Vulnerability-Lookup

CVE-2026-0259 (GCVE-0-2026-0259)

Vulnerability from cvelistv5 – Published: 2026-05-13 18:05 – Updated: 2026-05-13 18:57

Title

WildFire WF-500 and WF-500-B: Arbitrary File Read and Delete Vulnerability in WildFire Appliance (WF-500, WF-500-B)

Summary

An arbitrary File Read and Delete Vulnerability in Palo Alto Networks WildFire® WF-500 and WF-500-B appliances enables users to read sensitive information and delete arbitrary files. This vulnerability affects WF-500 and WF-500-B appliances running in the default non-FIPS configuration mode. The WildFire Appliance (WF-500, WF-500-B) software update is now available to customers that use the WildFire Appliance (WF-500, WF-500-B) for on-premise sandboxing. Please note that customers using the WildFire Public cloud service are NOT impacted by this vulnerability.

Severity ?

5 (Medium)


                        
                          CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/AU:Y/R:U/V:C/RE:M/U:Amber

CWE

CWE-73 - External Control of File Name or Path

Assigner

palo_alto

References

1 reference

URL	Tags
https://security.paloaltonetworks.com/CVE-2026-0259	vendor-advisory

Impacted products

1 product

Vendor	Product	Version
Palo Alto Networks	WildFire WF-500 and WF-500-B	Affected: 12.1.0 , < 12.1.7, 12.1.4-h5 (custom) Affected: 11.2.0 , < 11.2.11,11.2.7-h7 (custom) Affected: 11.1.0 , < 11.1.13,11.1.10-h8 (custom) Affected: 10.2.0 , < 10.2.18-h6, 10.2.16-h7, 10.2.13-h21, 10.2.10-h36, 10.2.7-h34 (custom)

Date Public ?

2026-05-13 16:00

Credits

Palo Alto Networks thanks our internal security research teams for discovering and reporting this issue.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-0259",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-13T18:56:39.294156Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-13T18:57:18.638Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "WildFire WF-500 and WF-500-B",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "12.1.7",
                  "status": "unaffected"
                },
                {
                  "at": "12.1.4-h5",
                  "status": "unaffected"
                }
              ],
              "lessThan": "12.1.7, 12.1.4-h5",
              "status": "affected",
              "version": "12.1.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "11.2.12",
                  "status": "unaffected"
                },
                {
                  "at": "11.2.10-h6",
                  "status": "unaffected"
                },
                {
                  "at": "11.2.7-h13",
                  "status": "unaffected"
                },
                {
                  "at": "11.2.4-h17",
                  "status": "unaffected"
                }
              ],
              "lessThan": "11.2.11,11.2.7-h7",
              "status": "affected",
              "version": "11.2.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "11.1.15",
                  "status": "unaffected"
                },
                {
                  "at": "11.1.13-h5",
                  "status": "unaffected"
                },
                {
                  "at": "11.1.10-h25",
                  "status": "unaffected"
                },
                {
                  "at": "11.1.7-h6",
                  "status": "unaffected"
                },
                {
                  "at": "11.1.6-h32",
                  "status": "unaffected"
                },
                {
                  "at": "11.1.4-h33",
                  "status": "unaffected"
                }
              ],
              "lessThan": "11.1.13,11.1.10-h8",
              "status": "affected",
              "version": "11.1.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.2.18-h6",
                  "status": "unaffected"
                },
                {
                  "at": "10.2.16-h7",
                  "status": "unaffected"
                },
                {
                  "at": "10.2.13-h21",
                  "status": "unaffected"
                },
                {
                  "at": "10.2.10-h36",
                  "status": "unaffected"
                },
                {
                  "at": "10.2.7-h34",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.2.18-h6, 10.2.16-h7, 10.2.13-h21, 10.2.10-h36, 10.2.7-h34",
              "status": "affected",
              "version": "10.2.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "eng",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "No special configuration is required to be affected by this issue."
            }
          ],
          "value": "No special configuration is required to be affected by this issue."
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:palo_alto_networks:wildfire_wf-500_and_wf-500-b:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "12.1.7_12.1.4-h5",
                  "versionStartIncluding": "12.1.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:palo_alto_networks:wildfire_wf-500_and_wf-500-b:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "11.2.11_11.2.7-h7",
                  "versionStartIncluding": "11.2.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:palo_alto_networks:wildfire_wf-500_and_wf-500-b:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "11.1.13_11.1.10-h8",
                  "versionStartIncluding": "11.1.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:palo_alto_networks:wildfire_wf-500_and_wf-500-b:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.2.18-h6_10.2.16-h7_10.2.13-h21_10.2.10-h36_10.2.7-h34",
                  "versionStartIncluding": "10.2.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ],
          "operator": "OR"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "other",
          "value": "Palo Alto Networks thanks our internal security research teams for discovering and reporting this issue."
        }
      ],
      "datePublic": "2026-05-13T16:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eAn arbitrary File Read and Delete Vulnerability in Palo Alto Networks WildFire\u00ae WF-500 and WF-500-B appliances enables users to read sensitive information and delete arbitrary files. This vulnerability affects WF-500 and WF-500-B appliances running in the default non-FIPS configuration mode.\u003c/p\u003e\u003cp\u003eThe WildFire Appliance (WF-500, WF-500-B) software update is now available to customers that use the WildFire Appliance (WF-500, WF-500-B) for on-premise sandboxing.\u003c/p\u003e\u003cp\u003ePlease note that customers using the WildFire Public cloud service are NOT impacted by this vulnerability.\u003cbr\u003e\u003c/p\u003e"
            }
          ],
          "value": "An arbitrary File Read and Delete Vulnerability in Palo Alto Networks WildFire\u00ae WF-500 and WF-500-B appliances enables users to read sensitive information and delete arbitrary files. This vulnerability affects WF-500 and WF-500-B appliances running in the default non-FIPS configuration mode.\n\n\n\nThe WildFire Appliance (WF-500, WF-500-B) software update is now available to customers that use the WildFire Appliance (WF-500, WF-500-B) for on-premise sandboxing.\n\n\n\nPlease note that customers using the WildFire Public cloud service are NOT impacted by this vulnerability."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003ePalo Alto Networks is not aware of any malicious exploitation of this issue.\u003c/p\u003e"
            }
          ],
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-597",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-597 Absolute Path Traversal"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "YES",
            "Recovery": "USER",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 5,
            "baseSeverity": "MEDIUM",
            "exploitMaturity": "UNREPORTED",
            "privilegesRequired": "LOW",
            "providerUrgency": "AMBER",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "CONCENTRATED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/AU:Y/R:U/V:C/RE:M/U:Amber",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "LOW",
            "vulnerabilityResponseEffort": "MODERATE"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-73",
              "description": "CWE-73 External Control of File Name or Path",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-13T18:05:45.862Z",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2026-0259"
        }
      ],
      "solutions": [
        {
          "lang": "eng",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003ctable class=\"tbl\"\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eVersion\u003c/th\u003e\u003cth\u003eMinor Version Range\u003c/th\u003e\u003cth\u003eSuggested Solution\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003eWildFire WF-500 and WF-500-B 12.1\u003c/td\u003e\u003ctd\u003e12.1.5 through 12.1.6\u003c/td\u003e\u003ctd\u003eUpgrade to 12.1.7 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e12.1.2 through 12.1.4-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 12.1.4-h5 or 12.1.7 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eWildFire WF-500 and WF-500-B 11.2\u003c/td\u003e\u003ctd\u003e11.2.11 or later\u003c/td\u003e\u003ctd\u003eUpgrade to 11.2.12 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.2.8 through 11.2.10-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.2.10-h6 or 11.2.12 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.2.5 through 11.2.7-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.2.7-h13 or 11.2.12 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.2.0 through 11.2.4-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.2.4-h17 or 11.2.12 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eWildFire WF-500 and WF-500-B 11.1\u003c/td\u003e\u003ctd\u003e11.1.14 or later\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.15 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.1.11 through 11.1.13-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.13-h5 or 11.1.15 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.1.8 through 11.1.10-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.10-h25 or 11.1.15 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.1.7 through 11.1.7-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.7-h6 or 11.1.15 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.1.5 through 11.1.6-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.6-h32 or 11.1.15 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.1.0 through 11.1.4-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.4-h33 or 11.1.15 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eWildFire WF-500 and WF-500-B 10.2\u003c/td\u003e\u003ctd\u003e10.2.17 through 10.2.18-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.18-h6 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e10.2.14 through 10.2.16-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.16-h7 or 10.2.18-h6 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e10.2.11 through 10.2.13-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.13-h21 or 10.2.18-h6 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e10.2.8 through 10.2.10-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.10-h36 or 10.2.18-h6 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e10.2.0 through 10.2.7-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.7-h34 or 10.2.18-h6 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eWildFire WF-500 and WF-500-B 10.1\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e\u0026nbsp;All (EoL)\u003c/td\u003e\u003ctd\u003eNo fix planned. Upgrade to a supported version.\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e"
            }
          ],
          "value": "VERSION                             MINOR VERSION RANGE          SUGGESTED SOLUTION\nWildFire WF-500 and WF-500-B 12.1   12.1.5 through 12.1.6        Upgrade to 12.1.7 or later.\n                                    12.1.2 through 12.1.4-h*     Upgrade to 12.1.4-h5 or 12.1.7 or later.\nWildFire WF-500 and WF-500-B 11.2   11.2.11 or later             Upgrade to 11.2.12 or later.\n                                    11.2.8 through 11.2.10-h*    Upgrade to 11.2.10-h6 or 11.2.12 or later.\n                                    11.2.5 through 11.2.7-h*     Upgrade to 11.2.7-h13 or 11.2.12 or later.\n                                    11.2.0 through 11.2.4-h*     Upgrade to 11.2.4-h17 or 11.2.12 or later.\nWildFire WF-500 and WF-500-B 11.1   11.1.14 or later             Upgrade to 11.1.15 or later.\n                                    11.1.11 through 11.1.13-h*   Upgrade to 11.1.13-h5 or 11.1.15 or later.\n                                    11.1.8 through 11.1.10-h*    Upgrade to 11.1.10-h25 or 11.1.15 or later.\n                                    11.1.7 through 11.1.7-h*     Upgrade to 11.1.7-h6 or 11.1.15 or later.\n                                    11.1.5 through 11.1.6-h*     Upgrade to 11.1.6-h32 or 11.1.15 or later.\n                                    11.1.0 through 11.1.4-h*     Upgrade to 11.1.4-h33 or 11.1.15 or later.\nWildFire WF-500 and WF-500-B 10.2   10.2.17 through 10.2.18-h*   Upgrade to 10.2.18-h6 or later.\n                                    10.2.14 through 10.2.16-h*   Upgrade to 10.2.16-h7 or 10.2.18-h6 or later.\n                                    10.2.11 through 10.2.13-h*   Upgrade to 10.2.13-h21 or 10.2.18-h6 or later.\n                                    10.2.8 through 10.2.10-h*    Upgrade to 10.2.10-h36 or 10.2.18-h6 or later.\n                                    10.2.0 through 10.2.7-h*     Upgrade to 10.2.7-h34 or 10.2.18-h6 or later.\nWildFire WF-500 and WF-500-B 10.1    All (EoL)                   No fix planned. Upgrade to a supported version."
        }
      ],
      "source": {
        "discovery": "INTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2026-05-13T16:00:00.000Z",
          "value": "Initial publication."
        }
      ],
      "title": "WildFire WF-500 and WF-500-B: Arbitrary File Read and Delete Vulnerability in WildFire Appliance (WF-500, WF-500-B)",
      "workarounds": [
        {
          "lang": "eng",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eFor airgapped deployments, we strongly recommend that you secure WildFire 500 appliances by restricting access to only trusted internal IP addresses.\u003c/p\u003e\u003cp\u003eCustomers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat ID 510010 (Applications and Threats content version 9100-10044 and later). \u003cbr\u003e\u003c/p\u003e\u003cb\u003e\u003c/b\u003e\u003cp\u003ePlease note that this Threat ID requires SSL Decryption.\u003c/p\u003e"
            }
          ],
          "value": "For airgapped deployments, we strongly recommend that you secure WildFire 500 appliances by restricting access to only trusted internal IP addresses.\n\nCustomers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat ID 510010 (Applications and Threats content version 9100-10044 and later).\n\n\nPlease note that this Threat ID requires SSL Decryption."
        }
      ],
      "x_affectedList": [
        "WildFire WF-500 and WF-500-B 12.1.0",
        "WildFire WF-500 and WF-500-B 12.1.1",
        "WildFire WF-500 and WF-500-B 12.1.2",
        "WildFire WF-500 and WF-500-B 12.1.3",
        "WildFire WF-500 and WF-500-B 11.2.0",
        "WildFire WF-500 and WF-500-B 11.2.1",
        "WildFire WF-500 and WF-500-B 11.2.2",
        "WildFire WF-500 and WF-500-B 11.2.3",
        "WildFire WF-500 and WF-500-B 11.1.0",
        "WildFire WF-500 and WF-500-B 11.1.1",
        "WildFire WF-500 and WF-500-B 11.1.2",
        "WildFire WF-500 and WF-500-B 11.1.3",
        "WildFire WF-500 and WF-500-B 10.2.0",
        "WildFire WF-500 and WF-500-B 10.2.1",
        "WildFire WF-500 and WF-500-B 10.2.2",
        "WildFire WF-500 and WF-500-B 10.2.3",
        "WildFire WF-500 and WF-500-B 10.2.4",
        "WildFire WF-500 and WF-500-B 10.2.5",
        "WildFire WF-500 and WF-500-B 10.2.6"
      ],
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2026-0259",
    "datePublished": "2026-05-13T18:05:45.862Z",
    "dateReserved": "2025-11-03T20:44:19.922Z",
    "dateUpdated": "2026-05-13T18:57:18.638Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2026-0259",
      "date": "2026-05-16",
      "epss": "0.0005",
      "percentile": "0.15601"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2026-0259\",\"sourceIdentifier\":\"psirt@paloaltonetworks.com\",\"published\":\"2026-05-13T19:17:01.873\",\"lastModified\":\"2026-05-14T16:21:23.190\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An arbitrary File Read and Delete Vulnerability in Palo Alto Networks WildFire\u00ae WF-500 and WF-500-B appliances enables users to read sensitive information and delete arbitrary files. This vulnerability affects WF-500 and WF-500-B appliances running in the default non-FIPS configuration mode.\\n\\n\\n\\nThe WildFire Appliance (WF-500, WF-500-B) software update is now available to customers that use the WildFire Appliance (WF-500, WF-500-B) for on-premise sandboxing.\\n\\n\\n\\nPlease note that customers using the WildFire Public cloud service are NOT impacted by this vulnerability.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"psirt@paloaltonetworks.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:U/V:C/RE:M/U:Amber\",\"baseScore\":5.0,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"HIGH\",\"vulnIntegrityImpact\":\"LOW\",\"vulnAvailabilityImpact\":\"NONE\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"UNREPORTED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"YES\",\"Recovery\":\"USER\",\"valueDensity\":\"CONCENTRATED\",\"vulnerabilityResponseEffort\":\"MODERATE\",\"providerUrgency\":\"AMBER\"}}]},\"weaknesses\":[{\"source\":\"psirt@paloaltonetworks.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-73\"}]}],\"references\":[{\"url\":\"https://security.paloaltonetworks.com/CVE-2026-0259\",\"source\":\"psirt@paloaltonetworks.com\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-0259\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-05-13T18:56:39.294156Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-05-13T18:57:10.236Z\"}}], \"cna\": {\"title\": \"WildFire WF-500 and WF-500-B: Arbitrary File Read and Delete Vulnerability in WildFire Appliance (WF-500, WF-500-B)\", \"source\": {\"discovery\": \"INTERNAL\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"other\", \"value\": \"Palo Alto Networks thanks our internal security research teams for discovering and reporting this issue.\"}], \"impacts\": [{\"capecId\": \"CAPEC-597\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-597 Absolute Path Traversal\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV4_0\": {\"Safety\": \"NOT_DEFINED\", \"version\": \"4.0\", \"Recovery\": \"USER\", \"baseScore\": 5, \"Automatable\": \"YES\", \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"valueDensity\": \"CONCENTRATED\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/AU:Y/R:U/V:C/RE:M/U:Amber\", \"exploitMaturity\": \"UNREPORTED\", \"providerUrgency\": \"AMBER\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"LOW\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"LOW\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"NONE\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"HIGH\", \"vulnerabilityResponseEffort\": \"MODERATE\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Palo Alto Networks\", \"product\": \"WildFire WF-500 and WF-500-B\", \"versions\": [{\"status\": \"affected\", \"changes\": [{\"at\": \"12.1.7\", \"status\": \"unaffected\"}, {\"at\": \"12.1.4-h5\", \"status\": \"unaffected\"}], \"version\": \"12.1.0\", \"lessThan\": \"12.1.7, 12.1.4-h5\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"changes\": [{\"at\": \"11.2.12\", \"status\": \"unaffected\"}, {\"at\": \"11.2.10-h6\", \"status\": \"unaffected\"}, {\"at\": \"11.2.7-h13\", \"status\": \"unaffected\"}, {\"at\": \"11.2.4-h17\", \"status\": \"unaffected\"}], \"version\": \"11.2.0\", \"lessThan\": \"11.2.11,11.2.7-h7\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"changes\": [{\"at\": \"11.1.15\", \"status\": \"unaffected\"}, {\"at\": \"11.1.13-h5\", \"status\": \"unaffected\"}, {\"at\": \"11.1.10-h25\", \"status\": \"unaffected\"}, {\"at\": \"11.1.7-h6\", \"status\": \"unaffected\"}, {\"at\": \"11.1.6-h32\", \"status\": \"unaffected\"}, {\"at\": \"11.1.4-h33\", \"status\": \"unaffected\"}], \"version\": \"11.1.0\", \"lessThan\": \"11.1.13,11.1.10-h8\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"changes\": [{\"at\": \"10.2.18-h6\", \"status\": \"unaffected\"}, {\"at\": \"10.2.16-h7\", \"status\": \"unaffected\"}, {\"at\": \"10.2.13-h21\", \"status\": \"unaffected\"}, {\"at\": \"10.2.10-h36\", \"status\": \"unaffected\"}, {\"at\": \"10.2.7-h34\", \"status\": \"unaffected\"}], \"version\": \"10.2.0\", \"lessThan\": \"10.2.18-h6, 10.2.16-h7, 10.2.13-h21, 10.2.10-h36, 10.2.7-h34\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}], \"exploits\": [{\"lang\": \"en\", \"value\": \"Palo Alto Networks is not aware of any malicious exploitation of this issue.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cp\u003ePalo Alto Networks is not aware of any malicious exploitation of this issue.\u003c/p\u003e\", \"base64\": false}]}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2026-05-13T16:00:00.000Z\", \"value\": \"Initial publication.\"}], \"solutions\": [{\"lang\": \"eng\", \"value\": \"VERSION                             MINOR VERSION RANGE          SUGGESTED SOLUTION\\nWildFire WF-500 and WF-500-B 12.1   12.1.5 through 12.1.6        Upgrade to 12.1.7 or later.\\n                                    12.1.2 through 12.1.4-h*     Upgrade to 12.1.4-h5 or 12.1.7 or later.\\nWildFire WF-500 and WF-500-B 11.2   11.2.11 or later             Upgrade to 11.2.12 or later.\\n                                    11.2.8 through 11.2.10-h*    Upgrade to 11.2.10-h6 or 11.2.12 or later.\\n                                    11.2.5 through 11.2.7-h*     Upgrade to 11.2.7-h13 or 11.2.12 or later.\\n                                    11.2.0 through 11.2.4-h*     Upgrade to 11.2.4-h17 or 11.2.12 or later.\\nWildFire WF-500 and WF-500-B 11.1   11.1.14 or later             Upgrade to 11.1.15 or later.\\n                                    11.1.11 through 11.1.13-h*   Upgrade to 11.1.13-h5 or 11.1.15 or later.\\n                                    11.1.8 through 11.1.10-h*    Upgrade to 11.1.10-h25 or 11.1.15 or later.\\n                                    11.1.7 through 11.1.7-h*     Upgrade to 11.1.7-h6 or 11.1.15 or later.\\n                                    11.1.5 through 11.1.6-h*     Upgrade to 11.1.6-h32 or 11.1.15 or later.\\n                                    11.1.0 through 11.1.4-h*     Upgrade to 11.1.4-h33 or 11.1.15 or later.\\nWildFire WF-500 and WF-500-B 10.2   10.2.17 through 10.2.18-h*   Upgrade to 10.2.18-h6 or later.\\n                                    10.2.14 through 10.2.16-h*   Upgrade to 10.2.16-h7 or 10.2.18-h6 or later.\\n                                    10.2.11 through 10.2.13-h*   Upgrade to 10.2.13-h21 or 10.2.18-h6 or later.\\n                                    10.2.8 through 10.2.10-h*    Upgrade to 10.2.10-h36 or 10.2.18-h6 or later.\\n                                    10.2.0 through 10.2.7-h*     Upgrade to 10.2.7-h34 or 10.2.18-h6 or later.\\nWildFire WF-500 and WF-500-B 10.1    All (EoL)                   No fix planned. Upgrade to a supported version.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003ctable class=\\\"tbl\\\"\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eVersion\u003c/th\u003e\u003cth\u003eMinor Version Range\u003c/th\u003e\u003cth\u003eSuggested Solution\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003eWildFire WF-500 and WF-500-B 12.1\u003c/td\u003e\u003ctd\u003e12.1.5 through 12.1.6\u003c/td\u003e\u003ctd\u003eUpgrade to 12.1.7 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e12.1.2 through 12.1.4-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 12.1.4-h5 or 12.1.7 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eWildFire WF-500 and WF-500-B 11.2\u003c/td\u003e\u003ctd\u003e11.2.11 or later\u003c/td\u003e\u003ctd\u003eUpgrade to 11.2.12 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.2.8 through 11.2.10-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.2.10-h6 or 11.2.12 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.2.5 through 11.2.7-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.2.7-h13 or 11.2.12 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.2.0 through 11.2.4-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.2.4-h17 or 11.2.12 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eWildFire WF-500 and WF-500-B 11.1\u003c/td\u003e\u003ctd\u003e11.1.14 or later\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.15 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.1.11 through 11.1.13-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.13-h5 or 11.1.15 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.1.8 through 11.1.10-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.10-h25 or 11.1.15 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.1.7 through 11.1.7-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.7-h6 or 11.1.15 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.1.5 through 11.1.6-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.6-h32 or 11.1.15 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.1.0 through 11.1.4-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.4-h33 or 11.1.15 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eWildFire WF-500 and WF-500-B 10.2\u003c/td\u003e\u003ctd\u003e10.2.17 through 10.2.18-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.18-h6 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e10.2.14 through 10.2.16-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.16-h7 or 10.2.18-h6 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e10.2.11 through 10.2.13-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.13-h21 or 10.2.18-h6 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e10.2.8 through 10.2.10-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.10-h36 or 10.2.18-h6 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e10.2.0 through 10.2.7-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.7-h34 or 10.2.18-h6 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eWildFire WF-500 and WF-500-B 10.1\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e\u0026nbsp;All (EoL)\u003c/td\u003e\u003ctd\u003eNo fix planned. Upgrade to a supported version.\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\", \"base64\": false}]}], \"datePublic\": \"2026-05-13T16:00:00.000Z\", \"references\": [{\"url\": \"https://security.paloaltonetworks.com/CVE-2026-0259\", \"tags\": [\"vendor-advisory\"]}], \"workarounds\": [{\"lang\": \"eng\", \"value\": \"For airgapped deployments, we strongly recommend that you secure WildFire 500 appliances by restricting access to only trusted internal IP addresses.\\n\\nCustomers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat ID 510010 (Applications and Threats content version 9100-10044 and later).\\n\\n\\nPlease note that this Threat ID requires SSL Decryption.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cp\u003eFor airgapped deployments, we strongly recommend that you secure WildFire 500 appliances by restricting access to only trusted internal IP addresses.\u003c/p\u003e\u003cp\u003eCustomers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat ID 510010 (Applications and Threats content version 9100-10044 and later). \u003cbr\u003e\u003c/p\u003e\u003cb\u003e\u003c/b\u003e\u003cp\u003ePlease note that this Threat ID requires SSL Decryption.\u003c/p\u003e\", \"base64\": false}]}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"An arbitrary File Read and Delete Vulnerability in Palo Alto Networks WildFire\\u00ae WF-500 and WF-500-B appliances enables users to read sensitive information and delete arbitrary files. This vulnerability affects WF-500 and WF-500-B appliances running in the default non-FIPS configuration mode.\\n\\n\\n\\nThe WildFire Appliance (WF-500, WF-500-B) software update is now available to customers that use the WildFire Appliance (WF-500, WF-500-B) for on-premise sandboxing.\\n\\n\\n\\nPlease note that customers using the WildFire Public cloud service are NOT impacted by this vulnerability.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cp\u003eAn arbitrary File Read and Delete Vulnerability in Palo Alto Networks WildFire\\u00ae WF-500 and WF-500-B appliances enables users to read sensitive information and delete arbitrary files. This vulnerability affects WF-500 and WF-500-B appliances running in the default non-FIPS configuration mode.\u003c/p\u003e\u003cp\u003eThe WildFire Appliance (WF-500, WF-500-B) software update is now available to customers that use the WildFire Appliance (WF-500, WF-500-B) for on-premise sandboxing.\u003c/p\u003e\u003cp\u003ePlease note that customers using the WildFire Public cloud service are NOT impacted by this vulnerability.\u003cbr\u003e\u003c/p\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-73\", \"description\": \"CWE-73 External Control of File Name or Path\"}]}], \"configurations\": [{\"lang\": \"eng\", \"value\": \"No special configuration is required to be affected by this issue.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"No special configuration is required to be affected by this issue.\", \"base64\": false}]}], \"x_affectedList\": [\"WildFire WF-500 and WF-500-B 12.1.0\", \"WildFire WF-500 and WF-500-B 12.1.1\", \"WildFire WF-500 and WF-500-B 12.1.2\", \"WildFire WF-500 and WF-500-B 12.1.3\", \"WildFire WF-500 and WF-500-B 11.2.0\", \"WildFire WF-500 and WF-500-B 11.2.1\", \"WildFire WF-500 and WF-500-B 11.2.2\", \"WildFire WF-500 and WF-500-B 11.2.3\", \"WildFire WF-500 and WF-500-B 11.1.0\", \"WildFire WF-500 and WF-500-B 11.1.1\", \"WildFire WF-500 and WF-500-B 11.1.2\", \"WildFire WF-500 and WF-500-B 11.1.3\", \"WildFire WF-500 and WF-500-B 10.2.0\", \"WildFire WF-500 and WF-500-B 10.2.1\", \"WildFire WF-500 and WF-500-B 10.2.2\", \"WildFire WF-500 and WF-500-B 10.2.3\", \"WildFire WF-500 and WF-500-B 10.2.4\", \"WildFire WF-500 and WF-500-B 10.2.5\", \"WildFire WF-500 and WF-500-B 10.2.6\"], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:a:palo_alto_networks:wildfire_wf-500_and_wf-500-b:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"12.1.7_12.1.4-h5\", \"versionStartIncluding\": \"12.1.0\"}, {\"criteria\": \"cpe:2.3:a:palo_alto_networks:wildfire_wf-500_and_wf-500-b:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"11.2.11_11.2.7-h7\", \"versionStartIncluding\": \"11.2.0\"}, {\"criteria\": \"cpe:2.3:a:palo_alto_networks:wildfire_wf-500_and_wf-500-b:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"11.1.13_11.1.10-h8\", \"versionStartIncluding\": \"11.1.0\"}, {\"criteria\": \"cpe:2.3:a:palo_alto_networks:wildfire_wf-500_and_wf-500-b:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.2.18-h6_10.2.16-h7_10.2.13-h21_10.2.10-h36_10.2.7-h34\", \"versionStartIncluding\": \"10.2.0\"}], \"operator\": \"OR\"}], \"operator\": \"OR\"}], \"providerMetadata\": {\"orgId\": \"d6c1279f-00f6-4ef7-9217-f89ffe703ec0\", \"shortName\": \"palo_alto\", \"dateUpdated\": \"2026-05-13T18:05:45.862Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2026-0259\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-05-13T18:57:18.638Z\", \"dateReserved\": \"2025-11-03T20:44:19.922Z\", \"assignerOrgId\": \"d6c1279f-00f6-4ef7-9217-f89ffe703ec0\", \"datePublished\": \"2026-05-13T18:05:45.862Z\", \"assignerShortName\": \"palo_alto\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

CERTFR-2026-AVI-0596

Vulnerability from certfr_avis - Published: 2026-05-15 - Updated: 2026-05-15

De multiples vulnérabilités ont été découvertes dans les produits Palo Alto Networks. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

L'éditeur indique que des correctifs seront publiés le 28 mai 2026.

Impacted products

Vendor	Product	Description
Palo Alto Networks	N/A	WildFire WF-500 et WF-500-B versions 12.1.4 antérieures à 12.1.4-h5
Palo Alto Networks	GlobalProtect App	GlobalProtect App versions 6.0.x antérieures à 6.0.14 pour Android et ChromeOS
Palo Alto Networks	Prisma Access Browser	Prisma Access versions 10.2.x antérieures à 10.2.10-h36
Palo Alto Networks	PAN-OS	PAN-OS versions 11.2.12
Palo Alto Networks	N/A	Prisma SD-WAN ION versions 6.3.x antérieures à 6.3.6-b10
Palo Alto Networks	N/A	WildFire WF-500 et WF-500-B versions 11.1.13 antérieures à 11.1.13-h5
Palo Alto Networks	GlobalProtect App	GlobalProtect App versions 6.0.x antérieures à 6.0.11 pour Linux
Palo Alto Networks	N/A	WildFire WF-500 et WF-500-B versions 11.2.10 antérieures à 11.2.10-h6
Palo Alto Networks	GlobalProtect App	GlobalProtect App versions 6.1.x antérieures à 6.1.13 pour Android et ChomeOS
Palo Alto Networks	PAN-OS	PAN-OS versions 11.2.7 antérieures à 11.2.7-h14
Palo Alto Networks	Prisma Access Browser	Prisma Access Agent versions 25.x et 26.x antérieures à 26.2.1 pour Android et ChromeOS
Palo Alto Networks	N/A	WildFire WF-500 et WF-500-B versions 10.2.7 antérieures à 10.2.7-h34
Palo Alto Networks	PAN-OS	PAN-OS versions 11.2.4 antérieures à 11.2.4-h17
Palo Alto Networks	N/A	WildFire WF-500 et WF-500-B versions 11.1.6 antérieures à 11.1.6-h32
Palo Alto Networks	N/A	Prisma SD-WAN ION versions 6.5.x antérieures à 6.5.3-b15
Palo Alto Networks	N/A	WildFire WF-500 et WF-500-B versions 10.2.13 antérieures à 10.2.13-h21
Palo Alto Networks	PAN-OS	PAN-OS versions 11.1.15
Palo Alto Networks	N/A	Prisma SD-WAN ION versions 6.4.x antérieures à 6.4.3-b8
Palo Alto Networks	PAN-OS	PAN-OS versions 10.2.7 antérieures à 10.2.7-h34
Palo Alto Networks	N/A	Chronosphere Chronocollector versions antérieures à v0.116.0
Palo Alto Networks	PAN-OS	PAN-OS versions 12.1.7
Palo Alto Networks	N/A	Broker VM versions 30.0.x antérieures à 30.0.24
Palo Alto Networks	N/A	WildFire WF-500 et WF-500-B versions 11.1.7 antérieures à 11.1.7-h6
Palo Alto Networks	N/A	WildFire WF-500 et WF-500-B versions 11.1.10 antérieures à 11.1.10-h25
Palo Alto Networks	N/A	Trust Protection Foundation versions 24.1.x antérieures à 24.1.13
Palo Alto Networks	PAN-OS	PAN-OS versions 11.1.10 antérieures à 11.1.10-h25
Palo Alto Networks	N/A	WildFire WF-500 et WF-500-B versions 11.2.12
Palo Alto Networks	PAN-OS	PAN-OS versions 11.2.10 antérieures à 11.2.10-h7
Palo Alto Networks	GlobalProtect App	GlobalProtect App versions 6.0.x antérieures à 6.0.13 pour macOS et Windows
Palo Alto Networks	PAN-OS	PAN-OS versions 10.2.16 antérieures à 10.2.16-h7
Palo Alto Networks	PAN-OS	PAN-OS versions 11.1.7 antérieures à 11.1.7-h6
Palo Alto Networks	PAN-OS	PAN-OS versions 12.1.4 antérieures à 12.1.4-h5
Palo Alto Networks	Prisma Access Browser	Prisma Browser versions antérieures à 148.6.3.96
Palo Alto Networks	N/A	Trust Protection Foundation versions 24.3.x antérieures à 24.3.6
Palo Alto Networks	N/A	WildFire WF-500 et WF-500-B versions 11.1.4 antérieures à 11.1.4-h33
Palo Alto Networks	PAN-OS	PAN-OS versions 11.1.4 antérieures à 11.1.4-h33
Palo Alto Networks	N/A	WildFire WF-500 et WF-500-B versions 10.2.10 antérieures à 10.2.10-h36
Palo Alto Networks	N/A	WildFire WF-500 et WF-500-B versions 10.2.18 antérieures à 10.2.18-h6
Palo Alto Networks	N/A	Trust Protection Foundation versions 25.3.x antérieures à 25.3.3
Palo Alto Networks	PAN-OS	PAN-OS versions 12.1.4 antérieures à 12.1.4-h6
Palo Alto Networks	PAN-OS	PAN-OS versions 11.2.10 antérieures à 11.2.10-h6
Palo Alto Networks	Prisma Access Browser	Prisma Access Agent (Endpoint DLP) versions 25.x à 26.x antérieures à 26.2.1 pour Windows et macOS
Palo Alto Networks	PAN-OS	PAN-OS versions 10.2.18 antérieures à 10.2.18-h6
Palo Alto Networks	Prisma Access Browser	Prisma Access versions 11.2.x antérieures à 11.2.7-h13
Palo Alto Networks	N/A	WildFire WF-500 et WF-500-B versions 10.2.16 antérieures à 10.2.16-h7
Palo Alto Networks	GlobalProtect App	GlobalProtect App versions 6.3.x antérieures à 6.3.3-h2 pour Linux
Palo Alto Networks	N/A	GlobalProtect UWP App versions 6.3 antérieures à 6.3.3-h10
Palo Alto Networks	N/A	WildFire WF-500 et WF-500-B versions 11.1.15
Palo Alto Networks	GlobalProtect App	GlobalProtect App versions 6.3.x antérieures à 6.3.3-h10 pour Windows et macOS
Palo Alto Networks	N/A	WildFire WF-500 et WF-500-B versions 11.2.7 antérieures à 11.2.7-h13
Palo Alto Networks	GlobalProtect App	GlobalProtect App versions 6.2.x antérieures à 6.2.8-h10 (6.2.8-948)
Palo Alto Networks	N/A	WildFire WF-500 et WF-500-B versions 11.2.4 antérieures à 11.2.4-h17
Palo Alto Networks	PAN-OS	PAN-OS versions 11.1.6 antérieures à 11.1.6-h32
Palo Alto Networks	PAN-OS	PAN-OS versions 11.1.13 antérieures à 11.1.13-h5
Palo Alto Networks	PAN-OS	PAN-OS versions 10.2.10 antérieures à 10.2.10-h36
Palo Alto Networks	PAN-OS	PAN-OS versions 11.2.7 antérieures à 11.2.7-h13
Palo Alto Networks	N/A	WildFire WF-500 et WF-500-B versions 12.1.7
Palo Alto Networks	N/A	Trust Protection Foundation versions 25.1.x antérieures à 25.1.8
Palo Alto Networks	PAN-OS	PAN-OS versions 10.2.13 antérieures à 10.2.13-h21

References

Title

Publication Time

Tags

Bulletin de sécurité Palo Alto Networks CVE-2026-0242	2026-05-13	vendor-advisory
Bulletin de sécurité Palo Alto Networks CVE-2026-0251	2026-05-13	vendor-advisory
Bulletin de sécurité Palo Alto Networks CVE-2026-0238	2026-05-13	vendor-advisory
Bulletin de sécurité Palo Alto Networks CVE-2026-0263	2026-05-13	vendor-advisory
Bulletin de sécurité Palo Alto Networks CVE-2026-0259	2026-05-13	vendor-advisory
Bulletin de sécurité Palo Alto Networks CVE-2026-0257	2026-05-13	vendor-advisory
Bulletin de sécurité Palo Alto Networks CVE-2026-0262	2026-05-13	vendor-advisory
Bulletin de sécurité Palo Alto Networks CVE-2026-0243	2026-05-13	vendor-advisory
Bulletin de sécurité Palo Alto Networks CVE-2026-0247	2026-05-13	vendor-advisory
Bulletin de sécurité Palo Alto Networks CVE-2026-0261	2026-05-13	vendor-advisory
Bulletin de sécurité Palo Alto Networks CVE-2026-0240	2026-05-13	vendor-advisory
Bulletin de sécurité Palo Alto Networks CVE-2026-0239	2026-05-13	vendor-advisory
Bulletin de sécurité Palo Alto Networks CVE-2026-0248	2026-05-13	vendor-advisory
Bulletin de sécurité Palo Alto Networks CVE-2026-0246	2026-05-13	vendor-advisory
Bulletin de sécurité Palo Alto Networks PAN-SA-2026-0007	2026-05-13	vendor-advisory
Bulletin de sécurité Palo Alto Networks CVE-2026-0265	2026-05-13	vendor-advisory
Bulletin de sécurité Palo Alto Networks CVE-2026-0250	2026-05-13	vendor-advisory
Bulletin de sécurité Palo Alto Networks CVE-2026-0264	2026-05-13	vendor-advisory
Bulletin de sécurité Palo Alto Networks CVE-2026-0256	2026-05-13	vendor-advisory
Bulletin de sécurité Palo Alto Networks CVE-2026-0241	2026-05-13	vendor-advisory
Bulletin de sécurité Palo Alto Networks CVE-2026-0245	2026-05-13	vendor-advisory
Bulletin de sécurité Palo Alto Networks CVE-2026-0258	2026-05-13	vendor-advisory
Bulletin de sécurité Palo Alto Networks CVE-2026-0249	2026-05-13	vendor-advisory
Bulletin de sécurité Palo Alto Networks CVE-2026-0244	2026-05-13	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "WildFire WF-500 et WF-500-B versions 12.1.4 ant\u00e9rieures \u00e0 12.1.4-h5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "GlobalProtect App versions 6.0.x ant\u00e9rieures \u00e0 6.0.14 pour Android et ChromeOS",
      "product": {
        "name": "GlobalProtect App",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Prisma Access versions 10.2.x ant\u00e9rieures \u00e0 10.2.10-h36",
      "product": {
        "name": "Prisma Access Browser",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 11.2.12",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Prisma SD-WAN ION versions 6.3.x ant\u00e9rieures \u00e0 6.3.6-b10",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "WildFire WF-500 et WF-500-B versions 11.1.13 ant\u00e9rieures \u00e0 11.1.13-h5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "GlobalProtect App versions 6.0.x ant\u00e9rieures \u00e0 6.0.11 pour Linux",
      "product": {
        "name": "GlobalProtect App",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "WildFire WF-500 et WF-500-B versions 11.2.10 ant\u00e9rieures \u00e0 11.2.10-h6",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "GlobalProtect App versions 6.1.x ant\u00e9rieures \u00e0 6.1.13 pour Android et ChomeOS",
      "product": {
        "name": "GlobalProtect App",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 11.2.7 ant\u00e9rieures \u00e0 11.2.7-h14",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Prisma Access Agent versions 25.x et 26.x ant\u00e9rieures \u00e0 26.2.1 pour Android et ChromeOS",
      "product": {
        "name": "Prisma Access Browser",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "WildFire WF-500 et WF-500-B versions 10.2.7 ant\u00e9rieures \u00e0 10.2.7-h34",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 11.2.4 ant\u00e9rieures \u00e0 11.2.4-h17",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "WildFire WF-500 et WF-500-B versions 11.1.6 ant\u00e9rieures \u00e0 11.1.6-h32",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Prisma SD-WAN ION versions 6.5.x ant\u00e9rieures \u00e0 6.5.3-b15",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "WildFire WF-500 et WF-500-B versions 10.2.13 ant\u00e9rieures \u00e0 10.2.13-h21",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 11.1.15",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Prisma SD-WAN ION versions 6.4.x ant\u00e9rieures \u00e0 6.4.3-b8",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 10.2.7 ant\u00e9rieures \u00e0 10.2.7-h34",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Chronosphere Chronocollector  versions ant\u00e9rieures \u00e0 v0.116.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 12.1.7",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Broker VM versions 30.0.x ant\u00e9rieures \u00e0 30.0.24",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "WildFire WF-500 et WF-500-B versions 11.1.7 ant\u00e9rieures \u00e0 11.1.7-h6",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "WildFire WF-500 et WF-500-B versions 11.1.10 ant\u00e9rieures \u00e0 11.1.10-h25",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Trust Protection Foundation versions 24.1.x ant\u00e9rieures \u00e0 24.1.13",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 11.1.10 ant\u00e9rieures \u00e0 11.1.10-h25",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "WildFire WF-500 et WF-500-B versions 11.2.12",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 11.2.10 ant\u00e9rieures \u00e0 11.2.10-h7",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "GlobalProtect App versions 6.0.x ant\u00e9rieures \u00e0 6.0.13 pour macOS et Windows",
      "product": {
        "name": "GlobalProtect App",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 10.2.16 ant\u00e9rieures \u00e0 10.2.16-h7",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 11.1.7 ant\u00e9rieures \u00e0 11.1.7-h6",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 12.1.4 ant\u00e9rieures \u00e0 12.1.4-h5",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Prisma Browser versions ant\u00e9rieures \u00e0 148.6.3.96",
      "product": {
        "name": "Prisma Access Browser",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Trust Protection Foundation versions 24.3.x ant\u00e9rieures \u00e0 24.3.6",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "WildFire WF-500 et WF-500-B versions 11.1.4 ant\u00e9rieures \u00e0 11.1.4-h33",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 11.1.4 ant\u00e9rieures \u00e0 11.1.4-h33",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "WildFire WF-500 et WF-500-B versions 10.2.10 ant\u00e9rieures \u00e0 10.2.10-h36",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "WildFire WF-500 et WF-500-B versions 10.2.18 ant\u00e9rieures \u00e0 10.2.18-h6",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Trust Protection Foundation versions 25.3.x ant\u00e9rieures \u00e0 25.3.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 12.1.4 ant\u00e9rieures \u00e0 12.1.4-h6",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 11.2.10 ant\u00e9rieures \u00e0 11.2.10-h6",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Prisma Access Agent (Endpoint DLP) versions 25.x \u00e0 26.x ant\u00e9rieures \u00e0 26.2.1 pour Windows et macOS",
      "product": {
        "name": "Prisma Access Browser",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 10.2.18 ant\u00e9rieures \u00e0 10.2.18-h6",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Prisma Access versions 11.2.x ant\u00e9rieures \u00e0 11.2.7-h13",
      "product": {
        "name": "Prisma Access Browser",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "WildFire WF-500 et WF-500-B versions 10.2.16 ant\u00e9rieures \u00e0 10.2.16-h7",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "GlobalProtect App versions 6.3.x ant\u00e9rieures \u00e0 6.3.3-h2 pour Linux",
      "product": {
        "name": "GlobalProtect App",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "GlobalProtect UWP App versions 6.3 ant\u00e9rieures \u00e0 6.3.3-h10",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "WildFire WF-500 et WF-500-B versions 11.1.15",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "GlobalProtect App versions 6.3.x ant\u00e9rieures \u00e0 6.3.3-h10 pour Windows et macOS",
      "product": {
        "name": "GlobalProtect App",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "WildFire WF-500 et WF-500-B versions 11.2.7 ant\u00e9rieures \u00e0 11.2.7-h13",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "GlobalProtect App versions 6.2.x ant\u00e9rieures \u00e0 6.2.8-h10 (6.2.8-948)",
      "product": {
        "name": "GlobalProtect App",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "WildFire WF-500 et WF-500-B versions 11.2.4 ant\u00e9rieures \u00e0 11.2.4-h17",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 11.1.6 ant\u00e9rieures \u00e0 11.1.6-h32",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 11.1.13 ant\u00e9rieures \u00e0 11.1.13-h5",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 10.2.10 ant\u00e9rieures \u00e0 10.2.10-h36",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 11.2.7 ant\u00e9rieures \u00e0 11.2.7-h13",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "WildFire WF-500 et WF-500-B versions 12.1.7",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Trust Protection Foundation versions 25.1.x ant\u00e9rieures \u00e0 25.1.8",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 10.2.13 ant\u00e9rieures \u00e0 10.2.13-h21",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "L\u0027\u00e9diteur indique que des correctifs seront publi\u00e9s le 28 mai 2026.",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2026-4678",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4678"
    },
    {
      "name": "CVE-2026-4448",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4448"
    },
    {
      "name": "CVE-2026-5914",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5914"
    },
    {
      "name": "CVE-2026-5289",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5289"
    },
    {
      "name": "CVE-2026-4460",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4460"
    },
    {
      "name": "CVE-2026-5886",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5886"
    },
    {
      "name": "CVE-2026-4445",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4445"
    },
    {
      "name": "CVE-2026-5278",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5278"
    },
    {
      "name": "CVE-2026-4444",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4444"
    },
    {
      "name": "CVE-2026-4673",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4673"
    },
    {
      "name": "CVE-2026-0264",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0264"
    },
    {
      "name": "CVE-2026-0241",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0241"
    },
    {
      "name": "CVE-2026-0251",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0251"
    },
    {
      "name": "CVE-2026-4456",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4456"
    },
    {
      "name": "CVE-2026-5272",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5272"
    },
    {
      "name": "CVE-2026-7359",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-7359"
    },
    {
      "name": "CVE-2026-4464",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4464"
    },
    {
      "name": "CVE-2026-8022",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-8022"
    },
    {
      "name": "CVE-2026-7361",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-7361"
    },
    {
      "name": "CVE-2026-5291",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5291"
    },
    {
      "name": "CVE-2026-4457",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4457"
    },
    {
      "name": "CVE-2026-4461",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4461"
    },
    {
      "name": "CVE-2026-5876",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5876"
    },
    {
      "name": "CVE-2026-6921",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-6921"
    },
    {
      "name": "CVE-2026-4447",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4447"
    },
    {
      "name": "CVE-2026-5284",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5284"
    },
    {
      "name": "CVE-2026-5881",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5881"
    },
    {
      "name": "CVE-2026-5282",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5282"
    },
    {
      "name": "CVE-2026-0249",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0249"
    },
    {
      "name": "CVE-2026-4442",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4442"
    },
    {
      "name": "CVE-2026-0263",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0263"
    },
    {
      "name": "CVE-2026-5283",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5283"
    },
    {
      "name": "CVE-2026-4676",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4676"
    },
    {
      "name": "CVE-2026-0265",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0265"
    },
    {
      "name": "CVE-2026-4675",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4675"
    },
    {
      "name": "CVE-2026-0244",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0244"
    },
    {
      "name": "CVE-2026-0258",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0258"
    },
    {
      "name": "CVE-2026-4446",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4446"
    },
    {
      "name": "CVE-2026-4679",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4679"
    },
    {
      "name": "CVE-2026-4674",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4674"
    },
    {
      "name": "CVE-2026-0256",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0256"
    },
    {
      "name": "CVE-2026-0261",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0261"
    },
    {
      "name": "CVE-2026-5274",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5274"
    },
    {
      "name": "CVE-2026-4463",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4463"
    },
    {
      "name": "CVE-2026-5909",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5909"
    },
    {
      "name": "CVE-2026-0243",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0243"
    },
    {
      "name": "CVE-2026-0242",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0242"
    },
    {
      "name": "CVE-2026-4441",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4441"
    },
    {
      "name": "CVE-2026-0239",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0239"
    },
    {
      "name": "CVE-2026-7981",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-7981"
    },
    {
      "name": "CVE-2026-5276",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5276"
    },
    {
      "name": "CVE-2026-6305",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-6305"
    },
    {
      "name": "CVE-2026-0250",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0250"
    },
    {
      "name": "CVE-2026-4439",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4439"
    },
    {
      "name": "CVE-2026-5893",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5893"
    },
    {
      "name": "CVE-2026-5285",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5285"
    },
    {
      "name": "CVE-2026-4452",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4452"
    },
    {
      "name": "CVE-2026-4462",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4462"
    },
    {
      "name": "CVE-2026-4680",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4680"
    },
    {
      "name": "CVE-2026-0237",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0237"
    },
    {
      "name": "CVE-2026-4677",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4677"
    },
    {
      "name": "CVE-2026-5919",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5919"
    },
    {
      "name": "CVE-2026-6361",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-6361"
    },
    {
      "name": "CVE-2026-0238",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0238"
    },
    {
      "name": "CVE-2026-8018",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-8018"
    },
    {
      "name": "CVE-2026-7363",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-7363"
    },
    {
      "name": "CVE-2026-5273",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5273"
    },
    {
      "name": "CVE-2026-4458",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4458"
    },
    {
      "name": "CVE-2026-4459",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4459"
    },
    {
      "name": "CVE-2026-0246",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0246"
    },
    {
      "name": "CVE-2026-4450",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4450"
    },
    {
      "name": "CVE-2026-5275",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5275"
    },
    {
      "name": "CVE-2026-4455",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4455"
    },
    {
      "name": "CVE-2026-0262",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0262"
    },
    {
      "name": "CVE-2026-5280",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5280"
    },
    {
      "name": "CVE-2026-5286",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5286"
    },
    {
      "name": "CVE-2026-0257",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0257"
    },
    {
      "name": "CVE-2026-5884",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5884"
    },
    {
      "name": "CVE-2026-5287",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5287"
    },
    {
      "name": "CVE-2026-4449",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4449"
    },
    {
      "name": "CVE-2026-5277",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5277"
    },
    {
      "name": "CVE-2026-7343",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-7343"
    },
    {
      "name": "CVE-2026-5292",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5292"
    },
    {
      "name": "CVE-2026-5290",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5290"
    },
    {
      "name": "CVE-2026-0245",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0245"
    },
    {
      "name": "CVE-2026-0248",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0248"
    },
    {
      "name": "CVE-2026-0235",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0235"
    },
    {
      "name": "CVE-2026-4451",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4451"
    },
    {
      "name": "CVE-2026-4440",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4440"
    },
    {
      "name": "CVE-2026-0247",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0247"
    },
    {
      "name": "CVE-2026-0236",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0236"
    },
    {
      "name": "CVE-2026-5281",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5281"
    },
    {
      "name": "CVE-2026-0240",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0240"
    },
    {
      "name": "CVE-2026-4443",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4443"
    },
    {
      "name": "CVE-2026-5288",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5288"
    },
    {
      "name": "CVE-2026-0259",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0259"
    },
    {
      "name": "CVE-2026-5279",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5279"
    },
    {
      "name": "CVE-2026-4453",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4453"
    },
    {
      "name": "CVE-2026-4454",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4454"
    }
  ],
  "initial_release_date": "2026-05-15T00:00:00",
  "last_revision_date": "2026-05-15T00:00:00",
  "links": [],
  "reference": "CERTFR-2026-AVI-0596",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2026-05-15T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Injection SQL (SQLi)"
    },
    {
      "description": "Falsification de requ\u00eates c\u00f4t\u00e9 serveur (SSRF)"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Palo Alto Networks. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Palo Alto Networks",
  "vendor_advisories": [
    {
      "published_at": "2026-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2026-0242",
      "url": "https://security.paloaltonetworks.com/CVE-2026-0242"
    },
    {
      "published_at": "2026-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2026-0251",
      "url": "https://security.paloaltonetworks.com/CVE-2026-0251"
    },
    {
      "published_at": "2026-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2026-0238",
      "url": "https://security.paloaltonetworks.com/CVE-2026-0238"
    },
    {
      "published_at": "2026-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2026-0263",
      "url": "https://security.paloaltonetworks.com/CVE-2026-0263"
    },
    {
      "published_at": "2026-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2026-0259",
      "url": "https://security.paloaltonetworks.com/CVE-2026-0259"
    },
    {
      "published_at": "2026-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2026-0257",
      "url": "https://security.paloaltonetworks.com/CVE-2026-0257"
    },
    {
      "published_at": "2026-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2026-0262",
      "url": "https://security.paloaltonetworks.com/CVE-2026-0262"
    },
    {
      "published_at": "2026-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2026-0243",
      "url": "https://security.paloaltonetworks.com/CVE-2026-0243"
    },
    {
      "published_at": "2026-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2026-0247",
      "url": "https://security.paloaltonetworks.com/CVE-2026-0247"
    },
    {
      "published_at": "2026-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2026-0261",
      "url": "https://security.paloaltonetworks.com/CVE-2026-0261"
    },
    {
      "published_at": "2026-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2026-0240",
      "url": "https://security.paloaltonetworks.com/CVE-2026-0240"
    },
    {
      "published_at": "2026-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2026-0239",
      "url": "https://security.paloaltonetworks.com/CVE-2026-0239"
    },
    {
      "published_at": "2026-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2026-0248",
      "url": "https://security.paloaltonetworks.com/CVE-2026-0248"
    },
    {
      "published_at": "2026-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2026-0246",
      "url": "https://security.paloaltonetworks.com/CVE-2026-0246"
    },
    {
      "published_at": "2026-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks PAN-SA-2026-0007",
      "url": "https://security.paloaltonetworks.com/PAN-SA-2026-0007"
    },
    {
      "published_at": "2026-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2026-0265",
      "url": "https://security.paloaltonetworks.com/CVE-2026-0265"
    },
    {
      "published_at": "2026-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2026-0250",
      "url": "https://security.paloaltonetworks.com/CVE-2026-0250"
    },
    {
      "published_at": "2026-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2026-0264",
      "url": "https://security.paloaltonetworks.com/CVE-2026-0264"
    },
    {
      "published_at": "2026-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2026-0256",
      "url": "https://security.paloaltonetworks.com/CVE-2026-0256"
    },
    {
      "published_at": "2026-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2026-0241",
      "url": "https://security.paloaltonetworks.com/CVE-2026-0241"
    },
    {
      "published_at": "2026-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2026-0245",
      "url": "https://security.paloaltonetworks.com/CVE-2026-0245"
    },
    {
      "published_at": "2026-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2026-0258",
      "url": "https://security.paloaltonetworks.com/CVE-2026-0258"
    },
    {
      "published_at": "2026-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2026-0249",
      "url": "https://security.paloaltonetworks.com/CVE-2026-0249"
    },
    {
      "published_at": "2026-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2026-0244",
      "url": "https://security.paloaltonetworks.com/CVE-2026-0244"
    }
  ]
}

GHSA-7G39-PMPC-X999

Vulnerability from github – Published: 2026-05-13 21:32 – Updated: 2026-05-13 21:32

Details

The WildFire Appliance (WF-500, WF-500-B) software update is now available to customers that use the WildFire Appliance (WF-500, WF-500-B) for on-premise sandboxing.

Please note that customers using the WildFire Public cloud service are NOT impacted by this vulnerability.

Severity ?

5.0 (Medium)


                  
                    CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/AU:Y/R:U/V:C/RE:M/U:Amber

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2026-0259"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-73"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-05-13T19:17:01Z",
    "severity": "MODERATE"
  },
  "details": "An arbitrary File Read and Delete Vulnerability in Palo Alto Networks WildFire\u00ae WF-500 and WF-500-B appliances enables users to read sensitive information and delete arbitrary files. This vulnerability affects WF-500 and WF-500-B appliances running in the default non-FIPS configuration mode.\n\n\n\nThe WildFire Appliance (WF-500, WF-500-B) software update is now available to customers that use the WildFire Appliance (WF-500, WF-500-B) for on-premise sandboxing.\n\n\n\nPlease note that customers using the WildFire Public cloud service are NOT impacted by this vulnerability.",
  "id": "GHSA-7g39-pmpc-x999",
  "modified": "2026-05-13T21:32:05Z",
  "published": "2026-05-13T21:32:05Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-0259"
    },
    {
      "type": "WEB",
      "url": "https://security.paloaltonetworks.com/CVE-2026-0259"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:U/V:C/RE:M/U:Amber",
      "type": "CVSS_V4"
    }
  ]
}

FKIE_CVE-2026-0259

Vulnerability from fkie_nvd - Published: 2026-05-13 19:17 - Updated: 2026-05-14 16:21

Severity ?

5.0 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/AU:Y/R:U/V:C/RE:M/U:Amber

Summary

References

	URL	Tags
	psirt@paloaltonetworks.com	https://security.paloaltonetworks.com/CVE-2026-0259

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An arbitrary File Read and Delete Vulnerability in Palo Alto Networks WildFire\u00ae WF-500 and WF-500-B appliances enables users to read sensitive information and delete arbitrary files. This vulnerability affects WF-500 and WF-500-B appliances running in the default non-FIPS configuration mode.\n\n\n\nThe WildFire Appliance (WF-500, WF-500-B) software update is now available to customers that use the WildFire Appliance (WF-500, WF-500-B) for on-premise sandboxing.\n\n\n\nPlease note that customers using the WildFire Public cloud service are NOT impacted by this vulnerability."
    }
  ],
  "id": "CVE-2026-0259",
  "lastModified": "2026-05-14T16:21:23.190",
  "metrics": {
    "cvssMetricV40": [
      {
        "cvssData": {
          "Automatable": "YES",
          "Recovery": "USER",
          "Safety": "NOT_DEFINED",
          "attackComplexity": "LOW",
          "attackRequirements": "NONE",
          "attackVector": "NETWORK",
          "availabilityRequirement": "NOT_DEFINED",
          "baseScore": 5.0,
          "baseSeverity": "MEDIUM",
          "confidentialityRequirement": "NOT_DEFINED",
          "exploitMaturity": "UNREPORTED",
          "integrityRequirement": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "privilegesRequired": "LOW",
          "providerUrgency": "AMBER",
          "subAvailabilityImpact": "NONE",
          "subConfidentialityImpact": "NONE",
          "subIntegrityImpact": "NONE",
          "userInteraction": "NONE",
          "valueDensity": "CONCENTRATED",
          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:U/V:C/RE:M/U:Amber",
          "version": "4.0",
          "vulnAvailabilityImpact": "NONE",
          "vulnConfidentialityImpact": "HIGH",
          "vulnIntegrityImpact": "LOW",
          "vulnerabilityResponseEffort": "MODERATE"
        },
        "source": "psirt@paloaltonetworks.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2026-05-13T19:17:01.873",
  "references": [
    {
      "source": "psirt@paloaltonetworks.com",
      "url": "https://security.paloaltonetworks.com/CVE-2026-0259"
    }
  ],
  "sourceIdentifier": "psirt@paloaltonetworks.com",
  "vulnStatus": "Awaiting Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-73"
        }
      ],
      "source": "psirt@paloaltonetworks.com",
      "type": "Secondary"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2026-0259 (GCVE-0-2026-0259)

CERTFR-2026-AVI-0596

Solutions

GHSA-7G39-PMPC-X999

FKIE_CVE-2026-0259

Tags

Sightings

Nomenclature