Palo Alto Products Multiple Vulnerabilities

Release Date: 14 May 2026

RISK: Medium Risk

TYPE: Security software and application - Security Software & Appliance

Multiple vulnerabilities were identified in Palo Alto Products. A remote attacker could exploit some of these vulnerabilities to trigger elevation of privilege, denial of service condition, remote code execution, cross-site scripting and security restriction bypass on the targeted system.

 

---

Impact

• Remote Code Execution
• Denial of Service
• Security Restriction Bypass
• Cross-Site Scripting
• Elevation of Privilege

---

System / Technologies affected

• GlobalProtect App 6.0 versions earlier than 6.0.11 on Linux
• GlobalProtect App 6.0 versions earlier than 6.0.13 on macOS and Windows
• GlobalProtect App 6.0 versions earlier than 6.0.14 on Android and ChromeOS
• GlobalProtect App 6.1 versions earlier than 6.1.13 on Android and ChromeOS
• GlobalProtect App 6.2 versions earlier than 6.2.8-h10 (6.2.8-948) on macOS and Windows
• GlobalProtect App 6.3 versions earlier than 6.3.3-h2 (6.3.3-42) on Linux
• GlobalProtect App 6.3 versions earlier than 6.3.3-h9 (6.3.3-999) on macOS and Windows
• PAN-OS 10.2 versions earlier than 10.2.7-h34
• PAN-OS 10.2 versions earlier than 10.2.10-h36
• PAN-OS 10.2 versions earlier than 10.2.13-h21
• PAN-OS 10.2 versions earlier than 10.2.16-h7
• PAN-OS 10.2 versions earlier than 10.2.18-h6
• PAN-OS 11.1 versions earlier than 11.1.4-h33
• PAN-OS 11.1 versions earlier than 11.1.6-h32
• PAN-OS 11.1 versions earlier than 11.1.7-h6
• PAN-OS 11.1 versions earlier than 11.1.10-h25
• PAN-OS 11.1 versions earlier than 11.1.13-h5
• PAN-OS 11.1 versions earlier than 11.1.15
• PAN-OS 11.2 versions earlier than 11.2.4-h17
• PAN-OS 11.2 versions earlier than 11.2.7-h14
• PAN-OS 11.2 versions earlier than 11.2.10-h7
• PAN-OS 11.2 versions earlier than 11.2.12
• PAN-OS 12.1 versions earlier than 12.1.4-h6
• PAN-OS 12.1 versions earlier than 12.1.7
• Prisma Access 10.2.0 versions earlier than 10.2.10-h36
• Prisma Access 11.2.0 versions earlier than 11.2.7-h13

---

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

Apply fixes issued by the vendor:

• https://security.paloaltonetworks.com/
• https://security.paloaltonetworks.com/CVE-2026-0249
• https://security.paloaltonetworks.com/CVE-2026-0250
• https://security.paloaltonetworks.com/CVE-2026-0251
• https://security.paloaltonetworks.com/CVE-2026-0256
• https://security.paloaltonetworks.com/CVE-2026-0257
• https://security.paloaltonetworks.com/CVE-2026-0258
• https://security.paloaltonetworks.com/CVE-2026-0261
• https://security.paloaltonetworks.com/CVE-2026-0262
• https://security.paloaltonetworks.com/CVE-2026-0263
• https://security.paloaltonetworks.com/CVE-2026-0264
• https://security.paloaltonetworks.com/CVE-2026-0265

---

Vulnerability Identifier

• CVE-2026-0249
• CVE-2026-0250
• CVE-2026-0251
• CVE-2026-0256
• CVE-2026-0257
• CVE-2026-0258
• CVE-2026-0261
• CVE-2026-0262
• CVE-2026-0263
• CVE-2026-0264
• CVE-2026-0265

---

Source

• Palo Alto

---

Related Link

• https://security.paloaltonetworks.com/
• https://security.paloaltonetworks.com/CVE-2026-0249
• https://security.paloaltonetworks.com/CVE-2026-0250
• https://security.paloaltonetworks.com/CVE-2026-0251
• https://security.paloaltonetworks.com/CVE-2026-0256
• https://security.paloaltonetworks.com/CVE-2026-0257
• https://security.paloaltonetworks.com/CVE-2026-0258
• https://security.paloaltonetworks.com/CVE-2026-0261
• https://security.paloaltonetworks.com/CVE-2026-0262
• https://security.paloaltonetworks.com/CVE-2026-0263
• https://security.paloaltonetworks.com/CVE-2026-0264
• https://security.paloaltonetworks.com/CVE-2026-0265