CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1949 matches found

Palo Alto Networks PAN-OS Web Interface - Cross Site-Scripting

PAN-OS management web interface is vulnerable to reflected cross-site scripting. A remote attacker able to convince an administrator with an active authenticated session on the firewall management interface to click on a crafted link to that management web interface could potentially execute...

8.8CVSS7.9AI score0.2389EPSS

Exploits0References5

Nuclei•added yesterday•185 views

PAN-OS - Reflected Cross-Site Scripting

A reflected cross-site scripting XSS vulnerability in the GlobalProtect™ gateway and portal features of Palo Alto Networks PAN-OS® software enables execution of malicious JavaScript in the context of an authenticated Captive Portal user's browser when they click on a specially crafted link.The...

6.9CVSS6.3AI score0.3138EPSS

Exploits7References2

Nuclei•added 2 days ago•147 views

PAN-OS Management Web Interface - Authentication Bypass

An authentication bypass in Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to gain PAN-OS administrator privileges to perform administrative actions, tamper with the configuration, or exploit other authenticated privilege...

9.8CVSS8.3AI score0.99698EPSS

Exploits18References3

Nuclei•added 2 days ago•162 views

PAN-OS Management Interface - Path Confusion to Authentication Bypass

A vulnerability in PAN-OS management interface allows authentication bypass through path confusion between Nginx and Apache handlers.The issue occurs due to differences in path processing between Nginx and Apache, where double URL encoding combined with directory traversal can bypass authenticati...

9.1CVSS8.3AI score0.98338EPSS

Exploits8References1

Nuclei•added 2 days ago•611 views

GlobalProtect - OS Command Injection

A command injection vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the firewall.Cloud NGFW, Panorama...

10CVSS9.2AI score0.99999EPSS

Exploits43References5

The Hacker News•added 3 days ago•11 views

Palo Alto Warns of Active Exploitation of PAN-OS GlobalProtect VPN Flaw

Palo Alto Networks has revealed that it has observed "active exploitation" of a recently disclosed PAN-OS vulnerability by an unknown threat actor to obtain unauthorized access to GlobalProtect portals. The vulnerability in question is CVE-2026-0257 CVSS score: 7.8, an authentication bypass flaw...

9.1CVSS6.1AI score0.18583EPSS

Exploits9

EUVD•added 2026/06/11 12:32 a.m.•8 views

EUVD-2026-36145

A memory corruption vulnerability in the processing of tunnel traffic in Palo Alto Networks PAN-OS® software allows an authenticated user to initiate system reboots using a maliciously crafted packet. Repeated attempts to initiate a reboot causes the firewall to enter maintenance mode. Panorama,...

6.9CVSS5.5AI score0.00182EPSS

Exploits0References2

NVD•added 2026/06/10 10:16 p.m.•8 views

CVE-2026-0273

A command injection vulnerability in Palo Alto Networks PAN-OS® software enables an authenticated administrator to bypass system restrictions and run arbitrary commands as a root user. To be able to exploit this issue, the user must have access to the PAN-OS CLI or Web UI. The security risk posed...

8.6CVSS0.00825EPSS

Exploits0References1

Cvelist•added 2026/06/10 9:1 p.m.•26 views

CVE-2026-0273 PAN-OS: Authenticated Admin Command Injection Vulnerability via CLI or Web UI

8.6CVSS0.00825EPSS

Exploits0References1

Vulnrichment•added 2026/06/10 9:1 p.m.•14 views

CVE-2026-0273 PAN-OS: Authenticated Admin Command Injection Vulnerability via CLI or Web UI

8.6CVSS5.7AI score0.00825EPSS

Exploits0References1

GithubExploit•added 2026/06/10 7:34 a.m.•37 views

Exploit for Reliance on Cookies without Validation and Integrity Checking in Paloaltonetworks Pan-Os

🚨 CVE-2026-0257 – PAN-OS GlobalProtect Authentication Bypass...

9.1CVSS5.9AI score0.18583EPSS

Exploits9

Tenable Nessus•added 2026/06/10 12:0 a.m.•10 views

Palo Alto Networks PAN-OS 10.2.x / 11.1.x / 11.2.x / 12.1.x Vulnerability

The version of Palo Alto Networks PAN-OS running on the remote host is a vulnerable version of 10.2.x, 11.1.x, 11.2.x, or 12.1.x. It is, therefore, affected by a vulnerability. A command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to bypass...

8.6CVSS5.7AI score0.00825EPSS

Exploits0References2

Tenable Nessus•added 2026/06/10 12:0 a.m.•4 views

Palo Alto Networks PAN-OS 10.2.x / 11.1.x / 11.2.x / 12.1.x Vulnerability

The version of Palo Alto Networks PAN-OS running on the remote host is a vulnerable version of 10.2.x, 11.1.x, 11.2.x, or 12.1.x. It is, therefore, affected by a vulnerability. A privilege escalation vulnerability in Palo Alto Networks PAN-OS software allows an authenticated administrator with...

8.5CVSS5.4AI score0.00229EPSS

Exploits0References2

CNNVD•added 2026/06/10 12:0 a.m.•4 views

Palo Alto Networks PAN-OS 跨站脚本漏洞

Palo Alto Networks PAN-OS is an operating system developed by Palo Alto Networks for its firewall devices. Palo Alto Networks PAN-OS has a cross-site scripting vulnerability. This vulnerability stems from cross-site scripting, and it could allow malicious authenticated administrators to use the w...

4.8CVSS5AI score0.00213EPSS

Exploits0References1

CNNVD•added 2026/06/10 12:0 a.m.•7 views

Palo Alto Networks PAN-OS 代码问题漏洞

Palo Alto Networks PAN-OS is an operating system developed by Palo Alto Networks for its firewall devices. There is a code vulnerability in Palo Alto Networks PAN-OS, which stems from memory corruption during tunnel traffic processing. This vulnerability could allow authenticated users to initiat...

6.9CVSS5.5AI score0.00182EPSS

Exploits0References1

RedhatCVE•added 2026/06/05 7:25 p.m.•6 views

CVE-2026-0256

A stored cross-site scripting XSS vulnerability in Palo Alto Networks PAN-OS® software enables a malicious authenticated administrator to store a JavaScript payload using the web interface. This issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama virtual an...

6.9CVSS5.2AI score0.0028EPSS

Exploits0References1

RedhatCVE•added 2026/06/05 7:12 p.m.•6 views

CVE-2026-0263

A buffer overflow vulnerability in the IKEv2 processing of Palo Alto Networks PAN-OS® software allows an unauthenticated network-based attacker to execute arbitrary code with elevated privileges on the firewall, or cause a denial of service DoS condition. Panorama, Cloud NGFW, and Prisma® Access...

9.2CVSS6.4AI score0.0031EPSS

Exploits0References1

The Hacker News•added 2026/06/01 1:59 p.m.•16 views

⚡ Weekly Recap: New Linux Flaw, PAN-OS Exploit, AI-Powered Attacks, OAuth Phishing and More

Monday hit like a cron job with anger issues. A busted auth path here, a repo-side faceplant there, some "patched-ish" thing already getting chewed on in the wild, and then the usual bonus round: poisoned dev tools, sketchy forum chatter, phishing kits pretending to be productivity, and AI loweri...

9.1CVSS7.2AI score0.18583EPSS

Exploits9

GithubExploit•added 2026/06/01 12:2 p.m.•84 views

Exploit for Reliance on Cookies without Validation and Integrity Checking in Paloaltonetworks Pan-Os

CVE-2026-0257 - Palo Alto Networks GlobalProtect Authenticatio...

9.1CVSS6AI score0.18583EPSS

Exploits9

GithubExploit•added 2026/06/01 12:41 a.m.•87 views

Exploit for Reliance on Cookies without Validation and Integrity Checking in Paloaltonetworks Pan-Os

CVE-2026-0257 - GlobalProtect portal Authentication Bypass...

9.1CVSS6AI score0.18583EPSS

Exploits9