CVE-2026-0259— WildFire WF-500 and WF-500-B: Arbitrary File Read and Delete Vulnerability in WildFire Appliance (WF-500, WF-500-B)
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-0259
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
WildFire WF-500 and WF-500-B: Arbitrary File Read and Delete Vulnerability in WildFire Appliance (WF-500, WF-500-B)
Source: NVD (National Vulnerability Database)
Vulnerability Description
An arbitrary File Read and Delete Vulnerability in Palo Alto Networks WildFire® WF-500 and WF-500-B appliances enables users to read sensitive information and delete arbitrary files. This vulnerability affects WF-500 and WF-500-B appliances running in the default non-FIPS configuration mode. The WildFire Appliance (WF-500, WF-500-B) software update is now available to customers that use the WildFire Appliance (WF-500, WF-500-B) for on-premise sandboxing. Please note that customers using the WildFire Public cloud service are NOT impacted by this vulnerability.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
文件名或路径的外部可控制
Source: NVD (National Vulnerability Database)
Vulnerability Title
Palo Alto Networks WildFire 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Palo Alto Networks WildFire是美国派拓网络(Palo Alto Networks)公司的一个基于云的恶意软件分析与威胁情报平台。 Palo Alto Networks WildFire存在安全漏洞,该漏洞源于任意文件读取和删除,可能导致用户读取敏感信息并删除任意文件。以下版本受到影响:WF-500和WF-500-B在默认非FIPS配置模式下运行的版本。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Palo Alto Networks | WildFire WF-500 and WF-500-B | 12.1.0 ~ 12.1.7, 12.1.4-h5 | - |
II. Public POCs for CVE-2026-0259
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-0259
请登录查看更多情报信息。
Same Patch Batch · Palo Alto Networks · 2026-05-13 · 26 CVEs total
| CVE-2026-0238 | Broker VM: Improper Input Validation in Broker VM Certificate and Key Fields | |
| CVE-2026-0242 | Trust Protection Foundation: SQL Injection Vulnerability | |
| CVE-2026-0258 | PAN-OS: Server-Side Request Forgery (SSRF) in IKEv2 Certificate URL Fetching | |
| CVE-2026-0245 | Prisma Access Agent: Information Disclosure Vulnerabilities | |
| CVE-2026-0236 | Prisma Browser: Code Injection Enables Security Controls Bypass | |
| CVE-2026-0241 | Trust Protection Foundation: Multiple Authorization Bypass Vulnerabilities | |
| CVE-2026-0261 | PAN-OS: Authenticated Admin Command Injection Vulnerability | |
| CVE-2026-0265 | PAN-OS: Authentication Bypass with Cloud Authentication Service (CAS) enabled | |
| CVE-2026-0243 | Prisma SD-WAN: Denial of Service (DoS) Vulnerability Through IPv6 Crafted Packet | |
| CVE-2026-0262 | PAN-OS: Denial of Service Vulnerabilities in Network Traffic Parsing | |
| CVE-2026-0237 | Prisma Browser: Improperly Restricted Automation Bridge Allows Security Bypass | |
| CVE-2026-0247 | Prisma Access Agent Endpoint DLP: Authorization Bypass Vulnerabilities | |
| CVE-2026-0256 | PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in the Web Interface | |
| CVE-2026-0250 | GlobalProtect App: Buffer Overflow Vulnerability during connection to Portal or Gateway | |
| CVE-2026-0264 | PAN-OS: Heap-Based Buffer Overflow in DNS Proxy and DNS Server Allows Unauthenticated Remo | |
| CVE-2026-0235 | Prisma Browser: Access and Data Rule Bypass | |
| CVE-2026-0251 | GlobalProtect App: Local Privilege Escalation Vulnerabilities | |
| CVE-2026-0249 | GlobalProtect App: Certificate Validation Bypass Vulnerabilities | |
| CVE-2026-0240 | Trust Protection Foundation: Sensitive Information Disclosure Vulnerability | |
| CVE-2026-0244 | Prisma SD-WAN: Improper Certificate Validation Vulnerability |
Showing top 20 of 26 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same vendor: Palo Alto Networks
- CVE-2026-0243
Prisma SD-WAN: Denial of Service (DoS) Vulnerability Through - CVE-2026-0248
Prisma Access Agent: Improper Certificate Validation Vulnera - CVE-2026-0242
Trust Protection Foundation: SQL Injection Vulnerability - CVE-2026-0244
Prisma SD-WAN: Improper Certificate Validation Vulnerability - CVE-2026-0241
Trust Protection Foundation: Multiple Authorization Bypass V
Same weakness: CWE-73
- CVE-2026-45008
phpMyFAQ - Path Traversal in Client::deleteClientFolder via - CVE-2026-42597
Gotenberg: Chromium URL conversion routes read arbitrary fil - CVE-2026-40893
Gotenberg: ExifTool Dangerous Tag Blocklist Bypass via Group - CVE-2026-3892
Motors – Car Dealer, Classifieds & Listing <= 1.4.107 - Auth - CVE-2026-30905
Zoom Workplace VDI Plugin Windows Universal Installer 安全漏洞
V. Comments for CVE-2026-0259
No comments yet