Security advisories
Report vulnerabilities
Bug Bounty
Get support
Subscribe
RSS feed
Login
Palo Alto Networks Security Advisories
Clear
Options
version
severity
CRITICAL
HIGH
MEDIUM
LOW
NONE
product
ActiveMQ Content Pack
1
AutoFocus
6
Autonomous Digital Experience Manager
1
Bridgecrew
7
Bridgecrew Checkov
2
Checkov by Prisma Cloud
2
Cloud NGFW
91
Compute in Prisma Cloud Enterprise Edition
1
Cortex Data Lake
7
Cortex XDR
9
Cortex XDR Agent
62
Cortex XDR Broker VM
7
Cortex XDR Microsoft 365 Defender Pack
1
Cortex XSIAM
1
Cortex XSOAR
26
Cortex XSOAR CommonScripts
1
Cortex XSOAR Kafka Integration
1
Cortex XSOAR PowerShell Image
1
Cortex Xpanse
7
Demisto
1
Enterprise Data Loss Prevention
7
Exact Data Matching CLI
7
Expanse
6
Expedition
11
Expedition Migration Tool
6
Global Protect UWP App
1
GlobalProtect App
91
GlobalProtect UWP App
8
IoT Security
7
MetaDefender Endpoint Security SDK
1
MineMeld
1
NetConnect
1
Okyo Garde
7
PAN-DB Private Cloud
1
PAN-OS
335
PAN-OS OpenConfig Plugin
1
Palo Alto Networks App for Splunk
6
Panorama
2
Prisma Access
105
Prisma Access Browser
15
Prisma Browser
1
Prisma Cloud
12
Prisma Cloud Compute
16
Prisma Cloud Compute Edition
1
Prisma SD-WAN
2
Prisma SD-WAN (CloudGenix)
9
Prisma SD-WAN ION
12
SaaS Security
7
Secdo
3
Terminal Server Agent
4
Traps
3
Traps ESM Console
2
Traps ESM Core
1
Twistlock Console
1
Update server
1
User-ID Agent
10
User-ID Credential Agent
1
VM-Series Plugin
1
WildFire Appliance (WF-500)
10
WildFire Cloud
9
Zingbox Inspector
11
Clear
Found 4
Newest
Updated
Severe
Earliest published
Earliest updated
Least Severe
Sort ID ↑
Sort ID ↓
CVSS
Summary
Versions
Affected
Unaffected
Published
Updated
1.1
CVE-2025-4614 PAN-OS: Session Token Disclosure Vulnerability
Cloud NGFW
PAN-OS 12.1
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 10.2
Prisma Access
None
None
< 11.2.8
< 11.1.10-h7
< 10.2.17
None
All
All
>= 11.2.8
>= 11.1.10-h7
>= 10.2.17
All
2025-10-08
2025-10-08
4.5
CVE-2025-4615 PAN-OS: Improper Neutralization of Input in the Management Web Interface
Cloud NGFW
PAN-OS 12.1
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 10.2
Prisma Access
None
None
< 11.2.8
< 11.1.10-h7
< 10.2.17
None
All
All
>= 11.2.8
>= 11.1.10-h7
>= 10.2.17
All
2025-10-08
2025-10-08
2.3
CVE-2025-4229 PAN-OS: Traffic Information Disclosure Vulnerability
Cloud NGFW
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 10.2
PAN-OS 10.1
Prisma Access
None
< 11.2.7
< 11.1.10
< 10.2.16-h1, < 10.2.17
< 10.1.14-h16
None
All
>= 11.2.7
>= 11.1.10
>= 10.2.16-h1, >= 10.2.17 [ETA: Aug 2025]
>= 10.1.14-h16
All
2025-06-11
2025-06-30
2
CVE-2025-0133 PAN-OS: Reflected Cross-Site Scripting (XSS) Vulnerability in GlobalProtect Gateway and Portal
Cloud NGFW
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 10.2
PAN-OS 10.1
Prisma Access
All
< 11.2.4-h9, < 11.2.7
< 11.1.6-h14, < 11.1.10-h1
< 10.2.16-h1
All
All
None (See Mitigations and Workarounds)
>= 11.2.4-h9, >= 11.2.7
>= 11.1.6-h14, >= 11.1.10-h1
>= 10.2.16-h1
None
None (See Mitigations and Workarounds)
2025-05-14
2025-07-09
Download
© 2025 Palo Alto Networks, Inc. All rights reserved.