Skip to content

Commit 6aae846

Browse files
Advisory Database Sync
1 parent 7fd47c3 commit 6aae846

680 files changed

Lines changed: 22740 additions & 122 deletions

File tree

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

advisories/unreviewed/2026/05/GHSA-3jxr-6794-xw26/GHSA-3jxr-6794-xw26.json

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,13 +1,17 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-3jxr-6794-xw26",
4-
"modified": "2026-06-09T12:32:01Z",
4+
"modified": "2026-07-14T18:31:46Z",
55
"published": "2026-05-13T21:32:05Z",
66
"aliases": [
77
"CVE-2026-0261"
88
],
99
"details": "Multiple command injection vulnerabilities in Palo Alto Networks PAN-OS® software enable an authenticated administrator to bypass system restrictions and run arbitrary commands as a root user. To be able to exploit this issue, the user must have access to the PAN-OS CLI or Web UI.\n\n\n\nThe security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of administrators and by restricting access to the management web interface to only trusted internal IP addresses according to our recommended best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 .\n\n\n\nThis issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series).\n\n\n\nCloud NGFW and Prisma Access® are not impacted by these vulnerabilities.",
1010
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"
14+
},
1115
{
1216
"type": "CVSS_V4",
1317
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:C/RE:M/U:Amber"

advisories/unreviewed/2026/05/GHSA-3mc4-hxgv-pc7g/GHSA-3mc4-hxgv-pc7g.json

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,13 +1,17 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-3mc4-hxgv-pc7g",
4-
"modified": "2026-06-09T12:32:01Z",
4+
"modified": "2026-07-14T18:31:46Z",
55
"published": "2026-05-13T21:32:05Z",
66
"aliases": [
77
"CVE-2026-0262"
88
],
99
"details": "Multiple denial of service vulnerabilities in Palo Alto Networks PAN-OS® software allow an unauthenticated attacker with network access to cause a denial of service (DoS) condition by sending specially crafted network traffic. \n\nPanorama and Cloud NGFW are not impacted by these vulnerabilities.",
1010
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
14+
},
1115
{
1216
"type": "CVSS_V4",
1317
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:C/RE:M/U:Amber"

advisories/unreviewed/2026/05/GHSA-7g39-pmpc-x999/GHSA-7g39-pmpc-x999.json

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,13 +1,17 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-7g39-pmpc-x999",
4-
"modified": "2026-05-13T21:32:05Z",
4+
"modified": "2026-07-14T18:31:46Z",
55
"published": "2026-05-13T21:32:05Z",
66
"aliases": [
77
"CVE-2026-0259"
88
],
99
"details": "An arbitrary File Read and Delete Vulnerability in Palo Alto Networks WildFire® WF-500 and WF-500-B appliances enables users to read sensitive information and delete arbitrary files. This vulnerability affects WF-500 and WF-500-B appliances running in the default non-FIPS configuration mode.\n\n\n\nThe WildFire Appliance (WF-500, WF-500-B) software update is now available to customers that use the WildFire Appliance (WF-500, WF-500-B) for on-premise sandboxing.\n\n\n\nPlease note that customers using the WildFire Public cloud service are NOT impacted by this vulnerability.",
1010
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
14+
},
1115
{
1216
"type": "CVSS_V4",
1317
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:U/V:C/RE:M/U:Amber"

advisories/unreviewed/2026/05/GHSA-8q7v-5p8j-cfcg/GHSA-8q7v-5p8j-cfcg.json

Lines changed: 6 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,13 +1,17 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-8q7v-5p8j-cfcg",
4-
"modified": "2026-05-13T21:32:05Z",
4+
"modified": "2026-07-14T18:31:45Z",
55
"published": "2026-05-13T21:32:05Z",
66
"aliases": [
77
"CVE-2026-0235"
88
],
99
"details": "A race condition vulnerability in Palo Alto Networks Prisma® Browser enables a locally authenticated non-admin user to bypass certain access and data control policies.",
1010
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"
14+
},
1115
{
1216
"type": "CVSS_V4",
1317
"score": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:D/RE:M/U:Amber"
@@ -26,6 +30,7 @@
2630
],
2731
"database_specific": {
2832
"cwe_ids": [
33+
"CWE-362",
2934
"CWE-754"
3035
],
3136
"severity": "MODERATE",

advisories/unreviewed/2026/05/GHSA-99hw-j87x-3cgm/GHSA-99hw-j87x-3cgm.json

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,13 +1,17 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-99hw-j87x-3cgm",
4-
"modified": "2026-06-09T12:32:01Z",
4+
"modified": "2026-07-14T18:31:44Z",
55
"published": "2026-05-13T18:30:58Z",
66
"aliases": [
77
"CVE-2026-0264"
88
],
99
"details": "A buffer overflow vulnerability in the DNS proxy and DNS Server features of Palo Alto Networks PAN-OS® Software allows an unauthenticated attacker with network access to cause a denial of service (DoS) condition (all PAN-OS platforms except Cloud NGFW and Prisma Access) or potentially execute arbitrary code by sending specially crafted network traffic (PA-Series hardware only).\n\n\n\n\nPanorama, Cloud NGFW, and Prisma® Access are not impacted by this vulnerability.",
1010
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
14+
},
1115
{
1216
"type": "CVSS_V4",
1317
"score": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:U/V:C/RE:H/U:Red"

advisories/unreviewed/2026/05/GHSA-cx3v-69qf-w6mx/GHSA-cx3v-69qf-w6mx.json

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,13 +1,17 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-cx3v-69qf-w6mx",
4-
"modified": "2026-05-13T21:32:05Z",
4+
"modified": "2026-07-14T18:31:45Z",
55
"published": "2026-05-13T21:32:05Z",
66
"aliases": [
77
"CVE-2026-0247"
88
],
99
"details": "Multiple authorization bypass vulnerabilities in the Endpoint DLP component of Prisma Access Agent® allow a local attacker to bypass authentication controls and execute privileged operations.",
1010
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
14+
},
1115
{
1216
"type": "CVSS_V4",
1317
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:C/RE:M/U:Amber"

advisories/unreviewed/2026/05/GHSA-h3p8-5g8q-vm3h/GHSA-h3p8-5g8q-vm3h.json

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,13 +1,17 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-h3p8-5g8q-vm3h",
4-
"modified": "2026-05-13T21:32:05Z",
4+
"modified": "2026-07-14T18:31:45Z",
55
"published": "2026-05-13T21:32:05Z",
66
"aliases": [
77
"CVE-2026-0249"
88
],
99
"details": "Multiple improper certificate validation vulnerabilities in the Palo Alto Networks GlobalProtect™ app enables an attacker to intercept encrypted communications and potentially compromise the endpoint. This can enable a local non-administrative operating system user or an attacker on the same subnet to redirect traffic to an unauthorized server and facilitate the installation of malicious software.\n\nThe GlobalProtect app on Linux, Windows, iOS and GlobalProtect UWP app are not affected.",
1010
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"
14+
},
1115
{
1216
"type": "CVSS_V4",
1317
"score": "CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:D/RE:M/U:Amber"

advisories/unreviewed/2026/05/GHSA-h94g-f37w-qxpj/GHSA-h94g-f37w-qxpj.json

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,13 +1,17 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-h94g-f37w-qxpj",
4-
"modified": "2026-05-13T21:32:05Z",
4+
"modified": "2026-07-14T18:31:45Z",
55
"published": "2026-05-13T21:32:05Z",
66
"aliases": [
77
"CVE-2026-0251"
88
],
99
"details": "Multiple local privilege escalation vulnerabilities in the Palo Alto Networks GlobalProtect™ app allow a local user to escalate their privileges to NT AUTHORITY\\SYSTEM on Windows and root on macOS and Linux. This enables a non-administrative user to execute arbitrary commands with administrative privileges.\n\nThe GlobalProtect app on iOS, Android, Chrome OS and GlobalProtect UWP app are not affected.",
1010
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
14+
},
1115
{
1216
"type": "CVSS_V4",
1317
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:D/RE:M/U:Amber"

advisories/unreviewed/2026/05/GHSA-j263-ghj6-w2q7/GHSA-j263-ghj6-w2q7.json

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,13 +1,17 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-j263-ghj6-w2q7",
4-
"modified": "2026-05-13T21:32:06Z",
4+
"modified": "2026-07-14T18:31:46Z",
55
"published": "2026-05-13T21:32:06Z",
66
"aliases": [
77
"CVE-2026-0243"
88
],
99
"details": "A denial of service (DoS) vulnerability in Palo Alto Networks Prisma SD-WAN ION devices enables an unauthenticated attacker in a network adjacent to a Prisma SD-WAN ION device to cause a system disruption by sending a specially crafted IPv6 packet.",
1010
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
14+
},
1115
{
1216
"type": "CVSS_V4",
1317
"score": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:U/V:D/RE:M/U:Amber"

advisories/unreviewed/2026/05/GHSA-jgxc-qhw9-rf7c/GHSA-jgxc-qhw9-rf7c.json

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,13 +1,17 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-jgxc-qhw9-rf7c",
4-
"modified": "2026-05-13T21:32:05Z",
4+
"modified": "2026-07-14T18:31:45Z",
55
"published": "2026-05-13T21:32:05Z",
66
"aliases": [
77
"CVE-2026-0248"
88
],
99
"details": "An improper certificate validation vulnerability in the Prisma Access Agent® for Android and Chrome OS enables an attacker to perform a man-in-the-middle (MitM) attack to intercept VPN traffic. By presenting a certificate for any domain issued by a trusted Certificate Authority, the attacker can capture sensitive device information.\n\n\n\nThe Prisma Access Agent on macOS, Windows, Linux and iOS are not affected.",
1010
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"
14+
},
1115
{
1216
"type": "CVSS_V4",
1317
"score": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:L/SI:L/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:A/V:D/RE:M/U:Amber"

0 commit comments

Comments
 (0)