Security Alert (A26-06-24): Multiple Vulnerabilities in Palo Alto Products


 

Published on: 11 June 2026

Description:

Palo Alto has published the security advisories to address multiple vulnerabilities in several Palo Alto products. The detailed information about the vulnerabilities can be found at:
https://security.paloaltonetworks.com/CVE-2026-0266
https://security.paloaltonetworks.com/CVE-2026-0267
https://security.paloaltonetworks.com/CVE-2026-0268
https://security.paloaltonetworks.com/CVE-2026-0269
https://security.paloaltonetworks.com/CVE-2026-0270
https://security.paloaltonetworks.com/CVE-2026-0271
https://security.paloaltonetworks.com/CVE-2026-0272
https://security.paloaltonetworks.com/CVE-2026-0273
https://security.paloaltonetworks.com/CVE-2026-0274
https://security.paloaltonetworks.com/PAN-SA-2026-0008
https://security.paloaltonetworks.com/PAN-SA-2026-0009

 

Affected Systems:

  • Cortex XSOAR versions 8.10
  • Cortex XSOAR versions 8.11
  • Cortex XSOAR versions 8.12
  • Cortex XSOAR on Linux versions 8.13 prior to 8.13.0.11
  • Cortex XSOAR CommvaultSecurityIQ Marketplace versions 1.1.0 prior to 1.2.0
  • Cortex XSIAM CommvaultSecurityIQ Marketplace versions 1.1.0 prior to 1.2.0
  • GlobalProtect App on macOS versions 6.2 prior to 6.2.8-h2
  • GlobalProtect App on macOS versions 6.3 prior to 6.3.3-h1
  • PAN-OS versions 10.2
  • PAN-OS versions 11.1 prior to 11.1.15
  • PAN-OS versions 11.2 prior to 11.2.12
  • PAN-OS versions 12.1 prior to 12.1.7
  • Prisma Access Agent on Linux versions prior to 26.2.1
  • Prisma Browser versions prior to 148.18.4.217

For detailed information of the affected systems, please refer to the corresponding security advisories at vendor's website.

 

Impact:

Successful exploitation of the vulnerabilities could lead to remote code execution, denial of service, elevation of privilege, information disclosure, security restriction bypass, spoofing or tampering on an affected system.

 

Recommendation:

Patches for affected systems are now available. For detailed information of the available patches, please refer to the section "Solution" of corresponding security advisory at vendor's website.

System administrators of affected systems should follow the recommendations provided by the vendor and take immediate actions to mitigate the risk.

 

More Information:

  • https://security.paloaltonetworks.com/CVE-2026-0266
  • https://security.paloaltonetworks.com/CVE-2026-0267
  • https://security.paloaltonetworks.com/CVE-2026-0268
  • https://security.paloaltonetworks.com/CVE-2026-0269
  • https://security.paloaltonetworks.com/CVE-2026-0270
  • https://security.paloaltonetworks.com/CVE-2026-0271
  • https://security.paloaltonetworks.com/CVE-2026-0272
  • https://security.paloaltonetworks.com/CVE-2026-0273
  • https://security.paloaltonetworks.com/CVE-2026-0274
  • https://security.paloaltonetworks.com/PAN-SA-2026-0008
  • https://security.paloaltonetworks.com/PAN-SA-2026-0009
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0266 (to CVE-2026-0274)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8509 (to CVE-2026-8587)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9110 (to CVE-2026-9118)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9120 (to CVE-2026-9121)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9123 (to CVE-2026-9124)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9126
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9872 (to CVE-2026-10022)


Tag: Palo Alto
Tags