| 7.2 | CVE-2026-0234
Cortex XSOAR: Improper Verification of Cryptographic Signature in Microsoft Teams integration | Cortex XSIAM Microsoft Teams Marketplace 1.5.0 Cortex XSOAR Microsoft Teams Marketplace 1.5.0 | | | 2026-04-08 | 2026-04-08 |
| 6.1 | PAN-SA-2026-0004
Chromium: Monthly Vulnerability Update (April 2026) | | | | 2026-04-08 | 2026-04-08 |
| 5.2 | CVE-2026-0233
Autonomous Digital Experience Manager: Improper validation of ADEM certificate | Autonomous Digital Experience Manager 5.10.0 | | | 2026-04-08 | 2026-04-08 |
| 4 | CVE-2026-0232
Cortex XDR Agent: Local Administrator can disable the agent on Windows | Cortex XDR Agent 9.1 Cortex XDR Agent 9.0 Cortex XDR Agent 8.9 Cortex XDR Agent 8.7-CE Cortex XDR Agent 8.3-CE Cortex XDR Agent 7.9-CE | None on Windows < 9.0.1 without CU-2120 on Windows < 8.9.1 without CU-2120 on Windows < 8.7.101-CE without CU-2120 on Windows All without CU-2120 on Windows All without CU-2120 on Windows | All on Windows 9.0 with CU-2120, >= 9.0.1 on Windows 8.9 with CU-2120, >= 8.9.1 on Windows 8.7-CE with CU-2120, >= 8.7.101-CE on Windows All with CU-2120 on Windows All with CU-2120 on Windows | 2026-04-08 | 2026-04-08 |
| i | PAN-SA-2026-0005
Informational Bulletin: Precautionary Fixes for Non-Exploitable OSS CVEs in PAN-OS | | | | 2026-04-08 | 2026-04-08 |
| i | PAN-SA-2026-0006
Informational Bulletin: Impact assessment of OSS CVEs in PAN-OS | | | | 2026-04-08 | 2026-04-08 |
| 6.1 | PAN-SA-2026-0003
Chromium: Monthly Vulnerability Update (March 2026) | | | | 2026-03-11 | 2026-03-11 |
| 4 | CVE-2026-0230
Cortex XDR Agent: Local Administrator can disable the agent on macOS | Cortex XDR Agent 9.1 Cortex XDR Agent 9.0 Cortex XDR Agent 8.9 Cortex XDR Agent 8.7-CE Cortex XDR Agent 8.3-CE | None on macOS None on macOS None on macOS < 8.7.101-CE on macOS < 8.3.102-CE on macOS | All on macOS All on macOS All on macOS >= 8.7.101-CE on macOS >= 8.3.102-CE on macOS | 2026-03-11 | 2026-03-11 |
| 5.7 | CVE-2026-0231
Cortex XDR Broker VM: Sensitive Information Disclosure Vulnerability | Cortex XDR Broker VM 30.0.0 | | | 2026-03-11 | 2026-03-11 |
| 8.1 | PAN-SA-2026-0002
Chromium: Monthly Vulnerability Update (February 2026) | | | | 2026-02-11 | 2026-02-11 |
| 6.6 | CVE-2026-0229
PAN-OS: Denial of Service in Advanced DNS Security Feature | Cloud NGFW PAN-OS Firewall 12.1.0 PAN-OS Firewall 11.2.0 PAN-OS Firewall 11.1.0 PAN-OS Firewall 10.2.0 Panorama Prisma Access | None < 12.1.4 < 11.2.10 None None None None | All >= 12.1.4 >= 11.2.10 11.1.0 10.2.0 All All | 2026-02-11 | 2026-02-19 |
| 1.3 | CVE-2026-0228
PAN-OS: Improper Validation of Terminal Server Agent Certificate | Cloud NGFW PAN-OS 12.1 PAN-OS 11.2 PAN-OS 11.1 PAN-OS 10.2 Prisma Access | None None < 11.2.8 < 11.1.11 < 10.2.17 < 10.2.10-h28 on PAN-OS, < 11.2.7-h10 on PAN-OS | All All >= 11.2.8 >= 11.1.11 >= 10.2.17 >= 10.2.10-h28 on PAN-OS, >= 11.2.7-h10 on PAN-OS | 2026-02-11 | 2026-02-11 |
| 6.1 | PAN-SA-2026-0001
Chromium: Monthly Vulnerability Update (January 2026) | | | | 2026-01-14 | 2026-01-14 |
| 7.7 | CVE-2026-0227
PAN-OS: Firewall Denial of Service (DoS) in GlobalProtect Gateway and Portal | Cloud NGFW PAN-OS 12.1 PAN-OS 11.2 PAN-OS 11.1 PAN-OS 10.2 PAN-OS 10.1 Prisma Access 11.2 Prisma Access 10.2 | None < 12.1.3-h3, < 12.1.4 < 11.2.4-h15, < 11.2.7-h8, < 11.2.10-h2 < 11.1.4-h27, < 11.1.6-h23, < 11.1.10-h9, < 11.1.13 < 10.2.7-h32, < 10.2.10-h31, < 10.2.13-h18, < 10.2.16-h6, < 10.2.18-h1 < 10.1.14-h20 < 11.2.7-h8* < 10.2.4-h43*, < 10.2.10-h29* | All >= 12.1.3-h3, >= 12.1.4 >= 11.2.4-h15, >= 11.2.7-h8, >= 11.2.10-h2 >= 11.1.4-h27, >= 11.1.6-h23, >= 11.1.10-h9, >= 11.1.13 >= 10.2.7-h32, >= 10.2.10-h31, >= 10.2.13-h18, >= 10.2.16-h6, >= 10.2.18-h1 >= 10.1.14-h20 >= 11.2.7-h8* >= 10.2.4-h43*, >= 10.2.10-h29* | 2026-01-14 | 2026-02-09 |
| 6.1 | PAN-SA-2025-0018
Chromium and Prisma Browser: Monthly Vulnerability Update (November 2025) | | | | 2025-11-12 | 2025-11-12 |
| 6.6 | CVE-2025-4619
PAN-OS: Firewall Denial of Service (DoS) Using Specially Crafted Packets | Cloud NGFW PAN-OS 12.1 PAN-OS 11.2 PAN-OS 11.1 PAN-OS 10.2 PAN-OS 10.1 Prisma Access | None None < 11.2.2-h2, < 11.2.3-h6, < 11.2.4-h4, < 11.2.5 >= 11.1.2-h9, < 11.1.2-h18, >= 11.1.3-h2, >= 11.1.4-h4, < 11.1.4-h13, < 11.1.6-h1, < 11.1.7 >= 10.2.4-h25, >= 10.2.7-h11, < 10.2.7-h24, >= 10.2.8-h10, < 10.2.8-h21, >= 10.2.9-h6, < 10.2.9-h21, >= 10.2.10-h2, < 10.2.10-h14, < 10.2.11-h12, < 10.2.12-h6, < 10.2.13-h3, < 10.2.14 None >= 10.2.4-h25 on PAN-OS, < 10.2.10-h14 on PAN-OS, < 11.2.4-h4 on PAN-OS | All All >= 11.2.2-h2, >= 11.2.3-h6, >= 11.2.4-h4, >= 11.2.5 < 11.1.2-h9, >= 11.1.2-h18, < 11.1.3-h2, < 11.1.4-h4, >= 11.1.4-h13, >= 11.1.6-h1, >= 11.1.7 < 10.2.4-h25, < 10.2.7-h11, >= 10.2.7-h24, < 10.2.8-h10, >= 10.2.8-h21, < 10.2.9-h6, >= 10.2.9-h21, < 10.2.10-h2, >= 10.2.10-h14, >= 10.2.11-h12, >= 10.2.12-h6, >= 10.2.13-h3, >= 10.2.14 All < 10.2.4-h25 on PAN-OS, >= 10.2.10-h14 on PAN-OS, >= 11.2.4-h4 on PAN-OS | 2025-11-12 | 2025-11-12 |
| i | PAN-SA-2025-0017
Informational Bulletin: Impact of OSS CVEs in Prisma SD-WAN ION | | | | 2025-11-02 | 2025-11-03 |
| 6.1 | PAN-SA-2025-0016
Chromium: Monthly Vulnerability Update (October 2025) | | | | 2025-10-08 | 2025-10-08 |
| 5.4 | CVE-2025-4615
PAN-OS: Improper Neutralization of Input in the Management Web Interface | Cloud NGFW PAN-OS 12.1 PAN-OS 11.2 PAN-OS 11.1 PAN-OS 10.2 Prisma Access | None None < 11.2.8 < 11.1.4-h27, < 11.1.6-h21, < 11.1.10-h7 < 10.2.17 None | All All >= 11.2.8 >= 11.1.4-h27, >= 11.1.6-h21, >= 11.1.10-h7 >= 10.2.17 All | 2025-10-08 | 2026-04-01 |
| 1.1 | CVE-2025-4614
PAN-OS: Session Token Disclosure Vulnerability | Cloud NGFW PAN-OS 12.1 PAN-OS 11.2 PAN-OS 11.1 PAN-OS 10.2 Prisma Access | None None < 11.2.8 < 11.1.6-h21 < 10.2.17 None | All All >= 11.2.8 >= 11.1.6-h21 >= 10.2.17 All | 2025-10-08 | 2025-10-08 |
| 6.1 | PAN-SA-2025-0015
Chromium: Monthly Vulnerability Update (September 2025) | | | | 2025-09-10 | 2025-09-10 |
| 4.2 | CVE-2025-4235
User-ID Credential Agent: Cleartext Exposure of Service Account password | User-ID Credential Agent 11.0.0 | >= 11.0.2-133 on Windows, < 11.0.3 on Windows | < 11.0.2-133 on Windows, >= 11.0.3 on Windows | 2025-09-10 | 2025-09-10 |
| 0.5 | CVE-2025-4234
Cortex XDR Microsoft 365 Defender Pack: Cleartext Exposure of Credentials | Cortex XDR Microsoft 365 Defender Pack 4.6.0 | | | 2025-09-10 | 2025-09-10 |
| 6.1 | PAN-SA-2025-0014
Chromium: Monthly Vulnerability Update (August 2025) | | | | 2025-08-13 | 2025-08-13 |
| 1.1 | CVE-2025-2180
Checkov by Prisma Cloud: Unsafe Deserialization of Terraform Files Allows Code Execution | Checkov by Prisma Cloud 3.2.0 | | | 2025-08-13 | 2025-08-13 |