CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 4 days ago•5 views

EUVD-2026-36148

A privilege escalation vulnerability in Palo Alto Networks PAN-OS® software allows an authenticated administrator with access to the Command Line Interface CLI to perform actions on the device with root privileges. The security risk posed by this issue is significantly minimized when CLI access i...

8.5CVSS5.5AI score0.00028EPSS

CVE•added 5 days ago•10 views

CVE-2026-0273

CVE-2026-0273 is a command injection vulnerability in Palo Alto Networks PAN-OS software that allows an authenticated administrator to bypass system restrictions and execute arbitrary commands as root. The issue affects PAN-OS on PA-Series and VM-Series firewalls and Panorama , with access requir...

8.6CVSS5.7AI score0.00255EPSS

Cvelist•added 5 days ago•26 views

CVE-2026-0273 PAN-OS: Authenticated Admin Command Injection Vulnerability via CLI or Web UI

8.6CVSS0.00255EPSS

Vulnrichment•added 5 days ago•7 views

CVE-2026-0273 PAN-OS: Authenticated Admin Command Injection Vulnerability via CLI or Web UI

8.6CVSS5.7AI score0.00255EPSS

Cvelist•added 5 days ago•26 views

CVE-2026-0266 PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in the Web Interface

A cross-site scripting XSS vulnerability in Palo Alto Networks PAN-OS® software enables a malicious authenticated administrator to store a JavaScript payload using the web interface. This issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama virtual and...

4.8CVSS0.00033EPSS

Vulnrichment•added 5 days ago•4 views

CVE-2026-0266 PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in the Web Interface

4.8CVSS5.2AI score0.00033EPSS

Tenable Nessus•added 5 days ago•3 views

Palo Alto Networks PAN-OS 10.2.x / 11.1.x / 11.2.x / 12.1.x Vulnerability

The version of Palo Alto Networks PAN-OS running on the remote host is a vulnerable version of 10.2.x, 11.1.x, 11.2.x, or 12.1.x. It is, therefore, affected by a vulnerability. A privilege escalation vulnerability in Palo Alto Networks PAN-OS software allows an authenticated administrator with...

8.5CVSS5.4AI score0.00028EPSS

RedhatCVE•added 2026/06/05 7:25 p.m.•6 views

CVE-2026-0256

A stored cross-site scripting XSS vulnerability in Palo Alto Networks PAN-OS® software enables a malicious authenticated administrator to store a JavaScript payload using the web interface. This issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama virtual an...

6.9CVSS5.2AI score0.00062EPSS

RedhatCVE•added 2026/05/14 7:58 p.m.•6 views

CVE-2026-0265

An authentication bypass vulnerability in Palo Alto Networks PAN-OS® software enables an unauthenticated attacker with network access to bypass authentication controls when Cloud Authentication Service CAS is enabled. The risk is higher if CAS is enabled on the management interface and lower when...

Rapid7 Blog•added 2026/05/14 7:15 p.m.•7 views

Exploits3References1

CVE-2026-0265: Authentication Bypass in Palo Alto Networks PAN-OS

Overview On May 13, 2026, Palo Alto Networks published a security advisory for CVE-2026-0265, a signature verification vulnerability that facilitates authentication bypass on PAN-OS, the operating system that most Palo Alto Networks firewalls run. This vulnerability allows a remote unauthenticate...

NVD•added 2026/05/13 7:17 p.m.•5 views

Exploits3

CVE-2026-0261

Multiple command injection vulnerabilities in Palo Alto Networks PAN-OS® software enable an authenticated administrator to bypass system restrictions and run arbitrary commands as a root user. To be able to exploit this issue, the user must have access to the PAN-OS CLI or Web UI. The security ri...

8.6CVSS0.0011EPSS

NVD•added 2026/05/13 7:17 p.m.•3 views

CVE-2026-0256

6.9CVSS0.00062EPSS

Cvelist•added 2026/05/13 6:18 p.m.•37 views

CVE-2026-0256 PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in the Web Interface

6.9CVSS0.00062EPSS

Vulnrichment•added 2026/05/13 6:18 p.m.•3 views

CVE-2026-0256 PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in the Web Interface

6.9CVSS5.7AI score0.00062EPSS

CVE•added 2026/05/13 6:18 p.m.•16 views

CVE-2026-0256

CVE-2026-0256 describes a stored cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software that allows a malicious authenticated administrator to store a JavaScript payload via the web interface. Affected products include PAN-OS on PA-Series and VM-Series firewalls and Panora...

6.9CVSS5.7AI score0.00062EPSS

Cvelist•added 2026/05/13 5:38 p.m.•35 views

CVE-2026-0265 PAN-OS: Authentication Bypass with Cloud Authentication Service (CAS) enabled

9.2CVSS0.0006EPSS

Exploits3References1

ATTACKERKB•added 2026/05/13 5:38 p.m.•5 views

CVE-2026-0265

Exploits3References2Affected Software1

CVE•added 2026/05/13 5:38 p.m.•28 views

CVE-2026-0265

PAN-OS contains an authentication bypass vulnerability (CVE-2026-0265) when Cloud Authentication Service (CAS) is enabled. An unauthenticated attacker with network access can bypass authentication controls on affected PAN-OS platforms, including PA-Series/VM-Series firewalls and Panorama (virtual...

Vulnrichment•added 2026/05/13 5:38 p.m.•5 views

Exploits3References2

CVE-2026-0265 PAN-OS: Authentication Bypass with Cloud Authentication Service (CAS) enabled