paloaltonetworks

348 tracked vulnerabilities.

CVE-2026-0287 HIGH
PAN-OS: Denial of Service Vulnerabilities in Network Traffic Processing
Jul 09, 2026
CVSS 7.5
EPSS 0.01
CVE-2026-0286 HIGH
Palo Alto Networks Cloud Ngfw - Command Injection
Jul 09, 2026
CVSS 7.2
EPSS 0.01
CVE-2026-0285 MEDIUM
PAN-OS Management Web Interface - Authenticated Server-Side Request Forgery
Jul 09, 2026
CVSS 4.9
EPSS 0.00
CVE-2026-0284 CRITICAL
PAN-OS LSVPN - Unauthenticated XML Injection
Jul 09, 2026
CVSS 9.9
EPSS 0.00
CVE-2026-0283 HIGH
PAN-OS LSVPN - Authentication Bypass
Jul 09, 2026
CVSS 7.2
EPSS 0.01
CVE-2026-0282 MEDIUM
PAN-OS Management Web Interface - Unauthenticated File Deletion
Jul 09, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-0281 HIGH
Palo Alto Networks Cloud Ngfw - Information Disclosure
Jul 09, 2026
CVSS 7.1
EPSS 0.00
CVE-2026-0280 HIGH
PAN-OS: IPv6 Firewall Policy Bypass
Jul 09, 2026
CVSS 7.2
EPSS 0.00
CVE-2026-0279 MEDIUM
Palo Alto Networks Cloud Ngfw - XSS
Jul 09, 2026
CVSS 6.1
EPSS 0.01
CVE-2026-0288 HIGH
PAN-OS: Buffer Overflow Vulnerabilities in User-ID Terminal Server Agent
Jul 08, 2026
CVSS 7.5
EPSS 0.01
CVE-2026-45169 HIGH
Idira Privileged Access Manager (PAM) Self-Hosted Vault: Denial of Service due to Unexpected Input Processing
Jun 12, 2026
CVSS 8.6
EPSS 0.00
CVE-2026-45170 HIGH
Idira Privilege Cloud Connector: Potential Security Bypass due to Incomplete TLS Certificate Validation
Jun 12, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-45174 HIGH
Idira Endpoint Privilege Manager Linux Agent: Potential bypass of Agent Daemon Initialization
Jun 11, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-45173 MEDIUM
Idira Identity Browser Extension: Unauthorized Application Interaction via Origin Validation Failure
Jun 11, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-45172 HIGH
Idira Privileged Session Manager for SSH (PSMP): Arbitrary Command Execution via Improper Neutralization of Special Elements used in an OS Command
Jun 11, 2026
CVSS 8.8
EPSS 0.01
CVE-2026-45171 HIGH
Idira Privileged Session Manager (PSM): Potential Code Execution due to an Incomplete Input Validation
Jun 11, 2026
CVSS 8.8
EPSS 0.01
CVE-2026-45175 HIGH
Idira Endpoint Privilege Manager Agent: Security Control and Cryptographic Validation Bypass in Internal Agent Validation Processes
Jun 11, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-45178 HIGH
Idira Secrets Manager Self-Hosted: Improper Access Control in Internal Cluster Endpoints
Jun 11, 2026
CVSS 8.1
EPSS 0.00
CVE-2026-45177 CRITICAL
Idira Secrets Manager SaaS Edge: Authentication Bypass of an internal validation mechanism
Jun 11, 2026
CVSS 9.1
EPSS 0.01
CVE-2026-45176 HIGH
Idira Endpoint Privilege Manager Agent: Local Privilege Escalation via Internal Communication or File Operation Manipulation
Jun 11, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-0274 CRITICAL
Cortex XSOAR: Improper Validation of Credentials in CommvaultSecurityIQ integration
Jun 10, 2026
CVSS 9.1
EPSS 0.00
CVE-2026-0273 HIGH
Palo Alto Networks Cloud Ngfw - Command Injection
Jun 10, 2026
CVSS 7.2
EPSS 0.01
CVE-2026-0272 HIGH
Palo Alto Networks Cloud Ngfw - Privilege Escalation
Jun 10, 2026
CVSS 7.2
EPSS 0.00
CVE-2026-0271 HIGH
Prisma Access Agent: Local Privilege Escalation by Authorized Users
Jun 10, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-0270 HIGH
Cortex XSOAR: Path Traversal Vulnerability
Jun 10, 2026
CVSS 7.5
EPSS 0.00