Lucene search
K

259 matches found

NVD
NVD
added 6 days ago6 views

CVE-2026-0278

Multiple protection mechanism failures in the Prisma Access Agent Data Loss Prevention DLP component for Windows allow a local user to bypass DLP policy enforcement controls. The Prisma Access Agent on macOS is not affected...

8.4CVSS0.00151EPSS
Exploits0References1
NVD
NVD
added 6 days ago6 views

CVE-2026-0277

An improper certificate validation vulnerability in the Prisma® Access Agent for iOS enables an attacker to perform a man-in-the-middle MitM attack to intercept VPN traffic. The Prisma Access Agent on Windows, macOS, Linux, Android and ChromeOS are not affected...

8.7CVSS0.00125EPSS
Exploits0References1
NVD
NVD
added 6 days ago8 views

CVE-2026-0282

A file deletion vulnerability in Palo Alto Networks PAN-OS® software enables an unauthenticated attacker with network access to the management web interface to delete files from a temporary directory. The security risk posed by this issue is minimized by restricting access to the management web...

6.9CVSS0.00288EPSS
Exploits0References1
EUVD
EUVD
added 6 days ago6 views

EUVD-2026-42689

An improper certificate validation vulnerability in the Prisma® Access Agent for iOS enables an attacker to perform a man-in-the-middle MitM attack to intercept VPN traffic. The Prisma Access Agent on Windows, macOS, Linux, Android and ChromeOS are not affected...

8.7CVSS6AI score0.00125EPSS
Exploits0References1
CVE
CVE
added 6 days ago17 views

CVE-2026-0277

The CVE covers Prisma Access Agent for iOS with an improper certificate validation weakness enabling a man-in-the-middle to intercept VPN traffic. Other platforms (Windows, macOS, Linux, Android, ChromeOS) are not affected. Root cause: improper certificate validation in iOS client. Impact is desc...

8.7CVSS6AI score0.00125EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 6 days ago7 views

CVE-2026-0277

An improper certificate validation vulnerability in the Prisma® Access Agent for iOS enables an attacker to perform a man-in-the-middle MitM attack to intercept VPN traffic. The Prisma Access Agent on Windows, macOS, Linux, Android and ChromeOS are not affected...

8.7CVSS6AI score0.00125EPSS
Exploits0References2
Cvelist
Cvelist
added 6 days ago37 views

CVE-2026-0277 Prisma Access Agent: Improper Certificate Validation on iOS

An improper certificate validation vulnerability in the Prisma® Access Agent for iOS enables an attacker to perform a man-in-the-middle MitM attack to intercept VPN traffic. The Prisma Access Agent on Windows, macOS, Linux, Android and ChromeOS are not affected...

8.7CVSS0.00125EPSS
Exploits0References1
EUVD
EUVD
added 6 days ago5 views

EUVD-2026-42688

Multiple protection mechanism failures in the Prisma Access Agent Data Loss Prevention DLP component for Windows allow a local user to bypass DLP policy enforcement controls. The Prisma Access Agent on macOS is not affected...

8.4CVSS5.9AI score0.00151EPSS
Exploits0References1
CVE
CVE
added 6 days ago13 views

CVE-2026-0278

Summary: CVE-2026-0278 affects the Prisma Access Agent on Windows, where multiple protection mechanism failures in the Data Loss Prevention (DLP) component allow bypass of DLP policy enforcement. The macOS agent is not affected. Affected versions: 24.0 through 26.2. Impact: DLP controls can be ci...

8.4CVSS5.9AI score0.00151EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 6 days ago7 views

CVE-2026-0278

Multiple protection mechanism failures in the Prisma Access Agent Data Loss Prevention DLP component for Windows allow a local user to bypass DLP policy enforcement controls. The Prisma Access Agent on macOS is not affected...

8.4CVSS5.9AI score0.00151EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 6 days ago36 views

CVE-2026-0278 Prisma Access Agent: Multiple DLP Policy Bypass Vulnerabilities on Windows

Multiple protection mechanism failures in the Prisma Access Agent Data Loss Prevention DLP component for Windows allow a local user to bypass DLP policy enforcement controls. The Prisma Access Agent on macOS is not affected...

8.4CVSS0.00151EPSS
Exploits0References1
CVE
CVE
added 6 days ago12 views

CVE-2026-0281

CVE-2026-0281 describes an information-disclosure vulnerability in Palo Alto Networks PAN-OS. An unauthenticated attacker with network access to the management web interface can obtain web session tokens, but exploitation requires a legitimate user to click a malicious link. Affected products inc...

7.1CVSS6AI score0.00278EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 6 days ago7 views

EUVD-2026-42679

A file deletion vulnerability in Palo Alto Networks PAN-OS® software enables an unauthenticated attacker with network access to the management web interface to delete files from a temporary directory. The security risk posed by this issue is minimized by restricting access to the management web...

6.9CVSS6AI score0.00288EPSS
Exploits0References1
EUVD
EUVD
added 6 days ago7 views

EUVD-2026-42678

An authentication bypass vulnerability in Large Scale VPN LSVPN functionality of Palo Alto Networks PAN-OS software allows an attacker with network access to bypass security restrictions and establish an unauthorized site-to-site VPN connection. Panorama, Cloud NGFW, and Prisma® Access are not...

7.8CVSS6AI score0.00338EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 6 days ago5 views

CVE-2026-0286

A command injection vulnerability in the management plane of Palo Alto Networks PAN-OS® software enables an authenticated administrator to execute arbitrary OS commands as root. The security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of...

8.5CVSS6.2AI score0.014EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 6 days ago35 views

CVE-2026-0286 PAN-OS: Authenticated Command Injection in CLI

A command injection vulnerability in the management plane of Palo Alto Networks PAN-OS® software enables an authenticated administrator to execute arbitrary OS commands as root. The security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of...

8.5CVSS0.014EPSS
Exploits0References1
CVE
CVE
added 6 days ago15 views

CVE-2026-0286

Summary: CVE-2026-0286 is a command-injection vulnerability in the PAN-OS management plane. An authenticated administrator can execute arbitrary OS commands as root, via the CLI. The flaw affects PAN-OS on PA-Series and VM-Series firewalls and Panorama (virtual and M-Series); Cloud NGFW and Prism...

8.5CVSS6.2AI score0.014EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/07/08 12:0 a.m.5 views

PT-2026-56529

Multiple protection mechanism failures in the Prisma Access Agent Data Loss Prevention DLP component for Windows allow a local user to bypass DLP policy enforcement controls. The Prisma Access Agent on macOS is not affected...

8.4CVSS5.9AI score0.00151EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/11 12:32 a.m.10 views

EUVD-2026-36134

A cross-site scripting XSS vulnerability in Palo Alto Networks PAN-OS® software enables a malicious authenticated administrator to store a JavaScript payload using the web interface. This issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama virtual and...

4.8CVSS5.2AI score0.00126EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/11 12:32 a.m.11 views

EUVD-2026-36144

A security control bypass vulnerability in Prisma Access Agent for Linux allows a local attacker to route network traffic outside the VPN tunnel. This does not impact Prisma Access Agent on Windows, macOS, iOS, Android, or ChromeOS...

6.9CVSS5.5AI score0.00095EPSS
Exploits0References2
Rows per page
Query Builder