Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Palo Alto Networks — Vulnerabilities & Security Advisories 307

Browse all 307 CVE security advisories affecting Palo Alto Networks. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Palo Alto Networks operates as a prominent cybersecurity vendor, primarily providing next-generation firewalls, cloud security solutions, and endpoint protection platforms to enterprise clients. The company’s software ecosystem, particularly its PAN-OS operating system, has historically been associated with a significant volume of Common Vulnerabilities and Exposures, currently totaling 280 recorded instances. These vulnerabilities frequently involve remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from input validation errors or improper access controls within management interfaces. While the firm maintains a robust security posture through regular patching cycles and proactive threat intelligence integration, the high CVE count reflects the complexity of its extensive feature set and the broad attack surface inherent in critical infrastructure components. Major incidents have been limited, with most issues resolved via timely updates, though the sheer number of disclosed flaws underscores the challenges of securing large-scale, continuously updated network security appliances.

Found 1 results / 307Clear Filters
Top products by Palo Alto Networks: PAN-OS Cloud NGFW GlobalProtect App Cortex XDR Agent Cortex XSOAR Cortex XDR Broker VM Expedition Prisma Browser Prisma Access Agent Prisma Cloud Compute Trust Protection Foundation Global Protect Agent Prisma Access Browser Autonomous Digital Experience Manager Checkov by Prisma Cloud Bridgecrew Checkov Traps Prisma SD-WAN ION Palo Alto Networks PAN-OS Palo Alto Networks Expedition Cortex XDR Microsoft 365 Defender Pack Cortex XSOAR Microsoft Teams Marketplace Chronosphere Chronocollector User-ID Credential Agent Broker VM Prisma Cloud Compute Edition WildFire WF-500 and WF-500-B Prisma SD-WAN PAN-OS OpenConfig Plugin ActiveMQ Content Pack
CriticalCVE-2026-03002026-05-07
CVE-2026-0300 PAN-OS: Unauthenticated user initiated Buffer Overflow Vulnerability in User-ID™ Authentication Portal
MediumCVE-2026-02322026-04-18
CVE-2026-0232 Cortex XDR Agent: Local Administrator can disable the agent on Windows
HighCVE-2026-02272026-01-31
CVE-2026-0227 PAN-OS: Firewall Denial of Service (DoS) in GlobalProtect Gateway and Portal
MediumPAN-SA-2025-00182025-11-15
PAN-SA-2025-0018 Chromium and Prisma Browser: Monthly Vulnerability Update (November 2025)
MediumCVE-2017-55842025-11-14
CVE-2017-5584 Cross-Site Scripting in the Management Web Interface
HighCVE-2020-20122025-11-13
CVE-2020-2012 PAN-OS: Panorama: XML external entity reference ('XXE') vulnerability leads the to information leak
CriticalCVE-2019-15802025-11-13
CVE-2019-1580 Memory Corruption in PAN-OS
MediumCVE-2016-91492025-11-13
CVE-2016-9149 XPath Injection
CriticalCVE-2020-20402025-11-12
CVE-2020-2040 PAN-OS: Buffer overflow when Captive Portal or Multi-Factor Authentication (MFA) is enabled
MediumCVE-2022-00292025-11-10
CVE-2022-0029 Cortex XDR Agent: Improper Link Resolution Vulnerability When Generating a Tech Support File
HighCVE-2021-30562025-11-09
CVE-2021-3056 PAN-OS: Memory Corruption Vulnerability in GlobalProtect Clientless VPN During SAML Authentication
MediumCVE-2025-21832025-08-15
CVE-2025-2183 GlobalProtect App: Improper Certificate Validation Leads to Privilege Escalation
MediumCVE-2025-21792025-07-31
CVE-2025-2179 GlobalProtect App: Non Admin User Can Disable the GlobalProtect App
MediumCVE-2025-01412025-07-12
CVE-2025-0141 GlobalProtect App: Privilege Escalation (PE) Vulnerability
LowCVE-2025-42272025-06-14
CVE-2025-4227 GlobalProtect App: Interception in Endpoint Traffic Policy Enforcement
HighCVE-2025-42322025-06-14
CVE-2025-4232 GlobalProtect: Authenticated Code Injection Through Wildcard on macOS
LowCVE-2025-01332025-05-16
CVE-2025-0133 PAN-OS: Reflected Cross-Site Scripting (XSS) Vulnerability in GlobalProtect Gateway and Portal
LowCVE-2025-01352025-05-16
CVE-2025-0135 GlobalProtect App on macOS: Non Admin User Can Disable the GlobalProtect App
MediumCVE-2025-01262025-04-12
CVE-2025-0126 PAN-OS: Session Fixation Vulnerability in GlobalProtect SAML Login
MediumCVE-2025-01202025-04-12
CVE-2025-0120 GlobalProtect App: Local Privilege Escalation (PE) Vulnerability

Showing up to 20 recent security advisories. View all →

This page lists every published CVE security advisory associated with Palo Alto Networks. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.