Lucene search
K

902 matches found

NVD
NVD
added 5 days ago7 views

CVE-2026-0286

A command injection vulnerability in the management plane of Palo Alto Networks PAN-OS® software enables an authenticated administrator to execute arbitrary OS commands as root. The security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of...

8.5CVSS0.01101EPSS
Exploits0References1
NVD
NVD
added 5 days ago7 views

CVE-2026-0281

An information disclosure vulnerability in Palo Alto Networks PAN-OS® software enables an unauthenticated attacker with network access to the management web interface to obtain web session tokens. This requires a legitimate user to first click on a malicious link provided by the attacker. The...

7.1CVSS0.00357EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 5 days ago8 views

CVE-2026-0281

An information disclosure vulnerability in Palo Alto Networks PAN-OS® software enables an unauthenticated attacker with network access to the management web interface to obtain web session tokens. This requires a legitimate user to first click on a malicious link provided by the attacker. The...

5.9CVSS6AI score0.00357EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 5 days ago7 views

EUVD-2026-42675

A command injection vulnerability in the management plane of Palo Alto Networks PAN-OS® software enables an authenticated administrator to execute arbitrary OS commands as root. The security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of...

8.5CVSS6.2AI score0.01101EPSS
Exploits0References1
ICS
ICS
added 2026/07/07 6:0 a.m.5 views

Hydro-Québec Le Circuit Electrique charging station backend

ADVISORY SUMMARY Successful exploitation of these vulnerabilities could lead to privilege escalation, or result in a denial-of-service attack. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Minimize network...

9.8CVSS6.1AI score0.00519EPSS
Exploits0References11
Nuclei
Nuclei
added 2026/06/28 3:8 p.m.168 views

ZyXel USG - Hardcoded Credentials

A hardcoded credential vulnerability was identified in the 'zyfwp' user account in some Zyxel firewalls and AP controllers. The account was designed to deliver automatic firmware updates to connected access points through FTP. id: CVE-2020-29583 info: name: ZyXel USG - Hardcoded Credentials autho...

10CVSS7.6AI score0.90049EPSS
Exploits2References5
Snyk
Snyk
added 2026/06/18 1:1 p.m.5 views

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF in the processing of user-supplied URLs in outgoing HTTP components, including notification channels, OIDC backchannel logout, and SAML metadata fetches. An attacker can access internal network resources...

4.2CVSS6AI score0.00252EPSS
Exploits0References2
ICS
ICS
added 2026/06/18 6:0 a.m.14 views

AVer PTC cameras

ADVISORY SUMMARY Successful exploitation of this vulnerability could allow arbitrary code execution. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Minimize network exposure for all control system devices and/or...

9.8CVSS6.2AI score0.00616EPSS
Exploits0References13
CVE
CVE
added 2026/06/10 8:30 p.m.40 views

CVE-2026-0266

CVE-2026-0266 concerns a Stored Cross-Site Scripting (XSS) vulnerability in Palo Alto Networks PAN-OS web interface. The connected documents specify that an authenticated administrator can store a JavaScript payload via the PAN-OS web UI, affecting PAN-OS on PA-Series and VM-Series firewalls as w...

4.8CVSS5.2AI score0.00213EPSS
Exploits0References2Affected Software1
The Hacker News
The Hacker News
added 2026/06/09 11:30 a.m.21 views

The Hidden Security Risk in Modern Networks: The Work Between Tools

Organizations have more visibility than ever. Growing tech stacks provide greater coverage, and network security teams are increasingly adopting AI and automation to help with routine tasks and reduce manual effort. But the same challenges persist. Outages still last hours, causing significant...

5.8AI score
Exploits0
CheckPoint Security
CheckPoint Security
added 2026/06/07 12:0 a.m.33 views

CVE-2026-50752 - VPN site to site certificate bypass vulnerability in deprecated IKEv1 key exchange

Symptoms - A vulnerability in the certificate validation logic of the deprecated IKEv1 key exchange method may lead to a man-in-the-middle attack on the VPN site-to-site configuration. This vulnerability was discovered by Check Point security research team. There are no reported exploits of this...

7.4CVSS6.1AI score0.04859EPSS
Exploits0
Information Security Automation
Information Security Automation
added 2026/06/05 10:0 a.m.13 views

About Remote Code Execution - PAN-OS (CVE-2026-0300) vulnerability

About Remote Code Execution - PAN-OS CVE-2026-0300 vulnerability. PAN-OS is an operating system for Palo Alto Networks firewalls and security platforms. User-ID™ Authentication Portal also known as Captive Portal is a non-default PAN-OS feature used to map IP addresses to usernames. By exploiting...

9.8CVSS6.7AI score0.32074EPSS
Exploits6
ICS
ICS
added 2026/06/04 6:0 a.m.15 views

NAVTOR NavBox

ADVISORY SUMMARY Successful exploitation of this vulnerability could allow a local attacker to gain unauthorized access to SOAP methods, resulting in a disruption of operations. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this...

6.3CVSS5.3AI score0.00122EPSS
Exploits0References13
ICS
ICS
added 2026/05/28 6:0 a.m.20 views

KMW CCTV Security Cameras

ADVISORY SUMMARY Successful exploitation of this vulnerability may grant full unauthorized access to camera feeds and settings. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Minimize network exposure for all...

9.1CVSS5.8AI score0.00624EPSS
Exploits0References13
Microsoft Secure
Microsoft Secure
added 2026/05/22 4:53 p.m.43 views

From edge appliance to enterprise compromise: Multi-stage Linux intrusion via F5 and Confluence

In this article 1. Attack chain overview 1. Initial access: Exploiting edge appliances 2. Discovery and reconnaissance 3. Lateral movement and identity compromise 2. Mitigation and protection guidance 1. Microsoft Defender XDR detections 2. Advanced hunting 3. Indicators of compromise IOC 4. MITR...

8.8CVSS8AI score0.64987EPSS
Exploits7
CheckPoint Security
CheckPoint Security
added 2026/05/20 12:0 a.m.22 views

CVE-2026-48132 - VPN service may restart unexpectedly when processing IKE traffic over NAT-T 4500/UDP

Symptoms - The Security Gateway does not correctly validate a length value in certain IKE packets when NAT-T is used 4500/UDP. As a result, a specially crafted or malformed packet can cause the VPN processing service to terminate unexpectedly, leading to denial of service temporary interruption o...

8.1CVSS5.4AI score0.02139EPSS
Exploits0
ICS
ICS
added 2026/05/19 6:0 a.m.26 views

ScadaBR

ADVISORY SUMMARY Successful exploitation of these vulnerabilities could allow an attacker to perform unauthenticated remote code execution. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Minimize network...

6.3AI score
Exploits0References13
Cvelist
Cvelist
added 2026/05/13 5:59 p.m.32 views

CVE-2026-0261 PAN-OS: Authenticated Admin Command Injection Vulnerability

Multiple command injection vulnerabilities in Palo Alto Networks PAN-OS® software enable an authenticated administrator to bypass system restrictions and run arbitrary commands as a root user. To be able to exploit this issue, the user must have access to the PAN-OS CLI or Web UI. The security ri...

8.6CVSS0.01336EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/13 5:38 p.m.8 views

CVE-2026-0265 PAN-OS: Authentication Bypass with Cloud Authentication Service (CAS) enabled

An authentication bypass vulnerability in Palo Alto Networks PAN-OS® software enables an unauthenticated attacker with network access to bypass authentication controls when Cloud Authentication Service CAS is enabled. The risk is higher if CAS is enabled on the management interface and lower when...

9.2CVSS5.8AI score0.0044EPSS
Exploits3References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.13 views

Palo Alto Networks PAN-OS 数据伪造问题漏洞

Palo Alto Networks PAN-OS is an operating system developed by Palo Alto Networks for its firewall devices. There is a vulnerability in Palo Alto Networks PAN-OS related to data manipulation, which stems from an authentication bypass mechanism. This vulnerability could allow unauthenticated...

9.2CVSS5.8AI score0.0044EPSS
Exploits3References1
Rows per page
Query Builder