cvelistv5 - cve-2026-0248

CVE-2026-0248 (GCVE-0-2026-0248)

Vulnerability from cvelistv5

Published

2026-05-13 19:05

Modified

2026-05-13 19:29

Severity ?

6.2 (Medium) - CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:L/SI:L/SA:N/E:U/AU:Y/R:A/V:D/RE:M/U:Amber

CWE

CWE-295 - Improper Certificate Validation

Summary

An improper certificate validation vulnerability in the Prisma Access Agent® for Android and Chrome OS enables an attacker to perform a man-in-the-middle (MitM) attack to intercept VPN traffic. By presenting a certificate for any domain issued by a trusted Certificate Authority, the attacker can capture sensitive device information. The Prisma Access Agent on macOS, Windows, Linux and iOS are not affected.

References

URL

Tags

https://security.paloaltonetworks.com/CVE-2026-0248

vendor-advisory

Impacted products

Vendor

Product

Version

Palo Alto Networks

Prisma Access Agent

Version: 0 < 26.2.1

Palo Alto Networks

Prisma Access Agent

Patch: All

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-0248",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-13T19:17:42.438347Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-13T19:29:24.329Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Android",
            "Chrome OS"
          ],
          "product": "Prisma Access Agent",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "26.2.1",
                  "status": "unaffected"
                }
              ],
              "lessThan": "26.2.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "iOS",
            "Linux",
            "macOS",
            "Windows"
          ],
          "product": "Prisma Access Agent",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All",
              "versionType": "custom"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "eng",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eNo special configuration is required.\u003c/p\u003e"
            }
          ],
          "value": "No special configuration is required."
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:palo_alto_networks:prisma_access_agent:*:*:android:*:*:*:*:*",
                  "versionEndExcluding": "26.2.1",
                  "versionStartIncluding": "0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:palo_alto_networks:prisma_access_agent:*:*:chrome_os:*:*:*:*:*",
                  "versionEndExcluding": "26.2.1",
                  "versionStartIncluding": "0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            },
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:palo_alto_networks:prisma_access_agent:all:*:ios:*:*:*:*:*",
                  "vulnerable": false
                },
                {
                  "criteria": "cpe:2.3:a:palo_alto_networks:prisma_access_agent:all:*:linux:*:*:*:*:*",
                  "vulnerable": false
                },
                {
                  "criteria": "cpe:2.3:a:palo_alto_networks:prisma_access_agent:all:*:macos:*:*:*:*:*",
                  "vulnerable": false
                },
                {
                  "criteria": "cpe:2.3:a:palo_alto_networks:prisma_access_agent:all:*:windows:*:*:*:*:*",
                  "vulnerable": false
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ],
          "operator": "OR"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "other",
          "value": "Palo Alto Networks thanks our internal security research teams for discovering and reporting this issue."
        }
      ],
      "datePublic": "2026-05-13T16:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eAn improper certificate validation vulnerability in the Prisma Access Agent\u00ae for Android and Chrome OS enables an attacker to perform a man-in-the-middle (MitM) attack to intercept VPN traffic. By presenting a certificate for any domain issued by a trusted Certificate Authority, the attacker can capture sensitive device information.\u003c/p\u003e\u003cp\u003eThe Prisma Access Agent on macOS, Windows, Linux and iOS are not affected.\u003c/p\u003e"
            }
          ],
          "value": "An improper certificate validation vulnerability in the Prisma Access Agent\u00ae for Android and Chrome OS enables an attacker to perform a man-in-the-middle (MitM) attack to intercept VPN traffic. By presenting a certificate for any domain issued by a trusted Certificate Authority, the attacker can capture sensitive device information.\n\n\n\nThe Prisma Access Agent on macOS, Windows, Linux and iOS are not affected."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003ePalo Alto Networks is not aware of any malicious exploitation of this issue.\u003c/p\u003e"
            }
          ],
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-94",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-94 Adversary in the Middle (AiTM)"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "YES",
            "Recovery": "AUTOMATIC",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "ADJACENT",
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "exploitMaturity": "UNREPORTED",
            "privilegesRequired": "NONE",
            "providerUrgency": "AMBER",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "LOW",
            "subIntegrityImpact": "LOW",
            "userInteraction": "NONE",
            "valueDensity": "DIFFUSE",
            "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:L/SI:L/SA:N/E:U/AU:Y/R:A/V:D/RE:M/U:Amber",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "MODERATE"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-295",
              "description": "CWE-295 Improper Certificate Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-13T19:05:00.190Z",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2026-0248"
        }
      ],
      "solutions": [
        {
          "lang": "eng",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003ctable class=\"tbl\"\u003e\u003ctr\u003e\u003ctd\u003eVersion\u003c/td\u003e\u003ctd\u003eMinor Version\u003c/td\u003e\u003ctd\u003eSuggested Solution\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePrisma Access Agent on Android\u003c/td\u003e\u003ctd\u003e25.0 through 26.2\u003c/td\u003e\u003ctd\u003eUpgrade to 26.2.1 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePrisma Access Agent Chrome OS\u003c/td\u003e\u003ctd\u003e25.0 through 26.2\u003c/td\u003e\u003ctd\u003eUpgrade to 26.2.1 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePrisma Access Agent on iOS\u003c/td\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003eNo action needed\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePrisma Access Agent on Linux\u003c/td\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003eNo action needed\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePrisma Access Agent on macOS\u003c/td\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003eNo action needed\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePrisma Access Agent on Windows\u003c/td\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003eNo action needed\u003c/td\u003e\u003c/tr\u003e\u003c/table\u003e"
            }
          ],
          "value": "Version  Minor Version  Suggested Solution\nPrisma Access Agent on Android  25.0 through 26.2  Upgrade to 26.2.1 or later.\nPrisma Access Agent Chrome OS  25.0 through 26.2  Upgrade to 26.2.1 or later.\nPrisma Access Agent on iOS    No action needed\nPrisma Access Agent on Linux    No action needed\nPrisma Access Agent on macOS    No action needed\nPrisma Access Agent on Windows    No action needed"
        }
      ],
      "source": {
        "discovery": "INTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2026-05-13T16:00:00.000Z",
          "value": "Initial publication."
        }
      ],
      "title": "Prisma Access Agent: Improper Certificate Validation Vulnerability",
      "workarounds": [
        {
          "lang": "eng",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eNo known workarounds exist for this issue.\u003c/p\u003e"
            }
          ],
          "value": "No known workarounds exist for this issue."
        }
      ],
      "x_affectedList": [
        "Prisma Access Agent   26.2.0"
      ],
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2026-0248",
    "datePublished": "2026-05-13T19:05:00.190Z",
    "dateReserved": "2025-11-03T20:44:09.168Z",
    "dateUpdated": "2026-05-13T19:29:24.329Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CERTFR-2026-AVI-0596

Vulnerability from certfr_avis

De multiples vulnérabilités ont été découvertes dans les produits Palo Alto Networks. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

L'éditeur indique que des correctifs seront publiés le 28 mai 2026.

Impacted products

Vendor	Product	Description
Palo Alto Networks	N/A	WildFire WF-500 et WF-500-B versions 12.1.4 antérieures à 12.1.4-h5
Palo Alto Networks	GlobalProtect App	GlobalProtect App versions 6.0.x antérieures à 6.0.14 pour Android et ChromeOS
Palo Alto Networks	Prisma Access Browser	Prisma Access versions 10.2.x antérieures à 10.2.10-h36
Palo Alto Networks	PAN-OS	PAN-OS versions 11.2.12
Palo Alto Networks	N/A	Prisma SD-WAN ION versions 6.3.x antérieures à 6.3.6-b10
Palo Alto Networks	N/A	WildFire WF-500 et WF-500-B versions 11.1.13 antérieures à 11.1.13-h5
Palo Alto Networks	GlobalProtect App	GlobalProtect App versions 6.0.x antérieures à 6.0.11 pour Linux
Palo Alto Networks	N/A	WildFire WF-500 et WF-500-B versions 11.2.10 antérieures à 11.2.10-h6
Palo Alto Networks	GlobalProtect App	GlobalProtect App versions 6.1.x antérieures à 6.1.13 pour Android et ChomeOS
Palo Alto Networks	PAN-OS	PAN-OS versions 11.2.7 antérieures à 11.2.7-h14
Palo Alto Networks	Prisma Access Browser	Prisma Access Agent versions 25.x et 26.x antérieures à 26.2.1 pour Android et ChromeOS
Palo Alto Networks	N/A	WildFire WF-500 et WF-500-B versions 10.2.7 antérieures à 10.2.7-h34
Palo Alto Networks	PAN-OS	PAN-OS versions 11.2.4 antérieures à 11.2.4-h17
Palo Alto Networks	N/A	WildFire WF-500 et WF-500-B versions 11.1.6 antérieures à 11.1.6-h32
Palo Alto Networks	N/A	Prisma SD-WAN ION versions 6.5.x antérieures à 6.5.3-b15
Palo Alto Networks	N/A	WildFire WF-500 et WF-500-B versions 10.2.13 antérieures à 10.2.13-h21
Palo Alto Networks	PAN-OS	PAN-OS versions 11.1.15
Palo Alto Networks	N/A	Prisma SD-WAN ION versions 6.4.x antérieures à 6.4.3-b8
Palo Alto Networks	PAN-OS	PAN-OS versions 10.2.7 antérieures à 10.2.7-h34
Palo Alto Networks	N/A	Chronosphere Chronocollector versions antérieures à v0.116.0
Palo Alto Networks	PAN-OS	PAN-OS versions 12.1.7
Palo Alto Networks	N/A	Broker VM versions 30.0.x antérieures à 30.0.24
Palo Alto Networks	N/A	WildFire WF-500 et WF-500-B versions 11.1.7 antérieures à 11.1.7-h6
Palo Alto Networks	N/A	WildFire WF-500 et WF-500-B versions 11.1.10 antérieures à 11.1.10-h25
Palo Alto Networks	N/A	Trust Protection Foundation versions 24.1.x antérieures à 24.1.13
Palo Alto Networks	PAN-OS	PAN-OS versions 11.1.10 antérieures à 11.1.10-h25
Palo Alto Networks	N/A	WildFire WF-500 et WF-500-B versions 11.2.12
Palo Alto Networks	PAN-OS	PAN-OS versions 11.2.10 antérieures à 11.2.10-h7
Palo Alto Networks	GlobalProtect App	GlobalProtect App versions 6.0.x antérieures à 6.0.13 pour macOS et Windows
Palo Alto Networks	PAN-OS	PAN-OS versions 10.2.16 antérieures à 10.2.16-h7
Palo Alto Networks	PAN-OS	PAN-OS versions 11.1.7 antérieures à 11.1.7-h6
Palo Alto Networks	PAN-OS	PAN-OS versions 12.1.4 antérieures à 12.1.4-h5
Palo Alto Networks	Prisma Access Browser	Prisma Browser versions antérieures à 148.6.3.96
Palo Alto Networks	N/A	Trust Protection Foundation versions 24.3.x antérieures à 24.3.6
Palo Alto Networks	N/A	WildFire WF-500 et WF-500-B versions 11.1.4 antérieures à 11.1.4-h33
Palo Alto Networks	PAN-OS	PAN-OS versions 11.1.4 antérieures à 11.1.4-h33
Palo Alto Networks	N/A	WildFire WF-500 et WF-500-B versions 10.2.10 antérieures à 10.2.10-h36
Palo Alto Networks	N/A	WildFire WF-500 et WF-500-B versions 10.2.18 antérieures à 10.2.18-h6
Palo Alto Networks	N/A	Trust Protection Foundation versions 25.3.x antérieures à 25.3.3
Palo Alto Networks	PAN-OS	PAN-OS versions 12.1.4 antérieures à 12.1.4-h6
Palo Alto Networks	PAN-OS	PAN-OS versions 11.2.10 antérieures à 11.2.10-h6
Palo Alto Networks	Prisma Access Browser	Prisma Access Agent (Endpoint DLP) versions 25.x à 26.x antérieures à 26.2.1 pour Windows et macOS
Palo Alto Networks	PAN-OS	PAN-OS versions 10.2.18 antérieures à 10.2.18-h6
Palo Alto Networks	Prisma Access Browser	Prisma Access versions 11.2.x antérieures à 11.2.7-h13
Palo Alto Networks	N/A	WildFire WF-500 et WF-500-B versions 10.2.16 antérieures à 10.2.16-h7
Palo Alto Networks	GlobalProtect App	GlobalProtect App versions 6.3.x antérieures à 6.3.3-h2 pour Linux
Palo Alto Networks	N/A	GlobalProtect UWP App versions 6.3 antérieures à 6.3.3-h10
Palo Alto Networks	N/A	WildFire WF-500 et WF-500-B versions 11.1.15
Palo Alto Networks	GlobalProtect App	GlobalProtect App versions 6.3.x antérieures à 6.3.3-h10 pour Windows et macOS
Palo Alto Networks	N/A	WildFire WF-500 et WF-500-B versions 11.2.7 antérieures à 11.2.7-h13
Palo Alto Networks	GlobalProtect App	GlobalProtect App versions 6.2.x antérieures à 6.2.8-h10 (6.2.8-948)
Palo Alto Networks	N/A	WildFire WF-500 et WF-500-B versions 11.2.4 antérieures à 11.2.4-h17
Palo Alto Networks	PAN-OS	PAN-OS versions 11.1.6 antérieures à 11.1.6-h32
Palo Alto Networks	PAN-OS	PAN-OS versions 11.1.13 antérieures à 11.1.13-h5
Palo Alto Networks	PAN-OS	PAN-OS versions 10.2.10 antérieures à 10.2.10-h36
Palo Alto Networks	PAN-OS	PAN-OS versions 11.2.7 antérieures à 11.2.7-h13
Palo Alto Networks	N/A	WildFire WF-500 et WF-500-B versions 12.1.7
Palo Alto Networks	N/A	Trust Protection Foundation versions 25.1.x antérieures à 25.1.8
Palo Alto Networks	PAN-OS	PAN-OS versions 10.2.13 antérieures à 10.2.13-h21

References

Title

Publication Time

Tags

Bulletin de sécurité Palo Alto Networks CVE-2026-0242	2026-05-13	vendor-advisory
Bulletin de sécurité Palo Alto Networks CVE-2026-0251	2026-05-13	vendor-advisory
Bulletin de sécurité Palo Alto Networks CVE-2026-0238	2026-05-13	vendor-advisory
Bulletin de sécurité Palo Alto Networks CVE-2026-0263	2026-05-13	vendor-advisory
Bulletin de sécurité Palo Alto Networks CVE-2026-0259	2026-05-13	vendor-advisory
Bulletin de sécurité Palo Alto Networks CVE-2026-0257	2026-05-13	vendor-advisory
Bulletin de sécurité Palo Alto Networks CVE-2026-0262	2026-05-13	vendor-advisory
Bulletin de sécurité Palo Alto Networks CVE-2026-0243	2026-05-13	vendor-advisory
Bulletin de sécurité Palo Alto Networks CVE-2026-0247	2026-05-13	vendor-advisory
Bulletin de sécurité Palo Alto Networks CVE-2026-0261	2026-05-13	vendor-advisory
Bulletin de sécurité Palo Alto Networks CVE-2026-0240	2026-05-13	vendor-advisory
Bulletin de sécurité Palo Alto Networks CVE-2026-0239	2026-05-13	vendor-advisory
Bulletin de sécurité Palo Alto Networks CVE-2026-0248	2026-05-13	vendor-advisory
Bulletin de sécurité Palo Alto Networks CVE-2026-0246	2026-05-13	vendor-advisory
Bulletin de sécurité Palo Alto Networks PAN-SA-2026-0007	2026-05-13	vendor-advisory
Bulletin de sécurité Palo Alto Networks CVE-2026-0265	2026-05-13	vendor-advisory
Bulletin de sécurité Palo Alto Networks CVE-2026-0250	2026-05-13	vendor-advisory
Bulletin de sécurité Palo Alto Networks CVE-2026-0264	2026-05-13	vendor-advisory
Bulletin de sécurité Palo Alto Networks CVE-2026-0256	2026-05-13	vendor-advisory
Bulletin de sécurité Palo Alto Networks CVE-2026-0241	2026-05-13	vendor-advisory
Bulletin de sécurité Palo Alto Networks CVE-2026-0245	2026-05-13	vendor-advisory
Bulletin de sécurité Palo Alto Networks CVE-2026-0258	2026-05-13	vendor-advisory
Bulletin de sécurité Palo Alto Networks CVE-2026-0249	2026-05-13	vendor-advisory
Bulletin de sécurité Palo Alto Networks CVE-2026-0244	2026-05-13	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "WildFire WF-500 et WF-500-B versions 12.1.4 ant\u00e9rieures \u00e0 12.1.4-h5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "GlobalProtect App versions 6.0.x ant\u00e9rieures \u00e0 6.0.14 pour Android et ChromeOS",
      "product": {
        "name": "GlobalProtect App",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Prisma Access versions 10.2.x ant\u00e9rieures \u00e0 10.2.10-h36",
      "product": {
        "name": "Prisma Access Browser",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 11.2.12",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Prisma SD-WAN ION versions 6.3.x ant\u00e9rieures \u00e0 6.3.6-b10",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "WildFire WF-500 et WF-500-B versions 11.1.13 ant\u00e9rieures \u00e0 11.1.13-h5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "GlobalProtect App versions 6.0.x ant\u00e9rieures \u00e0 6.0.11 pour Linux",
      "product": {
        "name": "GlobalProtect App",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "WildFire WF-500 et WF-500-B versions 11.2.10 ant\u00e9rieures \u00e0 11.2.10-h6",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "GlobalProtect App versions 6.1.x ant\u00e9rieures \u00e0 6.1.13 pour Android et ChomeOS",
      "product": {
        "name": "GlobalProtect App",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 11.2.7 ant\u00e9rieures \u00e0 11.2.7-h14",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Prisma Access Agent versions 25.x et 26.x ant\u00e9rieures \u00e0 26.2.1 pour Android et ChromeOS",
      "product": {
        "name": "Prisma Access Browser",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "WildFire WF-500 et WF-500-B versions 10.2.7 ant\u00e9rieures \u00e0 10.2.7-h34",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 11.2.4 ant\u00e9rieures \u00e0 11.2.4-h17",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "WildFire WF-500 et WF-500-B versions 11.1.6 ant\u00e9rieures \u00e0 11.1.6-h32",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Prisma SD-WAN ION versions 6.5.x ant\u00e9rieures \u00e0 6.5.3-b15",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "WildFire WF-500 et WF-500-B versions 10.2.13 ant\u00e9rieures \u00e0 10.2.13-h21",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 11.1.15",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Prisma SD-WAN ION versions 6.4.x ant\u00e9rieures \u00e0 6.4.3-b8",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 10.2.7 ant\u00e9rieures \u00e0 10.2.7-h34",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Chronosphere Chronocollector  versions ant\u00e9rieures \u00e0 v0.116.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 12.1.7",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Broker VM versions 30.0.x ant\u00e9rieures \u00e0 30.0.24",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "WildFire WF-500 et WF-500-B versions 11.1.7 ant\u00e9rieures \u00e0 11.1.7-h6",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "WildFire WF-500 et WF-500-B versions 11.1.10 ant\u00e9rieures \u00e0 11.1.10-h25",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Trust Protection Foundation versions 24.1.x ant\u00e9rieures \u00e0 24.1.13",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 11.1.10 ant\u00e9rieures \u00e0 11.1.10-h25",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "WildFire WF-500 et WF-500-B versions 11.2.12",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 11.2.10 ant\u00e9rieures \u00e0 11.2.10-h7",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "GlobalProtect App versions 6.0.x ant\u00e9rieures \u00e0 6.0.13 pour macOS et Windows",
      "product": {
        "name": "GlobalProtect App",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 10.2.16 ant\u00e9rieures \u00e0 10.2.16-h7",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 11.1.7 ant\u00e9rieures \u00e0 11.1.7-h6",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 12.1.4 ant\u00e9rieures \u00e0 12.1.4-h5",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Prisma Browser versions ant\u00e9rieures \u00e0 148.6.3.96",
      "product": {
        "name": "Prisma Access Browser",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Trust Protection Foundation versions 24.3.x ant\u00e9rieures \u00e0 24.3.6",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "WildFire WF-500 et WF-500-B versions 11.1.4 ant\u00e9rieures \u00e0 11.1.4-h33",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 11.1.4 ant\u00e9rieures \u00e0 11.1.4-h33",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "WildFire WF-500 et WF-500-B versions 10.2.10 ant\u00e9rieures \u00e0 10.2.10-h36",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "WildFire WF-500 et WF-500-B versions 10.2.18 ant\u00e9rieures \u00e0 10.2.18-h6",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Trust Protection Foundation versions 25.3.x ant\u00e9rieures \u00e0 25.3.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 12.1.4 ant\u00e9rieures \u00e0 12.1.4-h6",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 11.2.10 ant\u00e9rieures \u00e0 11.2.10-h6",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Prisma Access Agent (Endpoint DLP) versions 25.x \u00e0 26.x ant\u00e9rieures \u00e0 26.2.1 pour Windows et macOS",
      "product": {
        "name": "Prisma Access Browser",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 10.2.18 ant\u00e9rieures \u00e0 10.2.18-h6",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Prisma Access versions 11.2.x ant\u00e9rieures \u00e0 11.2.7-h13",
      "product": {
        "name": "Prisma Access Browser",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "WildFire WF-500 et WF-500-B versions 10.2.16 ant\u00e9rieures \u00e0 10.2.16-h7",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "GlobalProtect App versions 6.3.x ant\u00e9rieures \u00e0 6.3.3-h2 pour Linux",
      "product": {
        "name": "GlobalProtect App",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "GlobalProtect UWP App versions 6.3 ant\u00e9rieures \u00e0 6.3.3-h10",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "WildFire WF-500 et WF-500-B versions 11.1.15",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "GlobalProtect App versions 6.3.x ant\u00e9rieures \u00e0 6.3.3-h10 pour Windows et macOS",
      "product": {
        "name": "GlobalProtect App",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "WildFire WF-500 et WF-500-B versions 11.2.7 ant\u00e9rieures \u00e0 11.2.7-h13",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "GlobalProtect App versions 6.2.x ant\u00e9rieures \u00e0 6.2.8-h10 (6.2.8-948)",
      "product": {
        "name": "GlobalProtect App",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "WildFire WF-500 et WF-500-B versions 11.2.4 ant\u00e9rieures \u00e0 11.2.4-h17",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 11.1.6 ant\u00e9rieures \u00e0 11.1.6-h32",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 11.1.13 ant\u00e9rieures \u00e0 11.1.13-h5",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 10.2.10 ant\u00e9rieures \u00e0 10.2.10-h36",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 11.2.7 ant\u00e9rieures \u00e0 11.2.7-h13",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "WildFire WF-500 et WF-500-B versions 12.1.7",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Trust Protection Foundation versions 25.1.x ant\u00e9rieures \u00e0 25.1.8",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 10.2.13 ant\u00e9rieures \u00e0 10.2.13-h21",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "L\u0027\u00e9diteur indique que des correctifs seront publi\u00e9s le 28 mai 2026.",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2026-4678",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4678"
    },
    {
      "name": "CVE-2026-4448",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4448"
    },
    {
      "name": "CVE-2026-5914",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5914"
    },
    {
      "name": "CVE-2026-5289",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5289"
    },
    {
      "name": "CVE-2026-4460",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4460"
    },
    {
      "name": "CVE-2026-5886",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5886"
    },
    {
      "name": "CVE-2026-4445",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4445"
    },
    {
      "name": "CVE-2026-5278",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5278"
    },
    {
      "name": "CVE-2026-4444",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4444"
    },
    {
      "name": "CVE-2026-4673",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4673"
    },
    {
      "name": "CVE-2026-0264",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0264"
    },
    {
      "name": "CVE-2026-0241",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0241"
    },
    {
      "name": "CVE-2026-0251",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0251"
    },
    {
      "name": "CVE-2026-4456",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4456"
    },
    {
      "name": "CVE-2026-5272",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5272"
    },
    {
      "name": "CVE-2026-7359",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-7359"
    },
    {
      "name": "CVE-2026-4464",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4464"
    },
    {
      "name": "CVE-2026-8022",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-8022"
    },
    {
      "name": "CVE-2026-7361",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-7361"
    },
    {
      "name": "CVE-2026-5291",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5291"
    },
    {
      "name": "CVE-2026-4457",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4457"
    },
    {
      "name": "CVE-2026-4461",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4461"
    },
    {
      "name": "CVE-2026-5876",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5876"
    },
    {
      "name": "CVE-2026-6921",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-6921"
    },
    {
      "name": "CVE-2026-4447",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4447"
    },
    {
      "name": "CVE-2026-5284",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5284"
    },
    {
      "name": "CVE-2026-5881",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5881"
    },
    {
      "name": "CVE-2026-5282",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5282"
    },
    {
      "name": "CVE-2026-0249",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0249"
    },
    {
      "name": "CVE-2026-4442",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4442"
    },
    {
      "name": "CVE-2026-0263",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0263"
    },
    {
      "name": "CVE-2026-5283",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5283"
    },
    {
      "name": "CVE-2026-4676",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4676"
    },
    {
      "name": "CVE-2026-0265",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0265"
    },
    {
      "name": "CVE-2026-4675",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4675"
    },
    {
      "name": "CVE-2026-0244",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0244"
    },
    {
      "name": "CVE-2026-0258",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0258"
    },
    {
      "name": "CVE-2026-4446",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4446"
    },
    {
      "name": "CVE-2026-4679",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4679"
    },
    {
      "name": "CVE-2026-4674",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4674"
    },
    {
      "name": "CVE-2026-0256",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0256"
    },
    {
      "name": "CVE-2026-0261",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0261"
    },
    {
      "name": "CVE-2026-5274",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5274"
    },
    {
      "name": "CVE-2026-4463",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4463"
    },
    {
      "name": "CVE-2026-5909",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5909"
    },
    {
      "name": "CVE-2026-0243",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0243"
    },
    {
      "name": "CVE-2026-0242",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0242"
    },
    {
      "name": "CVE-2026-4441",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4441"
    },
    {
      "name": "CVE-2026-0239",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0239"
    },
    {
      "name": "CVE-2026-7981",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-7981"
    },
    {
      "name": "CVE-2026-5276",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5276"
    },
    {
      "name": "CVE-2026-6305",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-6305"
    },
    {
      "name": "CVE-2026-0250",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0250"
    },
    {
      "name": "CVE-2026-4439",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4439"
    },
    {
      "name": "CVE-2026-5893",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5893"
    },
    {
      "name": "CVE-2026-5285",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5285"
    },
    {
      "name": "CVE-2026-4452",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4452"
    },
    {
      "name": "CVE-2026-4462",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4462"
    },
    {
      "name": "CVE-2026-4680",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4680"
    },
    {
      "name": "CVE-2026-0237",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0237"
    },
    {
      "name": "CVE-2026-4677",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4677"
    },
    {
      "name": "CVE-2026-5919",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5919"
    },
    {
      "name": "CVE-2026-6361",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-6361"
    },
    {
      "name": "CVE-2026-0238",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0238"
    },
    {
      "name": "CVE-2026-8018",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-8018"
    },
    {
      "name": "CVE-2026-7363",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-7363"
    },
    {
      "name": "CVE-2026-5273",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5273"
    },
    {
      "name": "CVE-2026-4458",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4458"
    },
    {
      "name": "CVE-2026-4459",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4459"
    },
    {
      "name": "CVE-2026-0246",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0246"
    },
    {
      "name": "CVE-2026-4450",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4450"
    },
    {
      "name": "CVE-2026-5275",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5275"
    },
    {
      "name": "CVE-2026-4455",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4455"
    },
    {
      "name": "CVE-2026-0262",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0262"
    },
    {
      "name": "CVE-2026-5280",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5280"
    },
    {
      "name": "CVE-2026-5286",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5286"
    },
    {
      "name": "CVE-2026-0257",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0257"
    },
    {
      "name": "CVE-2026-5884",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5884"
    },
    {
      "name": "CVE-2026-5287",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5287"
    },
    {
      "name": "CVE-2026-4449",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4449"
    },
    {
      "name": "CVE-2026-5277",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5277"
    },
    {
      "name": "CVE-2026-7343",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-7343"
    },
    {
      "name": "CVE-2026-5292",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5292"
    },
    {
      "name": "CVE-2026-5290",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5290"
    },
    {
      "name": "CVE-2026-0245",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0245"
    },
    {
      "name": "CVE-2026-0248",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0248"
    },
    {
      "name": "CVE-2026-0235",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0235"
    },
    {
      "name": "CVE-2026-4451",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4451"
    },
    {
      "name": "CVE-2026-4440",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4440"
    },
    {
      "name": "CVE-2026-0247",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0247"
    },
    {
      "name": "CVE-2026-0236",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0236"
    },
    {
      "name": "CVE-2026-5281",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5281"
    },
    {
      "name": "CVE-2026-0240",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0240"
    },
    {
      "name": "CVE-2026-4443",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4443"
    },
    {
      "name": "CVE-2026-5288",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5288"
    },
    {
      "name": "CVE-2026-0259",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0259"
    },
    {
      "name": "CVE-2026-5279",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5279"
    },
    {
      "name": "CVE-2026-4453",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4453"
    },
    {
      "name": "CVE-2026-4454",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4454"
    }
  ],
  "initial_release_date": "2026-05-15T00:00:00",
  "last_revision_date": "2026-05-15T00:00:00",
  "links": [],
  "reference": "CERTFR-2026-AVI-0596",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2026-05-15T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Injection SQL (SQLi)"
    },
    {
      "description": "Falsification de requ\u00eates c\u00f4t\u00e9 serveur (SSRF)"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Palo Alto Networks. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Palo Alto Networks",
  "vendor_advisories": [
    {
      "published_at": "2026-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2026-0242",
      "url": "https://security.paloaltonetworks.com/CVE-2026-0242"
    },
    {
      "published_at": "2026-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2026-0251",
      "url": "https://security.paloaltonetworks.com/CVE-2026-0251"
    },
    {
      "published_at": "2026-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2026-0238",
      "url": "https://security.paloaltonetworks.com/CVE-2026-0238"
    },
    {
      "published_at": "2026-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2026-0263",
      "url": "https://security.paloaltonetworks.com/CVE-2026-0263"
    },
    {
      "published_at": "2026-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2026-0259",
      "url": "https://security.paloaltonetworks.com/CVE-2026-0259"
    },
    {
      "published_at": "2026-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2026-0257",
      "url": "https://security.paloaltonetworks.com/CVE-2026-0257"
    },
    {
      "published_at": "2026-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2026-0262",
      "url": "https://security.paloaltonetworks.com/CVE-2026-0262"
    },
    {
      "published_at": "2026-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2026-0243",
      "url": "https://security.paloaltonetworks.com/CVE-2026-0243"
    },
    {
      "published_at": "2026-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2026-0247",
      "url": "https://security.paloaltonetworks.com/CVE-2026-0247"
    },
    {
      "published_at": "2026-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2026-0261",
      "url": "https://security.paloaltonetworks.com/CVE-2026-0261"
    },
    {
      "published_at": "2026-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2026-0240",
      "url": "https://security.paloaltonetworks.com/CVE-2026-0240"
    },
    {
      "published_at": "2026-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2026-0239",
      "url": "https://security.paloaltonetworks.com/CVE-2026-0239"
    },
    {
      "published_at": "2026-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2026-0248",
      "url": "https://security.paloaltonetworks.com/CVE-2026-0248"
    },
    {
      "published_at": "2026-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2026-0246",
      "url": "https://security.paloaltonetworks.com/CVE-2026-0246"
    },
    {
      "published_at": "2026-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks PAN-SA-2026-0007",
      "url": "https://security.paloaltonetworks.com/PAN-SA-2026-0007"
    },
    {
      "published_at": "2026-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2026-0265",
      "url": "https://security.paloaltonetworks.com/CVE-2026-0265"
    },
    {
      "published_at": "2026-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2026-0250",
      "url": "https://security.paloaltonetworks.com/CVE-2026-0250"
    },
    {
      "published_at": "2026-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2026-0264",
      "url": "https://security.paloaltonetworks.com/CVE-2026-0264"
    },
    {
      "published_at": "2026-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2026-0256",
      "url": "https://security.paloaltonetworks.com/CVE-2026-0256"
    },
    {
      "published_at": "2026-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2026-0241",
      "url": "https://security.paloaltonetworks.com/CVE-2026-0241"
    },
    {
      "published_at": "2026-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2026-0245",
      "url": "https://security.paloaltonetworks.com/CVE-2026-0245"
    },
    {
      "published_at": "2026-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2026-0258",
      "url": "https://security.paloaltonetworks.com/CVE-2026-0258"
    },
    {
      "published_at": "2026-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2026-0249",
      "url": "https://security.paloaltonetworks.com/CVE-2026-0249"
    },
    {
      "published_at": "2026-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2026-0244",
      "url": "https://security.paloaltonetworks.com/CVE-2026-0244"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2026-0248 (GCVE-0-2026-0248)

Vulnerability from cvelistv5

CERTFR-2026-AVI-0596

Vulnerability from certfr_avis

Solutions

Tags

Sightings

Nomenclature