CVE-2026-0242

Vulnerability

Overview

CVE-2026-0242 is a SQL injection vulnerability in Trust Protection Foundation, an endpoint security platform from Palo Alto Networks. The flaw, identified as CWE-89, allows an authenticated attacker to inject arbitrary SQL commands into the product database. The vulnerability was discovered internally and reported publicly on May 13, 2026 [1].

Exploitation

Conditions

An attacker must be authenticated to the Trust Protection Foundation platform and have adjacent network access (CVSS attack vector: ADJACENT). No user interaction is required, and the attack complexity is low. The vulnerability is automatable, meaning an attacker can exploit it repeatedly without manual intervention [1].

Impact

Successful exploitation enables the attacker to read sensitive data, modify database contents, and potentially escalate privileges to full administrative control of the platform. The CVSSv4 base score is 8.6 (high) for impact on the vulnerable system, with subsequent impacts limited to low confidentiality and integrity [1].

Mitigation

Palo Alto Networks has released fixed versions: Trust Protection Foundation 25.3.3, 25.1.8, 24.3.6, and 24.1.13. Users should upgrade to these or later versions. No workarounds are available, and no malicious exploitation has been reported as of the advisory date [1].