Palo Alto Networks Security Advisories

Clear
version
severity
product
Clear
1 - 25 of 527
VersionsAffectedUnaffected
7.2CVE-2026-0265 PAN-OS: Authentication Bypass with Cloud Authentication Service (CAS) enabled
Cloud NGFW
PAN-OS 12.1
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 10.2
Prisma Access
None
< 12.1.4-h5, < 12.1.7
< 11.2.4-h17, < 11.2.7-h13, < 11.2.10-h6, < 11.2.12
< 11.1.4-h33, < 11.1.6-h32, < 11.1.7-h6, < 11.1.10-h25, < 11.1.13-h5, < 11.1.15
< 10.2.7-h34, < 10.2.10-h36, < 10.2.13-h21, < 10.2.16-h7, < 10.2.18-h6
None
All
>= 12.1.4-h5, >= 12.1.7 (ETA: 05/28)
>= 11.2.4-h17 (ETA: 05/28), >= 11.2.7-h13, >= 11.2.10-h6, >= 11.2.12 (ETA: 05/28)
>= 11.1.4-h33, >= 11.1.6-h32, >= 11.1.7-h6 (ETA: 05/28), >= 11.1.10-h25, >= 11.1.13-h5, >= 11.1.15 (ETA: 05/28)
>= 10.2.7-h34 (ETA: 05/28), >= 10.2.10-h36, >= 10.2.13-h21 (ETA: 05/28), >= 10.2.16-h7 (ETA: 05/28), >= 10.2.18-h6
All
2026-05-132026-05-13
7.2CVE-2026-0264 PAN-OS: Heap-Based Buffer Overflow in DNS Proxy and DNS Server Allows Unauthenticated Remote Code Execution
Cloud NGFW
PAN-OS 12.1
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 10.2
Prisma Access
None on AWS, None on Azure unless you have been contacted by Palo Alto Networks
< 12.1.4-h5, < 12.1.7
< 11.2.4-h17, < 11.2.7-h13, < 11.2.10-h6, < 11.2.12
< 11.1.4-h33, < 11.1.6-h32, < 11.1.7-h6, < 11.1.10-h25, < 11.1.13-h5, < 11.1.15
< 10.2.7-h34, < 10.2.10-h36, < 10.2.13-h21, < 10.2.16-h7, < 10.2.18-h6
None
All on AWS, All on Azure unless you have been contacted by Palo Alto Networks
>= 12.1.4-h5, >= 12.1.7 (ETA: 05/28)
>= 11.2.4-h17 (ETA: 05/28), >= 11.2.7-h13, >= 11.2.10-h6, >= 11.2.12 (ETA: 05/28)
>= 11.1.4-h33, >= 11.1.6-h32, >= 11.1.7-h6 (ETA: 05/28), >= 11.1.10-h25, >= 11.1.13-h5, >= 11.1.15 (ETA: 05/28)
>= 10.2.7-h34 (ETA: 05/28), >= 10.2.10-h36, >= 10.2.13-h21 (ETA: 05/28), >= 10.2.16-h7 (ETA: 05/28), >= 10.2.18-h6
All
2026-05-132026-05-13
7.2CVE-2026-0263 PAN-OS: Remote Code Execution (RCE) in IKEv2 Processing
Cloud NGFW
PAN-OS 12.1
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 10.2
Prisma Access
None
< 12.1.4-h5, < 12.1.7
< 11.2.4-h17, < 11.2.7-h13, < 11.2.10-h6, < 11.2.12
< 11.1.4-h33, < 11.1.6-h32, < 11.1.7-h6, < 11.1.10-h25, < 11.1.13-h5, < 11.1.15
None
None
All
>= 12.1.4-h5, >= 12.1.7 (ETA: 05/28)
>= 11.2.4-h17 (ETA: 05/28), >= 11.2.7-h13, >= 11.2.10-h6, >= 11.2.12 (ETA: 05/28)
>= 11.1.4-h33, >= 11.1.6-h32, >= 11.1.7-h6 (ETA: 05/28), >= 11.1.10-h25, >= 11.1.13-h5, >= 11.1.15 (ETA: 05/28)
All
All
2026-05-132026-05-13
6.6CVE-2026-0262 PAN-OS: Denial of Service Vulnerabilities in Network Traffic Parsing
Cloud NGFW
PAN-OS 12.1
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 10.2
Prisma Access 11.2.0
Prisma Access 10.2.0
None on Azure/AWS unless you have been contacted by Palo Alto Networks
< 12.1.4-h5, < 12.1.7
< 11.2.4-h17, < 11.2.7-h13, < 11.2.10-h6, < 11.2.12
< 11.1.4-h33, < 11.1.6-h32, < 11.1.7-h6, < 11.1.10-h25, < 11.1.13-h5, < 11.1.15
< 10.2.7-h34, < 10.2.10-h36, < 10.2.13-h21, < 10.2.16-h7, < 10.2.18-h6
< 11.2.7-h13*
< 10.2.10-h36*
All on Azure/AWS unless you have been contacted by Palo Alto Networks
>= 12.1.4-h5, >= 12.1.7 (ETA: 05/28)
>= 11.2.4-h17 (ETA: 05/28), >= 11.2.7-h13, >= 11.2.10-h6, >= 11.2.12 (ETA: 05/28)
>= 11.1.4-h33, >= 11.1.6-h32, >= 11.1.7-h6 (ETA: 05/28), >= 11.1.10-h25, >= 11.1.13-h5, >= 11.1.15 (ETA: 05/28)
>= 10.2.7-h34 (ETA: 05/28), >= 10.2.10-h36, >= 10.2.13-h21 (ETA: 05/28), >= 10.2.16-h7 (ETA: 05/28), >= 10.2.18-h6
>= 11.2.7-h13*
>= 10.2.10-h36*
2026-05-132026-05-13
6.1CVE-2026-0261 PAN-OS: Authenticated Admin Command Injection Vulnerability
Cloud NGFW
PAN-OS 12.1
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 10.2
Prisma Access
None
< 12.1.4-h5, < 12.1.7
< 11.2.4-h17, < 11.2.7-h13, < 11.2.10-h6, < 11.2.12
< 11.1.4-h33, < 11.1.6-h32, < 11.1.7-h6, < 11.1.10-h25, < 11.1.13-h5, < 11.1.15
< 10.2.7-h34, < 10.2.10-h36, < 10.2.13-h21, < 10.2.16-h7, < 10.2.18-h6
None
All
>= 12.1.4-h5, >= 12.1.7 (ETA: 05/28)
>= 11.2.4-h17 (ETA: 05/28), >= 11.2.7-h13, >= 11.2.10-h6, >= 11.2.12 (ETA: 05/28)
>= 11.1.4-h33, >= 11.1.6-h32, >= 11.1.7-h6 (ETA: 05/28), >= 11.1.10-h25, >= 11.1.13-h5, >= 11.1.15 (ETA: 05/28)
>= 10.2.7-h34 (ETA: 05/28), >= 10.2.10-h36, >= 10.2.13-h21 (ETA: 05/28), >= 10.2.16-h7 (ETA: 05/28), >= 10.2.18-h6
All
2026-05-132026-05-13
5CVE-2026-0259 WildFire WF-500 and WF-500-B: Arbitrary File Read and Delete Vulnerability in WildFire Appliance (WF-500, WF-500-B)
WildFire WF-500 and WF-500-B 12.1.0
WildFire WF-500 and WF-500-B 11.2.0
WildFire WF-500 and WF-500-B 11.1.0
WildFire WF-500 and WF-500-B 10.2.0
< 12.1.4-h5, < 12.1.7
< 11.2.4-h17, < 11.2.7-h13, < 11.2.10-h6, < 11.2.12
< 11.1.4-h33, < 11.1.6-h32, < 11.1.7-h6, < 11.1.10-h25, < 11.1.13-h5, < 11.1.15
< 10.2.7-h34, < 10.2.10-h36, < 10.2.13-h21, < 10.2.16-h7, < 10.2.18-h6
>= 12.1.4-h5, >= 12.1.7 (ETA: 05/28)
>= 11.2.4-h17 (ETA: 05/28), >= 11.2.7-h13, >= 11.2.10-h6, >= 11.2.12 (ETA: 05/28)
>= 11.1.4-h33, >= 11.1.6-h32, >= 11.1.7-h6 (ETA: 05/28), >= 11.1.10-h25, >= 11.1.13-h5, >= 11.1.15 (ETA: 05/28)
>= 10.2.7-h34 (ETA: 05/28), >= 10.2.10-h36, >= 10.2.13-h21 (ETA: 05/28), >= 10.2.16-h7 (ETA: 05/28), >= 10.2.18-h6
2026-05-132026-05-13
4.8CVE-2026-0258 PAN-OS: Server-Side Request Forgery (SSRF) in IKEv2 Certificate URL Fetching
Cloud NGFW
PAN-OS 12.1
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 10.2
Prisma Access
None
< 12.1.4-h5, < 12.1.7
< 11.2.4-h17, < 11.2.7-h13, < 11.2.10-h6, < 11.2.12
< 11.1.4-h33, < 11.1.6-h32, < 11.1.7-h6, < 11.1.10-h25, < 11.1.13-h5, < 11.1.15
< 10.2.7-h34, < 10.2.10-h36, < 10.2.13-h21, < 10.2.16-h7, < 10.2.18-h6
None
All
>= 12.1.4-h5, >= 12.1.7 (ETA: 05/28)
>= 11.2.4-h17 (ETA: 05/28), >= 11.2.7-h13, >= 11.2.10-h6, >= 11.2.12 (ETA: 05/28)
>= 11.1.4-h33, >= 11.1.6-h32, >= 11.1.7-h6 (ETA: 05/28), >= 11.1.10-h25, >= 11.1.13-h5, >= 11.1.15 (ETA: 05/28)
>= 10.2.7-h34 (ETA: 05/28), >= 10.2.10-h36, >= 10.2.13-h21 (ETA: 05/28), >= 10.2.16-h7 (ETA: 05/28), >= 10.2.18-h6
All
2026-05-132026-05-13
4.7CVE-2026-0257 PAN-OS: GlobalProtect Authentication Bypass Vulnerabilities
Cloud NGFW
PAN-OS 12.1
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 10.2
Prisma Access 11.2.0
Prisma Access 10.2.0
None
< 12.1.4-h6, < 12.1.7
< 11.2.4-h17, < 11.2.7-h14, < 11.2.10-h7, < 11.2.12
< 11.1.4-h33, < 11.1.6-h32, < 11.1.7-h6, < 11.1.10-h25, < 11.1.13-h5, < 11.1.15
< 10.2.7-h34, < 10.2.10-h36, < 10.2.13-h21, < 10.2.16-h7, < 10.2.18-h6
< 11.2.7-h13*
< 10.2.10-h36*
All
>= 12.1.4-h6 (ETA: 05/18), >= 12.1.7 (ETA: 05/28)
>= 11.2.4-h17 (ETA: 05/28), >= 11.2.7-h14 (ETA: 05/14), >= 11.2.10-h7 (ETA: 05/14), >= 11.2.12 (ETA: 05/28)
>= 11.1.4-h33, >= 11.1.6-h32, >= 11.1.7-h6 (ETA: 05/28), >= 11.1.10-h25, >= 11.1.13-h5, >= 11.1.15 (ETA: 05/28)
>= 10.2.7-h34 (ETA: 05/28), >= 10.2.10-h36, >= 10.2.13-h21 (ETA: 05/28), >= 10.2.16-h7 (ETA: 05/28), >= 10.2.18-h6
>= 11.2.7-h13*
>= 10.2.10-h36*
2026-05-132026-05-13
4.4CVE-2026-0256 PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in the Web Interface
Cloud NGFW
PAN-OS 12.1
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 10.2
Prisma Access
None
< 12.1.4-h5, < 12.1.7
< 11.2.4-h17, < 11.2.7-h13, < 11.2.10-h6, < 11.2.12
< 11.1.4-h33, < 11.1.6-h32, < 11.1.7-h6, < 11.1.10-h25, < 11.1.13-h5, < 11.1.15
< 10.2.7-h34, < 10.2.10-h36, < 10.2.13-h21, < 10.2.16-h7, < 10.2.18-h6
None
All
>= 12.1.4-h5, >= 12.1.7 (ETA: 05/28)
>= 11.2.4-h17 (ETA: 05/28), >= 11.2.7-h13, >= 11.2.10-h6, >= 11.2.12 (ETA: 05/28)
>= 11.1.4-h33, >= 11.1.6-h32, >= 11.1.7-h6 (ETA: 05/28), >= 11.1.10-h25, >= 11.1.13-h5, >= 11.1.15 (ETA: 05/28)
>= 10.2.7-h34 (ETA: 05/28), >= 10.2.10-h36, >= 10.2.13-h21 (ETA: 05/28), >= 10.2.16-h7 (ETA: 05/28), >= 10.2.18-h6
All
2026-05-132026-05-13
5.9CVE-2026-0251 GlobalProtect App: Local Privilege Escalation Vulnerabilities
Global Protect App
GlobalProtect App 6.3
GlobalProtect App 6.2
GlobalProtect App 6.0
None on Android, None on ChromeOS, None on iOS, None on UWP
< 6.3.3-h9 (6.3.3-999) on Windows, < 6.3.3-h9 (6.3.3-999) on macOS, < 6.3.3-h2 (6.3.3-42) on Linux
< 6.2.8-h10 (6.2.8-948) on Windows, < 6.2.8-h10 (6.2.8-948) on macOS
< 6.0.13 on Windows, < 6.0.13 on macOS, < 6.0.11 on Linux
All on Android, All on ChromeOS, All on iOS, All on UWP
>= 6.3.3-h9 (6.3.3-999) on Windows, >= 6.3.3-h9 (6.3.3-999) on macOS, >= 6.3.3-h2 (6.3.3-42) on Linux
>= 6.2.8-h10 (6.2.8-948) on Windows, >= 6.2.8-h10 (6.2.8-948) on macOS
>= 6.0.13 on Windows, >= 6.0.13 on macOS, >= 6.0.11 on Linux (ETA: 06/04)
2026-05-132026-05-13
5.2CVE-2026-0250 GlobalProtect App: Buffer Overflow Vulnerability during connection to Portal or Gateway
GlobalProtect App
GlobalProtect App 6.3
GlobalProtect App 6.2
GlobalProtect App 6.1
GlobalProtect App 6.0
GlobalProtect UWP App 6.3
None on iOS
< 6.3.3-h9 (6.3.3-999) on Windows, < 6.3.3-h9 (6.3.3-999) on macOS, < 6.3.3-h2 (6.3.3-42) on Linux
< 6.2.8-h10 (6.2.8-948) on Windows, < 6.2.8-h10 (6.2.8-948) on macOS
< 6.1.13 on Android, < 6.1.13 on ChromeOS
< 6.0.11 on Linux, < 6.0.13 on Windows, < 6.0.13 on macOS, < 6.0.14 on Android, < 6.0.14 on ChromeOS
< 6.3.3-h10 on Windows
All on iOS
>= 6.3.3-h9 (6.3.3-999) on Windows, >= 6.3.3-h9 (6.3.3-999) on macOS, >= 6.3.3-h2 (6.3.3-42) on Linux
>= 6.2.8-h10 (6.2.8-948) on Windows, >= 6.2.8-h10 (6.2.8-948) on macOS
>= 6.1.13 on Android, >= 6.1.13 on ChromeOS
>= 6.0.11 on Linux (ETA: 06/04), >= 6.0.13 on Windows, >= 6.0.13 on macOS, >= 6.0.14 on Android (ETA: 05/20), >= 6.0.14 on ChromeOS (ETA: 05/20)
>= 6.3.3-h10 on Windows (ETA: 06/04)
2026-05-132026-05-13
4.9CVE-2026-0249 GlobalProtect App: Certificate Validation Bypass Vulnerabilities
GlobalProtect App
GlobalProtect App 6.3
GlobalProtect App 6.2
GlobalProtect App 6.1
GlobalProtect App 6.0
None on Windows, None on Linux, None on iOS, None on Windows UWP
< 6.3.3-h9 (6.3.3-999) on macOS
< 6.2.8-h10 (6.2.8-948) on macOS
< 6.1.13 on Android, < 6.1.13 on ChromeOS
< 6.0.14 on Android, < 6.0.14 on ChromeOS, < 6.0.13 on macOS
All on Windows, All on Linux, All on iOS, All on Windows UWP
>= 6.3.3-h9 (6.3.3-999) on macOS
>= 6.2.8-h10 (6.2.8-948) on macOS
>= 6.1.13 on Android, >= 6.1.13 on ChromeOS
>= 6.0.14 on Android (ETA: 05/20), >= 6.0.14 on ChromeOS (ETA: 05/20), >= 6.0.13 on macOS
2026-05-132026-05-13
6.2CVE-2026-0248 Prisma Access Agent: Improper Certificate Validation Vulnerability
Prisma Access Agent
Prisma Access Agent
None on iOS, None on Linux, None on macOS, None on Windows
< 26.2.1 on Android, < 26.2.1 on Chrome OS
All on iOS, All on Linux, All on macOS, All on Windows
>= 26.2.1 on Android, >= 26.2.1 on Chrome OS
2026-05-132026-05-13
5.9CVE-2026-0247 Prisma Access Agent Endpoint DLP: Authorization Bypass Vulnerabilities
Prisma Access Agent (Endpoint DLP)
< 26.2.1 on macOS, < 26.2.1 on Windows
>= 26.2.1 on macOS, >= 26.2.1 on Windows
2026-05-132026-05-13
5.9CVE-2026-0246 Prisma Access Agent: Local Privilege Escalation Vulnerability
Prisma Access Agent
Prisma Access Agent
None on Android, None on ChromeOS, None on iOS
< 26.2.1 on Linux, < 26.2.1 on macOS, < 26.2.1 on Windows
All on Android, All on ChromeOS, All on iOS
>= 26.2.1 on Linux (ETA: 06/04), >= 26.2.1 on macOS, >= 26.2.1 on Windows
2026-05-132026-05-13
4.3CVE-2026-0245 Prisma Access Agent: Information Disclosure Vulnerabilities
Prisma Access Agent
Prisma Access Agent
None on Linux, None on Android, None on ChromeOS, None on iOS
< 26.2.1 on macOS, < 26.2.1 on Windows
All on Linux, All on Android, All on ChromeOS, All on iOS
>= 26.2.1 on macOS, >= 26.2.1 on Windows
2026-05-132026-05-13
5.2CVE-2026-0244 Prisma SD-WAN: Improper Certificate Validation Vulnerability
Prisma SD-WAN ION 6.5
Prisma SD-WAN ION 6.4
Prisma SD-WAN ION 6.3
Prisma SD-WAN ION 6.1
Prisma SD-WAN ION 5.6
< 6.5.3-b15
< 6.4.3-b8
< 6.3.6-b10
None
None
>= 6.5.3-b15
>= 6.4.3-b8
>= 6.3.6-b10
All
All
2026-05-132026-05-13
4.9CVE-2026-0243 Prisma SD-WAN: Denial of Service (DoS) Vulnerability Through IPv6 Crafted Packet
Prisma SD-WAN ION 6.5
Prisma SD-WAN ION 6.4
Prisma SD-WAN ION 6.3
Prisma SD-WAN ION 6.1
Prisma SD-WAN ION 5.6
< 6.5.3-b15
< 6.4.3-b8
< 6.3.6-b10
None
None
>= 6.5.3-b15
>= 6.4.3-b8
>= 6.3.6-b10
All
All
2026-05-132026-05-13
6.1CVE-2026-0242 Trust Protection Foundation: SQL Injection Vulnerability
Trust Protection Foundation 25.3.0
Trust Protection Foundation 25.1.0
Trust Protection Foundation 24.3.0
Trust Protection Foundation 24.1.0
< 25.3.3
< 25.1.8
< 24.3.6
< 24.1.13
>= 25.3.3
>= 25.1.8
>= 24.3.6
>= 24.1.13
2026-05-132026-05-13
5.1CVE-2026-0241 Trust Protection Foundation: Multiple Authorization Bypass Vulnerabilities
Trust Protection Foundation 25.3.0
Trust Protection Foundation 25.1.0
Trust Protection Foundation 24.3.0
Trust Protection Foundation 24.1.0
< 25.3.3
< 25.1.8
< 24.3.6
< 24.1.13
>= 25.3.3
>= 25.1.8
>= 24.3.6
>= 24.1.13
2026-05-132026-05-13
4.5CVE-2026-0240 Trust Protection Foundation: Sensitive Information Disclosure Vulnerability
Trust Protection Foundation 25.3.0
Trust Protection Foundation 25.1.0
Trust Protection Foundation 24.3.0
Trust Protection Foundation 24.1.0
< 25.3.3
< 25.1.8
< 24.3.6
< 24.1.13
>= 25.3.3
>= 25.1.8
>= 24.3.6
>= 24.1.13
2026-05-132026-05-13
4.9CVE-2026-0239 Chronosphere Chronocollector Information Disclosure Vulnerability
Chronosphere Chronocollector
< v0.116.0
>= v0.116.0
2026-05-132026-05-13
1.1CVE-2026-0238 Broker VM: Improper Input Validation in Broker VM Certificate and Key Fields
Broker VM 30.0
< 30.0.24
>= 30.0.24
2026-05-132026-05-13
6.1PAN-SA-2026-0007 Chromium and Prisma Browser: Monthly Vulnerability Update (May 2026)
Prisma Browser
< 146.10.7.154
>= 148.6.3.96
2026-05-132026-05-13
9.3CVE-2026-0300 PAN-OS: Unauthenticated user initiated Buffer Overflow Vulnerability in User-ID™ Authentication Portal
Cloud NGFW
PAN-OS 12.1
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 10.2
Prisma Access
None
< 12.1.4-h5, < 12.1.7
< 11.2.4-h17, < 11.2.7-h13, < 11.2.10-h6, < 11.2.12
< 11.1.4-h33, < 11.1.6-h32, < 11.1.7-h6, < 11.1.10-h25, < 11.1.13-h5, < 11.1.15
< 10.2.7-h34, < 10.2.10-h36, < 10.2.13-h21, < 10.2.16-h7, < 10.2.18-h6
None
All
>= 12.1.4-h5, >= 12.1.7 (ETA: 05/28)
>= 11.2.4-h17 (ETA: 05/28), >= 11.2.7-h13, >= 11.2.10-h6, >= 11.2.12 (ETA: 05/28)
>= 11.1.4-h33, >= 11.1.6-h32, >= 11.1.7-h6 (ETA: 05/28), >= 11.1.10-h25, >= 11.1.13-h5, >= 11.1.15 (ETA: 05/28)
>= 10.2.7-h34 (ETA: 05/28), >= 10.2.10-h36, >= 10.2.13-h21 (ETA: 05/28), >= 10.2.16-h7 (ETA: 05/28), >= 10.2.18-h6
All
2026-05-052026-05-13
1 - 25 of 527 Download
Terms of usePrivacyProduct Security Assurance and Vulnerability Disclosure PolicyReport vulnerabilitiesManage subscriptions
© 2026 Palo Alto Networks, Inc. All rights reserved.