CVE-2026-0249

Multiple improper certificate validation vulnerabilities in the Palo Alto Networks GlobalProtect™ app enables an attacker to intercept encrypted communications and potentially compromise the endpoint. This can enable a local non-administrative operating system user or an attacker on the same subn...

Palo Alto Networks GlobalProtect app 信任管理问题漏洞

The Palo Alto Networks GlobalProtect app is a network protection software developed by Palo Alto Networks. The GlobalProtect app has a trust management vulnerability caused by improper certificate verification. This vulnerability allows attackers to intercept encrypted communications and...

Palo Alto GlobalProtect App Windows 6.x < 6.2.8-h3 / 6.3.x < 6.3.3-h2 Improper Certificate Validation (CVE-2025-2183)

The version of Palo Alto GlobalProtect App installed on the remote Windows host is 6.x prior to 6.2.8-h3 or 6.3.x prior to 6.3.3-h2. It is, therefore, affected by an improper certificate validation vulnerability: - An insufficient certificate validation issue in the Palo Alto Networks GlobalProte...

CVE-2025-2183

An insufficient certificate validation issue in the Palo Alto Networks GlobalProtect™ app enables attackers to connect the GlobalProtect app to arbitrary servers. This can enable a local non-administrative operating system user or an attacker on the same subnet to install malicious root...

mailcow Security Vulnerabilities

mailcow is a mail server suite. A security vulnerability exists in previous versions of mailcow 2024-01c that stems from allowing an attacker on the same subnet to connect to a public port of a Docker container...