11 matches found
CVE-2026-0284
An XML injection vulnerability in the Large Scale VPN LSVPN functionality of Palo Alto Networks PAN-OS® software enables an unauthenticated attacker with network access to inject malicious XML content, potentially leading to information disclosure or corruption of internal LSVPN satellite data...
EUVD-2026-42678
An authentication bypass vulnerability in Large Scale VPN LSVPN functionality of Palo Alto Networks PAN-OS software allows an attacker with network access to bypass security restrictions and establish an unauthorized site-to-site VPN connection. Panorama, Cloud NGFW, and Prisma® Access are not...
EUVD-2026-42672
Multiple denial of service vulnerabilities in Palo Alto Networks PAN-OS® software allow an unauthenticated attacker with network access to cause a denial of service DoS condition by sending specially crafted network traffic to or through a dataplane interface. Repeated attempts to trigger this...
CVE-2026-0287
CVE-2026-0287 describes multiple denial-of-service vulnerabilities in Palo Alto Networks PAN-OS, exploitable by unauthenticated network access to dataplane interfaces. Affected: PAN-OS versions including 10.2.x, 11.1.x, 11.2.x and 12.1.x. Impact: potential DoS with firewall entering maintenance m...
CVE-2026-0288 PAN-OS: Buffer Overflow Vulnerabilities in User-ID Terminal Server Agent
Multiple buffer overflow vulnerabilities in the User-ID Terminal Server Agent TSA component of Palo Alto Networks PAN-OS software allow an unauthenticated attacker with network access to cause a denial of service DoS condition or potentially execute arbitrary code by sending specially crafted...
CVE-2026-0288 PAN-OS: Buffer Overflow Vulnerabilities in User-ID Terminal Server Agent
Multiple buffer overflow vulnerabilities in the User-ID Terminal Server Agent TSA component of Palo Alto Networks PAN-OS software allow an unauthenticated attacker with network access to cause a denial of service DoS condition or potentially execute arbitrary code by sending specially crafted...
CVE-2026-0258
A server-side request forgery SSRF vulnerability in the IKEv2 implementation of Palo Alto Networks PAN-OS® software allows an unauthenticated attacker to cause the firewall to send network requests to unintended destinations or cause a denial of service DoS condition. Panorama, Cloud NGFW and...
CVE-2026-0257 PAN-OS: GlobalProtect Authentication Bypass Vulnerabilities
Authentication bypass vulnerabilities in the GlobalProtect portal and gateway of Palo Alto Networks PAN-OS® software allows the attacker to bypass security restrictions and establish an unauthorized VPN connection. Panorama and Cloud NGFW are not impacted by these issues...
CVE-2026-0257
CVE-2026-0257 affects Palo Alto Networks PAN-OS GlobalProtect Portal and GlobalProtect Gateway (not Panorama/Cloud NGFW). The vulnerability is an authentication bypass (CWE-565) that can allow an unauthenticated attacker to bypass security restrictions and establish an unauthorized VPN connection...
CVE-2026-0262 PAN-OS: Denial of Service Vulnerabilities in Network Traffic Parsing
Multiple denial of service vulnerabilities in Palo Alto Networks PAN-OS® software allow an unauthenticated attacker with network access to cause a denial of service DoS condition by sending specially crafted network traffic. Panorama and Cloud NGFW are not impacted by these vulnerabilities...
CVE-2026-0262
Multiple denial of service vulnerabilities in Palo Alto Networks PAN-OS® software allow an unauthenticated attacker with network access to cause a denial of service DoS condition by sending specially crafted network traffic. Panorama and Cloud NGFW are not impacted by these vulnerabilities...