Palo Alto Networks
Products
9- 3 CVEs
- 2 CVEs
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
Recent CVEs
12| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-0236 | Hig | 0.47 | — | 0.00 | May 13, 2026 | A code injection vulnerability in Palo Alto Networks Prisma® Browser on macOS fails to properly restrict access to its AppleScript interface allowing a locally authenticated non-admin user to leverage this exposed Apple Event handler to send unauthorized commands to the browser. | |
| CVE-2026-0237 | Hig | 0.47 | — | 0.00 | May 13, 2026 | An improper protection of alternate path vulnerability in Palo Alto Networks Prisma® Browser on macOS fails to properly restrict access to an internal automation bridge. This allows a locally authenticated non-admin user to leverage an exposed communication channel to send unauthorized commands to the browser, bypassing security controls. | |
| CVE-2026-0246 | Med | 0.38 | — | 0.00 | May 13, 2026 | A vulnerability with a privilege management mechanism in the Palo Alto Networks Prisma Access Agent® enables a locally authenticated non-administrative user to escalate their privileges to root on macOS and Linux or NT AUTHORITY\SYSTEM on Windows. This allows the user to execute arbitrary code and read sensitive information otherwise accessible only to privileged accounts. The Prisma Access Agent on iOS, Android and Chrome OS are not affected. | |
| CVE-2026-0235 | Med | 0.38 | — | 0.00 | May 13, 2026 | A race condition vulnerability in Palo Alto Networks Prisma® Browser enables a locally authenticated non-admin user to bypass certain access and data control policies. | |
| CVE-2026-0244 | Med | 0.34 | — | 0.00 | May 13, 2026 | An improper certificate validation vulnerability in the Palo Alto Networks Prisma SD-WAN ION enables man-in-the-middle (MitM) attacker to impersonate the controller. | |
| CVE-2026-0259 | Med | 0.33 | — | 0.00 | May 13, 2026 | An arbitrary File Read and Delete Vulnerability in Palo Alto Networks WildFire® WF-500 and WF-500-B appliances enables users to read sensitive information and delete arbitrary files. This vulnerability affects WF-500 and WF-500-B appliances running in the default non-FIPS configuration mode. The WildFire Appliance (WF-500, WF-500-B) software update is now available to customers that use the WildFire Appliance (WF-500, WF-500-B) for on-premise sandboxing. Please note that customers using the WildFire Public cloud service are NOT impacted by this vulnerability. | |
| CVE-2026-0243 | Med | 0.32 | — | 0.00 | May 13, 2026 | A denial of service (DoS) vulnerability in Palo Alto Networks Prisma SD-WAN ION devices enables an unauthenticated attacker in a network adjacent to a Prisma SD-WAN ION device to cause a system disruption by sending a specially crafted IPv6 packet. | |
| CVE-2026-0232 | Med | 0.26 | — | 0.00 | Apr 13, 2026 | A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows allows a local Windows administrator to disable the agent. This issue may be leveraged by malware to perform malicious activity without detection. | |
| CVE-2026-0233 | Low | 0.13 | — | 0.00 | Apr 13, 2026 | A certificate validation vulnerability in Palo Alto Networks Autonomous Digital Experience Manager on Windows allows an unauthenticated attacker with adjacent network access to execute arbitrary code with NT AUTHORITY\SYSTEM privileges. | |
| CVE-2026-0238 | Low | 0.07 | — | 0.00 | May 13, 2026 | A vulnerability in Palo Alto Networks Broker VM allows an authenticated administrator to inject arbitrary content into certain Broker VM fields. | |
| CVE-2010-0475 | 0.03 | — | 0.00 | May 14, 2010 | Cross-site scripting (XSS) vulnerability in esp/editUser.esp in the Palo Alto Networks firewall 3.0.x before 3.0.9 and 3.1.x before 3.1.1 allows remote attackers to inject arbitrary web script or HTML via the role parameter. | ||
| CVE-2026-2914 | 0.00 | — | 0.00 | Feb 25, 2026 | CyberArk Endpoint Privilege Manager Agent versions 25.10.0 and lower allow potential unauthorized privilege elevation leveraging CyberArk elevation dialogs |
- risk 0.47cvss —epss 0.00
A code injection vulnerability in Palo Alto Networks Prisma® Browser on macOS fails to properly restrict access to its AppleScript interface allowing a locally authenticated non-admin user to leverage this exposed Apple Event handler to send unauthorized commands to the browser.
- risk 0.47cvss —epss 0.00
An improper protection of alternate path vulnerability in Palo Alto Networks Prisma® Browser on macOS fails to properly restrict access to an internal automation bridge. This allows a locally authenticated non-admin user to leverage an exposed communication channel to send unauthorized commands to the browser, bypassing security controls.
- risk 0.38cvss —epss 0.00
A vulnerability with a privilege management mechanism in the Palo Alto Networks Prisma Access Agent® enables a locally authenticated non-administrative user to escalate their privileges to root on macOS and Linux or NT AUTHORITY\SYSTEM on Windows. This allows the user to execute arbitrary code and read sensitive information otherwise accessible only to privileged accounts. The Prisma Access Agent on iOS, Android and Chrome OS are not affected.
- risk 0.38cvss —epss 0.00
A race condition vulnerability in Palo Alto Networks Prisma® Browser enables a locally authenticated non-admin user to bypass certain access and data control policies.
- risk 0.34cvss —epss 0.00
An improper certificate validation vulnerability in the Palo Alto Networks Prisma SD-WAN ION enables man-in-the-middle (MitM) attacker to impersonate the controller.
- risk 0.33cvss —epss 0.00
An arbitrary File Read and Delete Vulnerability in Palo Alto Networks WildFire® WF-500 and WF-500-B appliances enables users to read sensitive information and delete arbitrary files. This vulnerability affects WF-500 and WF-500-B appliances running in the default non-FIPS configuration mode. The WildFire Appliance (WF-500, WF-500-B) software update is now available to customers that use the WildFire Appliance (WF-500, WF-500-B) for on-premise sandboxing. Please note that customers using the WildFire Public cloud service are NOT impacted by this vulnerability.
- risk 0.32cvss —epss 0.00
A denial of service (DoS) vulnerability in Palo Alto Networks Prisma SD-WAN ION devices enables an unauthenticated attacker in a network adjacent to a Prisma SD-WAN ION device to cause a system disruption by sending a specially crafted IPv6 packet.
- risk 0.26cvss —epss 0.00
A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows allows a local Windows administrator to disable the agent. This issue may be leveraged by malware to perform malicious activity without detection.
- risk 0.13cvss —epss 0.00
A certificate validation vulnerability in Palo Alto Networks Autonomous Digital Experience Manager on Windows allows an unauthenticated attacker with adjacent network access to execute arbitrary code with NT AUTHORITY\SYSTEM privileges.
- risk 0.07cvss —epss 0.00
A vulnerability in Palo Alto Networks Broker VM allows an authenticated administrator to inject arbitrary content into certain Broker VM fields.
- CVE-2010-0475May 14, 2010risk 0.03cvss —epss 0.00
Cross-site scripting (XSS) vulnerability in esp/editUser.esp in the Palo Alto Networks firewall 3.0.x before 3.0.9 and 3.1.x before 3.1.1 allows remote attackers to inject arbitrary web script or HTML via the role parameter.
- CVE-2026-2914Feb 25, 2026risk 0.00cvss —epss 0.00
CyberArk Endpoint Privilege Manager Agent versions 25.10.0 and lower allow potential unauthorized privilege elevation leveraging CyberArk elevation dialogs