| CVE ID | Description | CVSS | Priority | Trend | Exploit | Patch |
|---|---|---|---|---|---|---|
| CVE ID | Description | CVSS | Priority | Trend | Exploit | Patch |
|---|---|---|---|---|---|---|
Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.
Known vulnerabilities affecting Paloalto products and systems
| CVE ID | Description | CVSS | Priority | Trend | Exploit | Patch |
|---|---|---|---|---|---|---|
| CVE-2026-0300 | A buffer overflow vulnerability in the User-ID™ Authentication Portal (aka Captive Portal) service of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to execute arbitrary code wi... | 9.8 | 999 | Rising | Yes |
| Yes |
| CVE-2026-0227 | A vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to cause a denial of service (DoS) to the firewall. Repeated attempts to trigger this issue results in the fir... | 7.5 | 386 | Neutral | No | Yes |
| CVE-2025-4615 | An improper input neutralization vulnerability in the management web interface of the Palo Alto Networks PAN-OS® software enables an authenticated administrator to bypass system restrictions and execu... | 7.2 | 415 | Neutral | Yes | Yes |
| CVE-2025-4614 | An information disclosure vulnerability in Palo Alto Networks PAN-OS® software enables an authenticated administrator to view session tokens of users authenticated to the firewall web UI. This may all... | 2.7 | 84 | Neutral | No | Yes |
| CVE-2025-4232 | An improper neutralization of wildcards vulnerability in the log collection feature of Palo Alto Networks GlobalProtect™ app on macOS allows a non administrative user to escalate their privileges to r... | 8.8 | 545 | Neutral | No | Yes |
| CVE-2025-4231 | A command injection vulnerability in Palo Alto Networks PAN-OS® enables an authenticated administrative user to perform actions as the root user. The attacker must have network access to the manageme... | 7.2 | 477 | Neutral | No | Yes |
| CVE-2025-4227 | An improper access control vulnerability in the Endpoint Traffic Policy Enforcement https://docs.paloaltonetworks.com/globalprotect/6-0/globalprotect-app-new-features/new-features-released-in-gp-app/... | 3.5 | 102 | Neutral | No | Yes |
| CVE-2025-0135 | An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect™ App on macOS devices enables a locally authenticated non administrative user to disable the app. The GlobalPro... | 3.3 | 95 | Neutral | No | Yes |
| CVE-2025-0130 | A missing exception check in Palo Alto Networks PAN-OS® software with the web proxy feature enabled allows an unauthenticated attacker to send a burst of maliciously crafted packets that causes the fi... | 7.5 | 386 | Neutral | No | Yes |
| CVE-2025-0124 | An authenticated file deletion vulnerability in the Palo Alto Networks PAN-OS® software enables an authenticated attacker with network access to the management web interface to delete certain files as... | 3.8 | 208 | Neutral | No | Yes |
| CVE-2025-0120 | A vulnerability with a privilege management mechanism in the Palo Alto Networks GlobalProtect™ app on Windows devices allows a locally authenticated non-administrative Windows user to escalate their p... | 7.0 | 287 | Neutral | No | Yes |
| CVE-2025-0118 | A vulnerability in the Palo Alto Networks GlobalProtect app on Windows allows a remote attacker to run ActiveX controls within the context of an authenticated Windows user. This enables the attacker t... | 8.0 | 455 | Neutral | No | Yes |
| CVE-2025-0114 | A Denial of Service (DoS) vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software enables an unauthenticated attacker to render the service unavailable by sending a large numb... | 7.5 | 386 | Neutral | No | Yes |
| CVE-2025-0111 | An authenticated file read vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated attacker with network access to the management web interface to read files on the PAN-OS fil... | 6.5 | 433 | Neutral | Yes | Yes |
| CVE-2025-0108 | An authentication bypass in the Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to bypass the authentication otherwise requir... | 9.1 | 798 | Rising | Yes | Yes |
| CVE-2025-0107 | An OS command injection vulnerability in Palo Alto Networks Expedition enables an authenticated attacker to run arbitrary OS commands as the www-data user in Expedition, which results in the disclosur... | 9.8 | 853 | Neutral | Yes | Yes |
| CVE-2025-0106 | A wildcard expansion vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to enumerate files on the host filesystem. | 5.3 | 124 | Neutral | No | Yes |
| CVE-2025-0105 | An arbitrary file deletion vulnerability in Palo Alto Networks Expedition enables an unauthenticated attacker to delete arbitrary files accessible to the www-data user on the host filesystem. | 9.1 | 690 | Neutral | No | Yes |
| CVE-2025-0104 | A reflected cross-site scripting (XSS) vulnerability in Palo Alto Networks Expedition enables attackers to execute malicious JavaScript code in the context of an authenticated Expedition user’s browse... | 6.1 | 272 | Neutral | No | Yes |
| CVE-2025-0103 | An SQL injection vulnerability in Palo Alto Networks Expedition enables an authenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, and... | 8.8 | 673 | Neutral | No | Yes |