Security Alert (A26-05-24): Multiple Vulnerabilities in Palo Alto Products


 

Published on: 14 May 2026

Description:

Palo Alto has published the security advisories to address multiple vulnerabilities in several Palo Alto products. The detailed information about the vulnerabilities can be found at:
https://security.paloaltonetworks.com/CVE-2026-0249
https://security.paloaltonetworks.com/CVE-2026-0250
https://security.paloaltonetworks.com/CVE-2026-0251
https://security.paloaltonetworks.com/CVE-2026-0256
https://security.paloaltonetworks.com/CVE-2026-0257
https://security.paloaltonetworks.com/CVE-2026-0258
https://security.paloaltonetworks.com/CVE-2026-0261
https://security.paloaltonetworks.com/CVE-2026-0262
https://security.paloaltonetworks.com/CVE-2026-0263
https://security.paloaltonetworks.com/CVE-2026-0264
https://security.paloaltonetworks.com/CVE-2026-0265

 

Affected Systems:

  • GlobalProtect App 6.0 versions prior to 6.0.14 on Android, 6.0.14 on ChromeOS, 6.0.13 on macOS, 6.0.11 on Linux, 6.0.13 on Windows
  • GlobalProtect App 6.1 versions prior to 6.1.13 on Android, 6.1.13 on ChromeOS
  • GlobalProtect App 6.2 versions prior to 6.2.8-h10 (6.2.8-948) on macOS, 6.2.8-h10 (6.2.8-948) on Windows
  • GlobalProtect App 6.3 versions prior to 6.3.3-h9 (6.3.3-999) on macOS, 6.3.3-h2 (6.3.3-42) on Linux, 6.3.3-h9 (6.3.3-999) on Windows
  • GlobalProtect UWP App 6.3 versions prior to 6.3.3-h10 on Windows
  • PAN-OS 10.2 versions prior to 10.2.7-h34, 10.2.10-h36, 10.2.13-h21, 10.2.16-h7, 10.2.18-h6
  • PAN-OS 11.1 versions prior to 11.1.4-h33, 11.1.6-h32, 11.1.7-h6, 11.1.10-h25, 11.1.13-h5, 11.1.15
  • PAN-OS 11.2 versions prior to 11.2.4-h17, 11.2.7-h14, 11.2.10-h7, 11.2.12
  • PAN-OS 12.1 versions prior to 12.1.4-h6, 12.1.7
  • Prisma Access 10.2.0 versions prior to 10.2.10-h36
  • Prisma Access 11.2.0 versions prior to 11.2.7-h13

For detailed information of the affected systems, please refer to the corresponding security advisories at vendor's website.

 

Impact:

Successful exploitation of the vulnerabilities could lead to remote code execution, denial of service, elevation of privilege or security restriction bypass on an affected system.

 

Recommendation:

Patches for affected systems are now available. For detailed information of the available patches, please refer to the section "Solution" of corresponding security advisory at vendor's website.

System administrators of affected systems should follow the recommendations provided by the vendor and take immediate actions to mitigate the risk.

 

More Information:

  • https://security.paloaltonetworks.com/CVE-2026-0249
  • https://security.paloaltonetworks.com/CVE-2026-0250
  • https://security.paloaltonetworks.com/CVE-2026-0251
  • https://security.paloaltonetworks.com/CVE-2026-0256
  • https://security.paloaltonetworks.com/CVE-2026-0257
  • https://security.paloaltonetworks.com/CVE-2026-0258
  • https://security.paloaltonetworks.com/CVE-2026-0261
  • https://security.paloaltonetworks.com/CVE-2026-0262
  • https://security.paloaltonetworks.com/CVE-2026-0263
  • https://security.paloaltonetworks.com/CVE-2026-0264
  • https://security.paloaltonetworks.com/CVE-2026-0265
  • https://www.hkcert.org/security-bulletin/palo-alto-products-multiple-vulnerabilities_20260514
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0249 (to CVE-2026-0251)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0256 (to CVE-2026-0258)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0261 (to CVE-2026-0265)


Tag: Palo Alto
Tags