Lucene search
K

2811 matches found

Nuclei
Nuclei
added 16 hours ago114 views

Palo Alto Networks PAN-OS Web Interface - Cross Site-Scripting

PAN-OS management web interface is vulnerable to reflected cross-site scripting. A remote attacker able to convince an administrator with an active authenticated session on the firewall management interface to click on a crafted link to that management web interface could potentially execute...

8.8CVSS7.2AI score0.2389EPSS
Exploits0References5
EUVD
EUVD
added yesterday5 views

EUVD-2026-42691

A local privilege escalation vulnerability in Palo Alto Networks Prisma® Browser allows a locally authenticated administrator with access to the macOS local filesystem to perform actions on the device with root privileges. This issue only affects Prisma® Browser on macOS...

5.4CVSS6AI score
Exploits0References1
NVD
NVD
added yesterday9 views

CVE-2026-0287

Multiple denial of service vulnerabilities in Palo Alto Networks PAN-OS® software allow an unauthenticated attacker with network access to cause a denial of service DoS condition by sending specially crafted network traffic to or through a dataplane interface. Repeated attempts to trigger this...

8.7CVSS
Exploits0References1
NVD
NVD
added yesterday5 views

CVE-2026-0283

An authentication bypass vulnerability in Large Scale VPN LSVPN functionality of Palo Alto Networks PAN-OS software allows an attacker with network access to bypass security restrictions and establish an unauthorized site-to-site VPN connection. Panorama, Cloud NGFW, and Prisma® Access are not...

7.8CVSS
Exploits0References1
NVD
NVD
added yesterday6 views

CVE-2026-0281

An information disclosure vulnerability in Palo Alto Networks PAN-OS® software enables an unauthenticated attacker with network access to the management web interface to obtain web session tokens. This requires a legitimate user to first click on a malicious link provided by the attacker. The...

5.9CVSS
Exploits0References1
NVD
NVD
added yesterday5 views

CVE-2026-0280

An IPv6 packet processing vulnerability in the dataplane of Palo Alto Networks PAN-OS® software enables an unauthenticated attacker to bypass firewall security policy enforcement, allowing network traffic that should be blocked to reach protected services. Cloud NGFW and Panorama are not impacted...

6.3CVSS
Exploits0References1
EUVD
EUVD
added yesterday4 views

EUVD-2026-42681

An IPv6 packet processing vulnerability in the dataplane of Palo Alto Networks PAN-OS® software enables an unauthenticated attacker to bypass firewall security policy enforcement, allowing network traffic that should be blocked to reach protected services. Cloud NGFW and Panorama are not impacted...

6.3CVSS6AI score
Exploits0References1
Cvelist
Cvelist
added yesterday24 views

CVE-2026-0280 PAN-OS: IPv6 Firewall Policy Bypass

An IPv6 packet processing vulnerability in the dataplane of Palo Alto Networks PAN-OS® software enables an unauthenticated attacker to bypass firewall security policy enforcement, allowing network traffic that should be blocked to reach protected services. Cloud NGFW and Panorama are not impacted...

6.3CVSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added yesterday3 views

CVE-2026-0280

An IPv6 packet processing vulnerability in the dataplane of Palo Alto Networks PAN-OS® software enables an unauthenticated attacker to bypass firewall security policy enforcement, allowing network traffic that should be blocked to reach protected services. Cloud NGFW and Panorama are not impacted...

6.3CVSS6AI score
Exploits0References2Affected Software2
CVE
CVE
added yesterday11 views

CVE-2026-0281

Summary (CVE-2026-0281): An information disclosure vulnerability in Palo Alto Networks PAN-OS software allows an unauthenticated attacker with network access to the management web interface to obtain web session tokens, requiring a legitimate user to click a malicious link. Affected products incl...

5.9CVSS6AI score
Exploits0References1
ATTACKERKB
ATTACKERKB
added yesterday4 views

CVE-2026-0281

An information disclosure vulnerability in Palo Alto Networks PAN-OS® software enables an unauthenticated attacker with network access to the management web interface to obtain web session tokens. This requires a legitimate user to first click on a malicious link provided by the attacker. The...

5.9CVSS6AI score
Exploits0References2Affected Software1
CVE
CVE
added yesterday11 views

CVE-2026-0282

CVE-2026-0282 describes a file deletion vulnerability in Palo Alto Networks PAN-OS that allows an unauthenticated attacker with network access to the management web interface to delete files from a temporary directory. Affected are PAN-OS on PA-Series and VM-Series firewalls and Panorama (virtual...

6.9CVSS6AI score
Exploits0References1
CVE
CVE
added yesterday12 views

CVE-2026-0283

CVE-2026-0283 concerns Palo Alto Networks PAN-OS Large Scale VPN (LSVPN). The vulnerability is an authentication bypass in LSVPN that could allow an attacker with network access to bypass restrictions and establish an unauthorized site-to-site VPN. Public write-ups reference PAN-OS versions 10.2....

7.8CVSS6AI score
Exploits0References1
Cvelist
Cvelist
added yesterday27 views

CVE-2026-0283 PAN-OS: Authentication Bypass Vulnerability in Large Scale VPN (LSVPN)

An authentication bypass vulnerability in Large Scale VPN LSVPN functionality of Palo Alto Networks PAN-OS software allows an attacker with network access to bypass security restrictions and establish an unauthorized site-to-site VPN connection. Panorama, Cloud NGFW, and Prisma® Access are not...

7.8CVSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added yesterday2 views

CVE-2026-0284

An XML injection vulnerability in the Large Scale VPN LSVPN functionality of Palo Alto Networks PAN-OS® software enables an unauthenticated attacker with network access to inject malicious XML content, potentially leading to information disclosure or corruption of internal LSVPN satellite data...

7.8CVSS6AI score
Exploits0References2Affected Software1
EUVD
EUVD
added yesterday5 views

EUVD-2026-42675

A command injection vulnerability in the management plane of Palo Alto Networks PAN-OS® software enables an authenticated administrator to execute arbitrary OS commands as root. The security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of...

8.5CVSS6.2AI score
Exploits0References1
ATTACKERKB
ATTACKERKB
added yesterday2 views

CVE-2026-0286

A command injection vulnerability in the management plane of Palo Alto Networks PAN-OS® software enables an authenticated administrator to execute arbitrary OS commands as root. The security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of...

8.5CVSS6.2AI score
Exploits0References2Affected Software1
Cvelist
Cvelist
added yesterday27 views

CVE-2026-0286 PAN-OS: Authenticated Command Injection in CLI

A command injection vulnerability in the management plane of Palo Alto Networks PAN-OS® software enables an authenticated administrator to execute arbitrary OS commands as root. The security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of...

8.5CVSS
Exploits0References1
EUVD
EUVD
added yesterday5 views

EUVD-2026-42672

Multiple denial of service vulnerabilities in Palo Alto Networks PAN-OS® software allow an unauthenticated attacker with network access to cause a denial of service DoS condition by sending specially crafted network traffic to or through a dataplane interface. Repeated attempts to trigger this...

8.7CVSS5.9AI score
Exploits0References1
Cvelist
Cvelist
added yesterday36 views

CVE-2026-0287 PAN-OS: Denial of Service Vulnerabilities in Network Traffic Processing

Multiple denial of service vulnerabilities in Palo Alto Networks PAN-OS® software allow an unauthenticated attacker with network access to cause a denial of service DoS condition by sending specially crafted network traffic to or through a dataplane interface. Repeated attempts to trigger this...

8.7CVSS
Exploits0References1
Rows per page
Query Builder