Lucene search
K

151 matches found

NVD
NVD
added 6 days ago8 views

CVE-2026-0284

An XML injection vulnerability in the Large Scale VPN LSVPN functionality of Palo Alto Networks PAN-OS® software enables an unauthenticated attacker with network access to inject malicious XML content, potentially leading to information disclosure or corruption of internal LSVPN satellite data...

9.9CVSS0.00448EPSS
Exploits0References1
NVD
NVD
added 6 days ago8 views

CVE-2026-0283

An authentication bypass vulnerability in Large Scale VPN LSVPN functionality of Palo Alto Networks PAN-OS software allows an attacker with network access to bypass security restrictions and establish an unauthorized site-to-site VPN connection. Panorama, Cloud NGFW, and Prisma® Access are not...

7.8CVSS0.00338EPSS
Exploits0References1
CVE
CVE
added 6 days ago26 views

CVE-2026-0283

CVE-2026-0283 concerns Palo Alto Networks PAN-OS Large Scale VPN (LSVPN). The vulnerability is an authentication bypass in LSVPN that could allow an attacker with network access to bypass restrictions and establish an unauthorized site-to-site VPN. Public write-ups reference PAN-OS versions 10.2....

7.8CVSS6AI score0.00338EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 6 days ago36 views

CVE-2026-0283 PAN-OS: Authentication Bypass Vulnerability in Large Scale VPN (LSVPN)

An authentication bypass vulnerability in Large Scale VPN LSVPN functionality of Palo Alto Networks PAN-OS software allows an attacker with network access to bypass security restrictions and establish an unauthorized site-to-site VPN connection. Panorama, Cloud NGFW, and Prisma® Access are not...

7.8CVSS0.00338EPSS
Exploits0References1
EUVD
EUVD
added 6 days ago7 views

EUVD-2026-42678

An authentication bypass vulnerability in Large Scale VPN LSVPN functionality of Palo Alto Networks PAN-OS software allows an attacker with network access to bypass security restrictions and establish an unauthorized site-to-site VPN connection. Panorama, Cloud NGFW, and Prisma® Access are not...

7.8CVSS6AI score0.00338EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 6 days ago8 views

CVE-2026-0284

An XML injection vulnerability in the Large Scale VPN LSVPN functionality of Palo Alto Networks PAN-OS® software enables an unauthenticated attacker with network access to inject malicious XML content, potentially leading to information disclosure or corruption of internal LSVPN satellite data...

7.8CVSS6AI score0.00448EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 6 days ago8 views

EUVD-2026-42677

An XML injection vulnerability in the Large Scale VPN LSVPN functionality of Palo Alto Networks PAN-OS® software enables an unauthenticated attacker with network access to inject malicious XML content, potentially leading to information disclosure or corruption of internal LSVPN satellite data...

7.8CVSS6AI score0.00448EPSS
Exploits0References1
CVE
CVE
added 6 days ago11 views

CVE-2026-0284

CVE-2026-0284 describes an XML injection vulnerability in the PAN-OS Large Scale VPN (LSVPN) functionality. An unauthenticated attacker with network access can inject malicious XML content, potentially leading to information disclosure or corruption of internal LSVPN satellite data. PAN-OS compon...

9.9CVSS6AI score0.00448EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 6 days ago47 views

CVE-2026-0284 PAN-OS: XML Injection Vulnerability in Large Scale VPN (LSVPN)

An XML injection vulnerability in the Large Scale VPN LSVPN functionality of Palo Alto Networks PAN-OS® software enables an unauthenticated attacker with network access to inject malicious XML content, potentially leading to information disclosure or corruption of internal LSVPN satellite data...

7.8CVSS0.00448EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/07/08 12:0 a.m.6 views

Palo Alto Networks PAN-OS 10.2.x / 11.1.x / 11.2.x / 12.1.x Vulnerability

The version of Palo Alto Networks PAN-OS running on the remote host is a vulnerable version of 10.2.x, 11.1.x, 11.2.x, or 12.1.x. It is, therefore, affected by a vulnerability. An XML injection vulnerability in the Large Scale VPN LSVPN functionality of Palo Alto Networks PAN-OS software enables ...

9.9CVSS7AI score0.00448EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/07/08 12:0 a.m.7 views

Palo Alto Networks PAN-OS 10.2.x / 11.1.x / 11.2.x / 12.1.x Vulnerability

The version of Palo Alto Networks PAN-OS running on the remote host is a vulnerable version of 10.2.x, 11.1.x, 11.2.x, or 12.1.x. It is, therefore, affected by a vulnerability. An authentication bypass vulnerability in Large Scale VPN LSVPN functionality of Palo Alto Networks PAN-OS software allo...

7.8CVSS7AI score0.00338EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2026/06/12 12:0 a.m.11 views

FreeType Automated Font Corpus Scanner

This Python framework implements a structured font-analysis pipeline for large-scale robustness testing of FreeType font parsing behavior...

5.2AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/26 12:0 a.m.11 views

The Fault in Our Drafts: Vulnerabilities in RPKI Specification and Software

The Resource Public Key Infrastructure RPKI secures the Internet's routing system by defining a complex trust and validation framework for certificates, Route Origin Authorizations ROAs, manifests, and Certificate Revocation Lists CRLs. These mechanisms are specified across dozens of RFCs. This...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2026/05/25 12:2 p.m.32 views

Ghost CMS CVE-2026-26980 Exploited to Hijack 700+ Sites for ClickFix Attacks

Threat actors are exploiting a recently disclosed critical security flaw in Ghost CMS to inject malicious JavaScript code with an aim to fuel ClickFix attacks. According to QiAnXin XLab, the activity involves the exploitation of CVE-2026-26980 CVSS score: 9.4, an SQL injection vulnerability in...

9.4CVSS6.5AI score0.69996EPSS
Exploits7
Packet Storm News
Packet Storm News
added 2026/05/17 12:0 a.m.29 views

ADR: An Agentic Detection System for Enterprise Agentic AI Security

We present the Agentic AI Detection and Response ADR system, the first large-scale, production-proven enterprise framework for securing AI agents operating through the Model Context Protocol MCP. We identify three persistent challenges in this domain: 1 limited observability -- existing Endpoint...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/29 12:0 a.m.11 views

VulStyle: A Multi-Modal Pre-Training for Code Stylometry-Augmented Vulnerability Detection

We present VulStyle, a multi-modal software vulnerability detection model that jointly encodes function-level source code, non-terminal Abstract Syntax Tree AST structure, and code stylometry CStyle features. Prior work in code representation primarily leverages token-level models or full AST...

5.2AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/29 12:0 a.m.30 views

Indirect Prompt Injection in the Wild: An Empirical Study of Prevalence, Techniques, and Objectives

As LLMs are increasingly integrated into systems that browse, retrieve, summarize, and act on web content, webpages have become an untrusted input vector for downstream model behavior. This enables site owners, contributors, and adversaries to embed instructions directly in web resources, i.e.,...

5.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/07 12:0 a.m.7 views

Hackers or Hallucinators? A Comprehensive Analysis of LLM-Based Automated Penetration Testing

The rapid advancement of Large Language Models LLMs has created new opportunities for Automated Penetration Testing AutoPT, spawning numerous frameworks aimed at achieving end-to-end autonomous attacks. However, despite the proliferation of related studies, existing research generally lacks...

6AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2026/04/06 4:34 p.m.54 views

Inside an AI‑enabled device code phishing campaign

In this article 1. Attack chain overview 2. Mitigation and protection guidance 3. Indicators of compromise IOC 4. References 5. Learn more Microsoft Defender Security Research has observed a widespread phishing campaign leveraging the Device Code Authentication flow to compromise organizational...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/30 12:0 a.m.42 views

Debt behind the AI Boom: A Large-Scale Empirical Study of AI-Generated Code in the Wild

AI coding assistants are now widely used in software development. Software developers increasingly integrate AI-generated code into their codebases to improve productivity. Prior studies have shown that AI-generated code may contain code quality issues under controlled settings. However, we still...

6AI score
Exploits0
Rows per page
Query Builder