Palo Alto Networks Security Advisories

Clear
version
severity
product
Clear
1 - 25 of 502
VersionsAffectedUnaffected
7.2CVE-2026-0234 Cortex XSOAR: Improper Verification of Cryptographic Signature in Microsoft Teams integration
Cortex XSIAM Microsoft Teams Marketplace 1.5.0
Cortex XSOAR Microsoft Teams Marketplace 1.5.0
< 1.5.52
< 1.5.52
>= 1.5.52
>= 1.5.52
2026-04-082026-04-08
6.1PAN-SA-2026-0004 Chromium: Monthly Vulnerability Update (April 2026)
Prisma Browser
< 145.16.12.110
>= 146.3.8.76
2026-04-082026-04-08
5.2CVE-2026-0233 Autonomous Digital Experience Manager: Improper validation of ADEM certificate
Autonomous Digital Experience Manager 5.10.0
< 5.10.14 on Windows
>= 5.10.14 on Windows
2026-04-082026-04-08
4CVE-2026-0232 Cortex XDR Agent: Local Administrator can disable the agent on Windows
Cortex XDR Agent 9.1
Cortex XDR Agent 9.0
Cortex XDR Agent 8.9
Cortex XDR Agent 8.7-CE
Cortex XDR Agent 8.3-CE
Cortex XDR Agent 7.9-CE
None on Windows
< 9.0.1 without CU-2120 on Windows
< 8.9.1 without CU-2120 on Windows
< 8.7.101-CE without CU-2120 on Windows
All without CU-2120 on Windows
All without CU-2120 on Windows
All on Windows
9.0 with CU-2120, >= 9.0.1 on Windows
8.9 with CU-2120, >= 8.9.1 on Windows
8.7-CE with CU-2120, >= 8.7.101-CE on Windows
All with CU-2120 on Windows
All with CU-2120 on Windows
2026-04-082026-04-08
iPAN-SA-2026-0005 Informational Bulletin: Precautionary Fixes for Non-Exploitable OSS CVEs in PAN-OS
PAN-OS
None
All
2026-04-082026-04-08
iPAN-SA-2026-0006 Informational Bulletin: Impact assessment of OSS CVEs in PAN-OS
PAN-OS
None
All
2026-04-082026-04-08
6.1PAN-SA-2026-0003 Chromium: Monthly Vulnerability Update (March 2026)
Prisma Browser
< 145.7.9.76
>= 145.7.9.76
2026-03-112026-03-11
4CVE-2026-0230 Cortex XDR Agent: Local Administrator can disable the agent on macOS
Cortex XDR Agent 9.1
Cortex XDR Agent 9.0
Cortex XDR Agent 8.9
Cortex XDR Agent 8.7-CE
Cortex XDR Agent 8.3-CE
None on macOS
None on macOS
None on macOS
< 8.7.101-CE on macOS
< 8.3.102-CE on macOS
All on macOS
All on macOS
All on macOS
>= 8.7.101-CE on macOS
>= 8.3.102-CE on macOS
2026-03-112026-03-11
5.7CVE-2026-0231 Cortex XDR Broker VM: Sensitive Information Disclosure Vulnerability
Cortex XDR Broker VM 30.0.0
< 30.0.49
>= 30.0.49
2026-03-112026-03-11
8.1PAN-SA-2026-0002 Chromium: Monthly Vulnerability Update (February 2026)
Prisma Browser
< 144.27.7.133
>= 144.27.7.133
2026-02-112026-02-11
6.6CVE-2026-0229 PAN-OS: Denial of Service in Advanced DNS Security Feature
Cloud NGFW
PAN-OS Firewall 12.1.0
PAN-OS Firewall 11.2.0
PAN-OS Firewall 11.1.0
PAN-OS Firewall 10.2.0
Panorama
Prisma Access
None
< 12.1.4
< 11.2.10
None
None
None
None
All
>= 12.1.4
>= 11.2.10
11.1.0
10.2.0
All
All
2026-02-112026-02-19
1.3CVE-2026-0228 PAN-OS: Improper Validation of Terminal Server Agent Certificate
Cloud NGFW
PAN-OS 12.1
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 10.2
Prisma Access
None
None
< 11.2.8
< 11.1.11
< 10.2.17
< 10.2.10-h28 on PAN-OS, < 11.2.7-h10 on PAN-OS
All
All
>= 11.2.8
>= 11.1.11
>= 10.2.17
>= 10.2.10-h28 on PAN-OS, >= 11.2.7-h10 on PAN-OS
2026-02-112026-02-11
7.7CVE-2026-0227 PAN-OS: Firewall Denial of Service (DoS) in GlobalProtect Gateway and Portal
Cloud NGFW
PAN-OS 12.1
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 10.2
PAN-OS 10.1
Prisma Access 11.2
Prisma Access 10.2
None
< 12.1.3-h3, < 12.1.4
< 11.2.4-h15, < 11.2.7-h8, < 11.2.10-h2
< 11.1.4-h27, < 11.1.6-h23, < 11.1.10-h9, < 11.1.13
< 10.2.7-h32, < 10.2.10-h31, < 10.2.13-h18, < 10.2.16-h6, < 10.2.18-h1
< 10.1.14-h20
< 11.2.7-h8*
< 10.2.4-h43*, < 10.2.10-h29*
All
>= 12.1.3-h3, >= 12.1.4
>= 11.2.4-h15, >= 11.2.7-h8, >= 11.2.10-h2
>= 11.1.4-h27, >= 11.1.6-h23, >= 11.1.10-h9, >= 11.1.13
>= 10.2.7-h32, >= 10.2.10-h31, >= 10.2.13-h18, >= 10.2.16-h6, >= 10.2.18-h1
>= 10.1.14-h20
>= 11.2.7-h8*
>= 10.2.4-h43*, >= 10.2.10-h29*
2026-01-142026-02-09
6.1PAN-SA-2026-0001 Chromium: Monthly Vulnerability Update (January 2026)
Prisma Browser
< 142.21.4.163
>= 143.37.2.193
2026-01-142026-01-14
6.6CVE-2025-4619 PAN-OS: Firewall Denial of Service (DoS) Using Specially Crafted Packets
Cloud NGFW
PAN-OS 12.1
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 10.2
PAN-OS 10.1
Prisma Access
None
None
< 11.2.2-h2, < 11.2.3-h6, < 11.2.4-h4, < 11.2.5
>= 11.1.2-h9, < 11.1.2-h18, >= 11.1.3-h2, >= 11.1.4-h4, < 11.1.4-h13, < 11.1.6-h1, < 11.1.7
>= 10.2.4-h25, >= 10.2.7-h11, < 10.2.7-h24, >= 10.2.8-h10, < 10.2.8-h21, >= 10.2.9-h6, < 10.2.9-h21, >= 10.2.10-h2, < 10.2.10-h14, < 10.2.11-h12, < 10.2.12-h6, < 10.2.13-h3, < 10.2.14
None
>= 10.2.4-h25 on PAN-OS, < 10.2.10-h14 on PAN-OS, < 11.2.4-h4 on PAN-OS
All
All
>= 11.2.2-h2, >= 11.2.3-h6, >= 11.2.4-h4, >= 11.2.5
< 11.1.2-h9, >= 11.1.2-h18, < 11.1.3-h2, < 11.1.4-h4, >= 11.1.4-h13, >= 11.1.6-h1, >= 11.1.7
< 10.2.4-h25, < 10.2.7-h11, >= 10.2.7-h24, < 10.2.8-h10, >= 10.2.8-h21, < 10.2.9-h6, >= 10.2.9-h21, < 10.2.10-h2, >= 10.2.10-h14, >= 10.2.11-h12, >= 10.2.12-h6, >= 10.2.13-h3, >= 10.2.14
All
< 10.2.4-h25 on PAN-OS, >= 10.2.10-h14 on PAN-OS, >= 11.2.4-h4 on PAN-OS
2025-11-122025-11-12
6.1PAN-SA-2025-0018 Chromium and Prisma Browser: Monthly Vulnerability Update (November 2025)
Prisma Browser
< 142.15.2.60
>= 142.15.6.60
2025-11-122025-11-12
iPAN-SA-2025-0017 Informational Bulletin: Impact of OSS CVEs in Prisma SD-WAN ION
Prisma SD-WAN ION
None
All
2025-11-022025-11-03
5.4CVE-2025-4615 PAN-OS: Improper Neutralization of Input in the Management Web Interface
Cloud NGFW
PAN-OS 12.1
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 10.2
Prisma Access
None
None
< 11.2.8
< 11.1.4-h27, < 11.1.6-h21, < 11.1.10-h7
< 10.2.17
None
All
All
>= 11.2.8
>= 11.1.4-h27, >= 11.1.6-h21, >= 11.1.10-h7
>= 10.2.17
All
2025-10-082026-04-01
1.1CVE-2025-4614 PAN-OS: Session Token Disclosure Vulnerability
Cloud NGFW
PAN-OS 12.1
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 10.2
Prisma Access
None
None
< 11.2.8
< 11.1.6-h21
< 10.2.17
None
All
All
>= 11.2.8
>= 11.1.6-h21
>= 10.2.17
All
2025-10-082025-10-08
6.1PAN-SA-2025-0016 Chromium: Monthly Vulnerability Update (October 2025)
Prisma Browser
< 139.18.2.139
>= 141.6.4.55
2025-10-082025-10-08
6.1PAN-SA-2025-0015 Chromium: Monthly Vulnerability Update (September 2025)
Prisma Browser
< 139.12.4.128
>= 139.12.4.128
2025-09-102025-09-10
0.5CVE-2025-4234 Cortex XDR Microsoft 365 Defender Pack: Cleartext Exposure of Credentials
Cortex XDR Microsoft 365 Defender Pack 4.6.0
< 4.6.5 on Windows
>= 4.6.5 on Windows
2025-09-102025-09-10
4.2CVE-2025-4235 User-ID Credential Agent: Cleartext Exposure of Service Account password
User-ID Credential Agent 11.0.0
>= 11.0.2-133 on Windows, < 11.0.3 on Windows
< 11.0.2-133 on Windows, >= 11.0.3 on Windows
2025-09-102025-09-10
4.5CVE-2025-2183 GlobalProtect App: Improper Certificate Validation Leads to Privilege Escalation
Global Protect UWP App
GlobalProtect App
GlobalProtect App 6.3
GlobalProtect App 6.2
GlobalProtect App 6.1
GlobalProtect App 6.0
None
None on Android, None on iOS, None on macOS
< 6.3.3-h2 (6.3.3-c676) on Windows, < 6.3.3 on Linux
< 6.2.8-h3 (6.2.8-c263) on Windows, All on Linux
All on Windows, All on Linux
< 6.0.12 on Windows, All on Linux
All
All on Android, All on iOS, All on macOS
>= 6.3.3-h2 (6.3.3-c676) on Windows*, >= 6.3.3 on Linux
>= 6.2.8-h3 (6.2.8-c263) on Windows*, None on Linux
None on Windows, None on Linux
>= 6.0.12 on Windows*, None on Linux
2025-08-132025-08-13
6.1PAN-SA-2025-0014 Chromium: Monthly Vulnerability Update (August 2025)
Prisma Browser
< 138.53.6.158
>= 138.69.4.184
2025-08-132025-08-13
1 - 25 of 502 Download
Terms of usePrivacyProduct Security Assurance and Vulnerability Disclosure PolicyReport vulnerabilitiesManage subscriptions
© 2026 Palo Alto Networks, Inc. All rights reserved.