Palo Alto Prisma Access Agent 25.x / 26.x < 26.2.1 Authentication Bypass (CVE-2026-0247)

The version of Palo Alto Networks Prisma Access Agent installed on the remote host is 25.x or 26.x prior to 26.2.1. It is, therefore, affected by an authentication bypass vulnerability: - Multiple authorization bypass vulnerabilities in the Endpoint DLP component allow a local attacker to bypass...

CVE-2026-0247

Multiple authorization bypass vulnerabilities in the Endpoint DLP component of Prisma Access Agent® allow a local attacker to bypass authentication controls and execute privileged operations...

CVE-2026-0247

Multiple authorization bypass vulnerabilities in the Endpoint DLP component of Prisma Access Agent® allow a local attacker to bypass authentication controls and execute privileged operations...

CVE-2026-0247 Prisma Access Agent Endpoint DLP: Authorization Bypass Vulnerabilities

Multiple authorization bypass vulnerabilities in the Endpoint DLP component of Prisma Access Agent® allow a local attacker to bypass authentication controls and execute privileged operations...

CVE-2026-0247 Prisma Access Agent Endpoint DLP: Authorization Bypass Vulnerabilities

Multiple authorization bypass vulnerabilities in the Endpoint DLP component of Prisma Access Agent® allow a local attacker to bypass authentication controls and execute privileged operations...

Palo Alto Networks Prisma Access Agent 访问控制错误漏洞

Palo Alto Networks Prisma Access Agent is a zero-trust network access client agent developed by Palo Alto Networks. The Palo Alto Networks Prisma Access Agent has a security vulnerability related to access control. This vulnerability stems from multiple authorization bypass issues within the...

PT-2026-35948

Netskope was notified about a potential gap in the Endpoint DLP Module for Netskope Client on Windows systems. The successful exploitation of the gap can potentially allow an unprivileged user to trigger an out-of-bounds read within a driver, leading to a Blue-Screen-of-Death BSOD. Successful...

CVE-2025-15584

Netskope was notified about a potential gap in its Endpoint DLP Module for Netskope Client on Windows systems. The successful exploitation of the gap can potentially allow an unprivileged user to trigger an integer overflow within the filter communication port, leading to a Blue-Screen-of-Death...

CVE-2026-2809

Netskope was notified about a potential gap in its Endpoint DLP Module for Netskope Client on Windows systems. The successful exploitation of the gap can potentially allow a privileged user to trigger an integer overflow within the DLL Injector, leading to a Blue-Screen-of-Death BSOD. Successful...

CVE-2026-2809 Endpoint DLP Driver DLL

Netskope was notified about a potential gap in its Endpoint DLP Module for Netskope Client on Windows systems. The successful exploitation of the gap can potentially allow a privileged user to trigger an integer overflow within the DLL Injector, leading to a Blue-Screen-of-Death BSOD. Successful...

CVE-2026-2809 Endpoint DLP Driver DLL

Netskope was notified about a potential gap in its Endpoint DLP Module for Netskope Client on Windows systems. The successful exploitation of the gap can potentially allow a privileged user to trigger an integer overflow within the DLL Injector, leading to a Blue-Screen-of-Death BSOD. Successful...

CVE-2025-15584

Netskope was notified about a potential gap in its Endpoint DLP Module for Netskope Client on Windows systems. The successful exploitation of the gap can potentially allow an unprivileged user to trigger an integer overflow within the filter communication port, leading to a Blue-Screen-of-Death...

CVE-2026-28395

OpenClaw version 2026.1.14-1 prior to 2026.2.12 contains an improper network binding vulnerability in the Chrome extension must be installed and enabled relay server that treats wildcard hosts as loopback addresses, allowing the relay HTTP/WS server to bind to all interfaces when a wildcard cdpUr...

CVE-2025-58579

Due to a lack of authentication, it is possible for an unauthenticated user to request data from this endpoint, making the application vulnerable for user enumeration...

CVE-2025-58579

Due to a lack of authentication, it is possible for an unauthenticated user to request data from this endpoint, making the application vulnerable for user enumeration...

EUVD-2025-32500

Due to a lack of authentication, it is possible for an unauthenticated user to request data from this endpoint, making the application vulnerable for user enumeration...

EUVD-2025-24660

Malicious code in bioql PyPI...

CVE-2025-5942

Netskope was notified about a potential gap in its agent NS Client on Windows systems. If this gap is successfully exploited, an unprivileged user can trigger a heap overflow in the epdlpdrv.sys driver, leading to a Blue-Screen-of-Death BSOD. Successful exploitation can also potentially be...

HCL Technologies BigFix Insights for Vulnerability Remediation (IVR) Weak Encryption Vulnerability

HCL Technologies BigFix Insights is a U.S.-based company that accelerates risk identification and decision making through elevated views of endpoint queue data, rich reporting, and integration with existing business intelligence tools. HCL Technologies BigFix Insights for Vulnerability Remediatio...

CVE-2022-31457

RTX TRAP v1.0 allows attackers to perform a directory traversal via a crafted request sent to the endpoint /data/...