Lucene search
K

270 matches found

NVD
NVD
added 5 days ago8 views

CVE-2026-0282

A file deletion vulnerability in Palo Alto Networks PAN-OS® software enables an unauthenticated attacker with network access to the management web interface to delete files from a temporary directory. The security risk posed by this issue is minimized by restricting access to the management web...

6.9CVSS0.00357EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 5 days ago7 views

CVE-2026-0279

Multiple cross site scripting vulnerabilities in the User-ID™ Authentication Portal aka Captive Portal service, GlobalProtect™ gateway/portal features and Clientless VPN of Palo Alto Networks PAN-OS® software enables a malicious unauthenticated user to store or execute malicious JavaScript payloa...

5.3CVSS5.4AI score0.01172EPSS
Exploits0References2Affected Software2
CVE
CVE
added 5 days ago12 views

CVE-2026-0281

CVE-2026-0281 describes an information-disclosure vulnerability in Palo Alto Networks PAN-OS. An unauthenticated attacker with network access to the management web interface can obtain web session tokens, but exploitation requires a legitimate user to click a malicious link. Affected products inc...

7.1CVSS6AI score0.00357EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 5 days ago7 views

EUVD-2026-42678

An authentication bypass vulnerability in Large Scale VPN LSVPN functionality of Palo Alto Networks PAN-OS software allows an attacker with network access to bypass security restrictions and establish an unauthorized site-to-site VPN connection. Panorama, Cloud NGFW, and Prisma® Access are not...

7.8CVSS6AI score0.00577EPSS
Exploits0References1
CVE
CVE
added 5 days ago14 views

CVE-2026-0286

Summary: CVE-2026-0286 is a command-injection vulnerability in the PAN-OS management plane. An authenticated administrator can execute arbitrary OS commands as root, via the CLI. The flaw affects PAN-OS on PA-Series and VM-Series firewalls and Panorama (virtual and M-Series); Cloud NGFW and Prism...

8.5CVSS6.2AI score0.01101EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 6 days ago6 views

PT-2026-56586

Name of the Vulnerable Software and Affected Versions PAN-OS versions prior to 12.1.8 PAN-OS versions prior to 11.2.13 PAN-OS versions prior to 11.1.16 PAN-OS versions prior to 10.2.18-h8 Description A command injection issue exists in the management plane of the software, specifically within the...

8.5CVSS6.2AI score0.01101EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/11 12:32 a.m.12 views

EUVD-2026-36145

A memory corruption vulnerability in the processing of tunnel traffic in Palo Alto Networks PAN-OS® software allows an authenticated user to initiate system reboots using a maliciously crafted packet. Repeated attempts to initiate a reboot causes the firewall to enter maintenance mode. Panorama,...

6.9CVSS5.5AI score0.00192EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/11 12:32 a.m.10 views

EUVD-2026-36134

A cross-site scripting XSS vulnerability in Palo Alto Networks PAN-OS® software enables a malicious authenticated administrator to store a JavaScript payload using the web interface. This issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama virtual and...

4.8CVSS5.2AI score0.00213EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:25 p.m.11 views

CVE-2026-0256

A stored cross-site scripting XSS vulnerability in Palo Alto Networks PAN-OS® software enables a malicious authenticated administrator to store a JavaScript payload using the web interface. This issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama virtual an...

6.9CVSS5.2AI score0.0028EPSS
Exploits0References1
Exploit DB
Exploit DB
added 2026/05/14 12:0 a.m.69 views

ePati Antikor NGFW 2.0.1301 - Authentication Bypass

Exploit Title: ePati Antikor NGFW 2.0.1301 - Authentication Bypass Date: 2026-04-13 Exploit Author: SADIK ERTÜRK Vendor Homepage: https://www.epati.com.tr/ Software Link: https://www.epati.com.tr/antikor-ngfw/ Version: v.2.0.1298 - v.2.0.1301 Tested on: Linux / Antikor OS CVE: CVE-2026-2624 impor...

9.8CVSS5.8AI score0.02194EPSS
Exploits2
EUVD
EUVD
added 2026/05/13 9:32 p.m.11 views

EUVD-2026-30107

Multiple command injection vulnerabilities in Palo Alto Networks PAN-OS® software enable an authenticated administrator to bypass system restrictions and run arbitrary commands as a root user. To be able to exploit this issue, the user must have access to the PAN-OS CLI or Web UI. The security ri...

8.6CVSS5.9AI score0.01336EPSS
Exploits0References2
NVD
NVD
added 2026/05/13 7:17 p.m.23 views

CVE-2026-0262

Multiple denial of service vulnerabilities in Palo Alto Networks PAN-OS® software allow an unauthenticated attacker with network access to cause a denial of service DoS condition by sending specially crafted network traffic. Panorama and Cloud NGFW are not impacted by these vulnerabilities...

8.7CVSS0.00338EPSS
Exploits0References2
NVD
NVD
added 2026/05/13 7:17 p.m.14 views

CVE-2026-0261

Multiple command injection vulnerabilities in Palo Alto Networks PAN-OS® software enable an authenticated administrator to bypass system restrictions and run arbitrary commands as a root user. To be able to exploit this issue, the user must have access to the PAN-OS CLI or Web UI. The security ri...

8.6CVSS0.01336EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/13 6:18 p.m.54 views

CVE-2026-0256 PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in the Web Interface

A stored cross-site scripting XSS vulnerability in Palo Alto Networks PAN-OS® software enables a malicious authenticated administrator to store a JavaScript payload using the web interface. This issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama virtual an...

6.9CVSS0.0028EPSS
Exploits0References1
CVE
CVE
added 2026/05/13 6:15 p.m.222 views

CVE-2026-0257

CVE-2026-0257 affects Palo Alto Networks PAN-OS GlobalProtect Portal and GlobalProtect Gateway (not Panorama/Cloud NGFW). The vulnerability is an authentication bypass (CWE-565) that can allow an unauthenticated attacker to bypass security restrictions and establish an unauthorized VPN connection...

9.1CVSS5.8AI score0.86678EPSS
In wildExploits11References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/13 6:15 p.m.74 views

CVE-2026-0257 PAN-OS: GlobalProtect Authentication Bypass Vulnerabilities

Authentication bypass vulnerabilities in the GlobalProtect portal and gateway of Palo Alto Networks PAN-OS® software allows the attacker to bypass security restrictions and establish an unauthorized VPN connection. Panorama and Cloud NGFW are not impacted by these issues...

7.8CVSS5.8AI score0.86678EPSS
Exploits11References1
Cvelist
Cvelist
added 2026/05/13 6:15 p.m.105 views

CVE-2026-0257 PAN-OS: GlobalProtect Authentication Bypass Vulnerabilities

Authentication bypass vulnerabilities in the GlobalProtect portal and gateway of Palo Alto Networks PAN-OS® software allows the attacker to bypass security restrictions and establish an unauthorized VPN connection. Panorama and Cloud NGFW are not impacted by these issues...

7.8CVSS0.86678EPSS
Exploits11References1
Cvelist
Cvelist
added 2026/05/13 5:49 p.m.33 views

CVE-2026-0262 PAN-OS: Denial of Service Vulnerabilities in Network Traffic Parsing

Multiple denial of service vulnerabilities in Palo Alto Networks PAN-OS® software allow an unauthenticated attacker with network access to cause a denial of service DoS condition by sending specially crafted network traffic. Panorama and Cloud NGFW are not impacted by these vulnerabilities...

8.7CVSS0.00338EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/13 5:38 p.m.8 views

CVE-2026-0265 PAN-OS: Authentication Bypass with Cloud Authentication Service (CAS) enabled

An authentication bypass vulnerability in Palo Alto Networks PAN-OS® software enables an unauthenticated attacker with network access to bypass authentication controls when Cloud Authentication Service CAS is enabled. The risk is higher if CAS is enabled on the management interface and lower when...

9.2CVSS5.8AI score0.0044EPSS
Exploits3References1
ATTACKERKB
ATTACKERKB
added 2026/05/06 6:57 p.m.11 views

CVE-2026-0300

A buffer overflow vulnerability in the User-ID™ Authentication Portal aka Captive Portal service of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to execute arbitrary code with root privileges on the PA-Series and VM-Series firewalls by sending specially crafted packets. T...

9.3CVSS6.6AI score0.32074EPSS
Exploits6References2Affected Software1
Rows per page
Query Builder