privilege Escalation (PE) Vulnerability in the Command Line Interface (CLI)
- Jun 10, 2026CVE-2026-0270MediumCVE-2026-0270
CVE-2026-0270 Cortex XSOAR: Path Traversal Vulnerability
- Jun 10, 2026CVE-2026-0267MediumCVE-2026-0267
CVE-2026-0267 GlobalProtect App: Information Exposure Vulnerability on macOS
- Jun 10, 2026CVE-2026-0271MediumCVE-2026-0271
CVE-2026-0271 Prisma Access Agent: Local Privilege Escalation by Authorized Users
- May 20, 2026CVE-2026-0264HighCVE-2026-0264
CVE-2026-0264 PAN-OS: Heap-Based Buffer Overflow in DNS Proxy and DNS Server Allows Unauthenticated Remote Code Execution
- May 20, 2026CVE-2026-0256MediumCVE-2026-0256
CVE-2026-0256 PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in the Web Interface
- May 20, 2026CVE-2026-0262MediumCVE-2026-0262
CVE-2026-0262 PAN-OS: Denial of Service Vulnerabilities in Network Traffic Parsing
- May 20, 2026CVE-2026-0258MediumCVE-2026-0258
CVE-2026-0258 PAN-OS: Server-Side Request Forgery (SSRF) in IKEv2 Certificate URL Fetching
- May 20, 2026CVE-2026-0265HighCVE-2026-0265
CVE-2026-0265 PAN-OS: Authentication Bypass with Cloud Authentication Service (CAS) enabled
- May 20, 2026CVE-2026-0259MediumCVE-2026-0259
CVE-2026-0259 WildFire WF-500 and WF-500-B: Arbitrary File Read and Delete Vulnerability in WildFire Appliance (WF-500, WF-500-B)
- May 20, 2026CVE-2026-0261MediumCVE-2026-0261
CVE-2026-0261 PAN-OS: Authenticated Admin Command Injection Vulnerability
- May 20, 2026CVE-2026-0257HighCVE-2026-0257
CVE-2026-0257 PAN-OS: GlobalProtect Authentication Bypass Vulnerabilities
- May 19, 2026CVE-2026-0251MediumCVE-2026-0251
CVE-2026-0251 GlobalProtect App: Local Privilege Escalation Vulnerabilities
- May 16, 2026CVE-2026-0300CriticalCVE-2026-0300
CVE-2026-0300 PAN-OS: Unauthenticated user initiated Buffer Overflow Vulnerability in User-ID™ Authentication Portal
- May 13, 2026CVE-2026-0240MediumCVE-2026-0240
CVE-2026-0240 Trust Protection Foundation: Sensitive Information Disclosure Vulnerability
- May 13, 2026CVE-2026-0249MediumCVE-2026-0249
CVE-2026-0249 GlobalProtect App: Certificate Validation Bypass Vulnerabilities
- May 13, 2026CVE-2026-0263HighCVE-2026-0263
CVE-2026-0263 PAN-OS: Remote Code Execution (RCE) in IKEv2 Processing
- May 13, 2026CVE-2026-0238LowCVE-2026-0238
CVE-2026-0238 Broker VM: Improper Input Validation in Broker VM Certificate and Key Fields
- May 13, 2026PAN-SA-2026-0007MediumDisclosed before NVD
PAN-SA-2026-0007 Chromium and Prisma Browser: Monthly Vulnerability Update (May 2026)
- May 13, 2026CVE-2026-0245MediumCVE-2026-0245
CVE-2026-0245 Prisma Access Agent: Information Disclosure Vulnerabilities
- May 13, 2026CVE-2026-0239MediumCVE-2026-0239
CVE-2026-0239 Chronosphere Chronocollector Information Disclosure Vulnerability
- May 13, 2026CVE-2026-0250MediumCVE-2026-0250
CVE-2026-0250 GlobalProtect App: Buffer Overflow Vulnerability during connection to Portal or Gateway
- May 13, 2026CVE-2026-0244MediumCVE-2026-0244
CVE-2026-0244 Prisma SD-WAN: Improper Certificate Validation Vulnerability
- May 13, 2026CVE-2026-0248MediumCVE-2026-0248
CVE-2026-0248 Prisma Access Agent: Improper Certificate Validation Vulnerability
- May 13, 2026CVE-2026-0246MediumCVE-2026-0246
CVE-2026-0246 Prisma Access Agent: Local Privilege Escalation Vulnerability
- May 13, 2026CVE-2026-0243MediumCVE-2026-0243
CVE-2026-0243 Prisma SD-WAN: Denial of Service (DoS) Vulnerability Through IPv6 Crafted Packet
- May 13, 2026CVE-2026-0242MediumCVE-2026-0242
CVE-2026-0242 Trust Protection Foundation: SQL Injection Vulnerability
- May 13, 2026CVE-2026-0247MediumCVE-2026-0247
CVE-2026-0247 Prisma Access Agent Endpoint DLP: Authorization Bypass Vulnerabilities
- May 13, 2026CVE-2026-0241MediumCVE-2026-0241
CVE-2026-0241 Trust Protection Foundation: Multiple Authorization Bypass Vulnerabilities