CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2026-0300

Known Exploited (CISA KEV)HIGH
7.6
CVSS Severity Score
EPSS Score39.2150%
EPSS Percentile91.70th
Published2026年5月6日
Last Modified2026年6月12日

Vulnerability Description

Palo Alto Networks PAN-OS is vulnerable to Palo Alto Networks PAN-OS Out-of-bounds Write Vulnerability. Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. Until the vendor releases an official fix, the following workaround should be implemented: - Restrict User-ID Authentication Portal access to only trusted zones. - Disable User-ID Authentication Portal if not required. 5/13/2026: Palo Alto has released a variety of patches. If these are relevant to your environment, please apply the designated patch.

Affected Platforms (CPE)

📦
Palo Alto Networks

PAN-OS

Refer to description

相關漏洞威脅

CVE-2020-202110.0

When Security Assertion Markup Language (SAML) authentication is enabled and the 'Validate Identity Provider Certificate' option i...

CVE-2012-659210.0

Palo Alto Networks PAN-OS before 3.1.10 and 4.0.x before 4.0.5 allows remote attackers to execute arbitrary commands via unspecifi...

CVE-2019-1744010.0

Improper restriction of communications to Log Forwarding Card (LFC) on PA-7000 Series devices with second-generation Switch Manage...

CVE-2012-659310.0

Palo Alto Networks PAN-OS before 3.1.10 and 4.0.x before 4.0.4 allows remote attackers to execute arbitrary commands via unspecifi...