{"document":{"category":"csaf_vex","csaf_version":"2.1","notes":[{"category":"summary","text":"Palo Alto Networks PSIRT provided VEX document. This document is autogenerated.","title":"WildFire WF-500 and WF-500-B: Arbitrary File Read and Delete Vulnerability in WildFire Appliance (WF-500, WF-500-B)"}],"publisher":{"category":"vendor","name":"Palo Alto Networks","namespace":"https://security.paloaltonetworks.com"},"title":"Palo Alto Networks PSIRT provided VEX document: CVE-2026-0259","distribution":{"text":"Copyright © 2024 Palo Alto Networks. All rights reserved.","tlp":{"label":"CLEAR","url":"https://www.first.org/tlp/"}},"tracking":{"current_release_date":"2026-05-13T21:55:48.152Z","generator":{"date":"2026-05-13T21:55:48.152Z","engine":{"name":"Vulnogram","version":"0.1.0-dev"}},"id":"CVE-2026-0259","initial_release_date":"2026-05-13T16:00:00.000Z","revision_history":[{"number":"1","date":"2026-05-13T09:00:00.000Z","summary":"Initial publication."}],"status":"final","version":"1"}},"product_tree":{"branches":[{"name":"Palo Alto Networks","category":"vendor","branches":[{"name":"WildFire WF-500 and WF-500-B","category":"product_name","branches":[{"category":"product_version_range","name":"vers:generic/WildFire WF-500 and WF-500-B<12.1.7","product":{"name":"Palo Alto Networks WildFire WF-500 and WF-500-B","product_id":"PANW-WildFire-WF-500-and-WF-500-B-1"}},{"category":"product_version_range","name":"vers:generic/WildFire WF-500 and WF-500-B>=12.1.7","product":{"name":"Palo Alto Networks WildFire WF-500 and WF-500-B","product_id":"PANW-WildFire-WF-500-and-WF-500-B-1"}},{"category":"product_version_range","name":"vers:generic/WildFire WF-500 and WF-500-B>=12.1.4-h5","product":{"name":"Palo Alto Networks WildFire WF-500 and WF-500-B","product_id":"PANW-WildFire-WF-500-and-WF-500-B-2"}},{"category":"product_version_range","name":"vers:generic/WildFire WF-500 and WF-500-B<11.2.12","product":{"name":"Palo Alto Networks WildFire WF-500 and WF-500-B","product_id":"PANW-WildFire-WF-500-and-WF-500-B-3"}},{"category":"product_version_range","name":"vers:generic/WildFire WF-500 and WF-500-B>=11.2.12","product":{"name":"Palo Alto Networks WildFire WF-500 and WF-500-B","product_id":"PANW-WildFire-WF-500-and-WF-500-B-3"}},{"category":"product_version_range","name":"vers:generic/WildFire WF-500 and WF-500-B>=11.2.10-h6","product":{"name":"Palo Alto Networks WildFire WF-500 and WF-500-B","product_id":"PANW-WildFire-WF-500-and-WF-500-B-4"}},{"category":"product_version_range","name":"vers:generic/WildFire WF-500 and WF-500-B>=11.2.7-h13","product":{"name":"Palo Alto Networks WildFire WF-500 and WF-500-B","product_id":"PANW-WildFire-WF-500-and-WF-500-B-5"}},{"category":"product_version_range","name":"vers:generic/WildFire WF-500 and WF-500-B>=11.2.4-h17","product":{"name":"Palo Alto Networks WildFire WF-500 and WF-500-B","product_id":"PANW-WildFire-WF-500-and-WF-500-B-6"}},{"category":"product_version_range","name":"vers:generic/WildFire WF-500 and WF-500-B<11.1.15","product":{"name":"Palo Alto Networks WildFire WF-500 and WF-500-B","product_id":"PANW-WildFire-WF-500-and-WF-500-B-7"}},{"category":"product_version_range","name":"vers:generic/WildFire WF-500 and WF-500-B>=11.1.15","product":{"name":"Palo Alto Networks WildFire WF-500 and WF-500-B","product_id":"PANW-WildFire-WF-500-and-WF-500-B-7"}},{"category":"product_version_range","name":"vers:generic/WildFire WF-500 and WF-500-B>=11.1.13-h5","product":{"name":"Palo Alto Networks WildFire WF-500 and WF-500-B","product_id":"PANW-WildFire-WF-500-and-WF-500-B-8"}},{"category":"product_version_range","name":"vers:generic/WildFire WF-500 and WF-500-B>=11.1.10-h25","product":{"name":"Palo Alto Networks WildFire WF-500 and WF-500-B","product_id":"PANW-WildFire-WF-500-and-WF-500-B-9"}},{"category":"product_version_range","name":"vers:generic/WildFire WF-500 and WF-500-B>=11.1.7-h6","product":{"name":"Palo Alto Networks WildFire WF-500 and WF-500-B","product_id":"PANW-WildFire-WF-500-and-WF-500-B-10"}},{"category":"product_version_range","name":"vers:generic/WildFire WF-500 and WF-500-B>=11.1.6-h32","product":{"name":"Palo Alto Networks WildFire WF-500 and WF-500-B","product_id":"PANW-WildFire-WF-500-and-WF-500-B-11"}},{"category":"product_version_range","name":"vers:generic/WildFire WF-500 and WF-500-B>=11.1.4-h33","product":{"name":"Palo Alto Networks WildFire WF-500 and WF-500-B","product_id":"PANW-WildFire-WF-500-and-WF-500-B-12"}},{"category":"product_version_range","name":"vers:generic/WildFire WF-500 and WF-500-B<10.2.7-h34","product":{"name":"Palo Alto Networks WildFire WF-500 and WF-500-B","product_id":"PANW-WildFire-WF-500-and-WF-500-B-13"}},{"category":"product_version_range","name":"vers:generic/WildFire WF-500 and WF-500-B>=10.2.18-h6","product":{"name":"Palo Alto Networks WildFire WF-500 and WF-500-B","product_id":"PANW-WildFire-WF-500-and-WF-500-B-14"}},{"category":"product_version_range","name":"vers:generic/WildFire WF-500 and WF-500-B>=10.2.16-h7","product":{"name":"Palo Alto Networks WildFire WF-500 and WF-500-B","product_id":"PANW-WildFire-WF-500-and-WF-500-B-15"}},{"category":"product_version_range","name":"vers:generic/WildFire WF-500 and WF-500-B>=10.2.13-h21","product":{"name":"Palo Alto Networks WildFire WF-500 and WF-500-B","product_id":"PANW-WildFire-WF-500-and-WF-500-B-16"}},{"category":"product_version_range","name":"vers:generic/WildFire WF-500 and WF-500-B>=10.2.10-h36","product":{"name":"Palo Alto Networks WildFire WF-500 and WF-500-B","product_id":"PANW-WildFire-WF-500-and-WF-500-B-17"}},{"category":"product_version_range","name":"vers:generic/WildFire WF-500 and WF-500-B>=10.2.7-h34","product":{"name":"Palo Alto Networks WildFire WF-500 and WF-500-B","product_id":"PANW-WildFire-WF-500-and-WF-500-B-13"}}]}]}]},"vulnerabilities":[{"cve":"CVE-2026-0259","product_status":{"fixed":["PANW-WildFire-WF-500-and-WF-500-B-1","PANW-WildFire-WF-500-and-WF-500-B-2","PANW-WildFire-WF-500-and-WF-500-B-3","PANW-WildFire-WF-500-and-WF-500-B-4","PANW-WildFire-WF-500-and-WF-500-B-5","PANW-WildFire-WF-500-and-WF-500-B-6","PANW-WildFire-WF-500-and-WF-500-B-7","PANW-WildFire-WF-500-and-WF-500-B-8","PANW-WildFire-WF-500-and-WF-500-B-9","PANW-WildFire-WF-500-and-WF-500-B-10","PANW-WildFire-WF-500-and-WF-500-B-11","PANW-WildFire-WF-500-and-WF-500-B-12","PANW-WildFire-WF-500-and-WF-500-B-14","PANW-WildFire-WF-500-and-WF-500-B-15","PANW-WildFire-WF-500-and-WF-500-B-16","PANW-WildFire-WF-500-and-WF-500-B-17","PANW-WildFire-WF-500-and-WF-500-B-13"],"known_affected":["PANW-WildFire-WF-500-and-WF-500-B-1","PANW-WildFire-WF-500-and-WF-500-B-3","PANW-WildFire-WF-500-and-WF-500-B-7","PANW-WildFire-WF-500-and-WF-500-B-13"]},"notes":[{"category":"description","text":"An arbitrary File Read and Delete Vulnerability in Palo Alto Networks WildFire® WF-500 and WF-500-B appliances enables users to read sensitive information and delete arbitrary files. This vulnerability affects WF-500 and WF-500-B appliances running in the default non-FIPS configuration mode.\n\nThe WildFire Appliance (WF-500, WF-500-B) software update is now available to customers that use the WildFire Appliance (WF-500, WF-500-B) for on-premise sandboxing.\n\nPlease note that customers using the WildFire Public cloud service are NOT impacted by this vulnerability.\n"}],"references":[{"category":"external","summary":"NVD - CVE-2026-0259","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-0259"},{"category":"self","summary":"Palo Alto Networks Security Advisory CVE-2026-0259","url":"https://security.paloaltonetworks.com/CVE-2026-0259"}],"threats":[{"category":"impact","description":"An arbitrary File Read and Delete Vulnerability in Palo Alto Networks WildFire® WF-500 and WF-500-B appliances enables users to read sensitive information and delete arbitrary files. This vulnerability affects WF-500 and WF-500-B appliances running in the default non-FIPS configuration mode.\n\nThe WildFire Appliance (WF-500, WF-500-B) software update is now available to customers that use the WildFire Appliance (WF-500, WF-500-B) for on-premise sandboxing.\n\nPlease note that customers using the WildFire Public cloud service are NOT impacted by this vulnerability.\n"}],"scores":[{"cvss_v4":{"version":"4.0","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","subConfidentialityImpact":"NONE","vulnIntegrityImpact":"LOW","subIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subAvailabilityImpact":"NONE","Safety":"NOT_DEFINED","Automatable":"YES","Recovery":"USER","valueDensity":"CONCENTRATED","vulnerabilityResponseEffort":"MODERATE","providerUrgency":"AMBER","exploitMaturity":"UNREPORTED","baseSeverity":"HIGH","baseScore":7.1,"threatSeverity":"MEDIUM","threatScore":5,"vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/AU:Y/R:U/V:C/RE:M/U:Amber"},"products":["PANW-WildFire-WF-500-and-WF-500-B-1","PANW-WildFire-WF-500-and-WF-500-B-3","PANW-WildFire-WF-500-and-WF-500-B-7","PANW-WildFire-WF-500-and-WF-500-B-13"]}]}]}