Palo Alto security advisories
19 threat alerts tracking vulnerabilities and security advisories that affect Palo Alto products.
Vulnios monitors Palo Alto CVE feeds, vendor advisories, CISA KEV listings, and exploit-prediction data continuously. Each alert below is enriched with severity, exploitation status, affected products, and a remediation path. Use this page to scan recent Palo Alto security news in one place, or click into an individual alert for full detail.
Palo Alto Warns of Active Exploitation of PAN-OS GlobalProtect VPN Flaw
The Hacker News published an news on "Palo Alto Warns of Active Exploitation of PAN-OS GlobalProtect VPN Flaw". Topic areas: zero-day, malware, ransomware, data-breach. Published June 15, 2026. See th
criticalSplunk, Palo Alto Networks Patch Severe Vulnerabilities
The security defects could allow attackers to create or modify arbitrary files and access and modify protected resources. The post Splunk, Palo Alto Networks Patch Severe Vulnerabilities appeared firs
criticalRecent Palo Alto Networks Vulnerability Exploited for Weeks
Hackers began exploiting CVE-2026-0257, an authentication bypass in Palo Alto Networks PAN-OS, four days after public disclosure. The post Recent Palo Alto Networks Vulnerability Exploited for Weeks a
criticalCVE-2026-0257Palo Alto GlobalProtect VPN auth bypass flaw now exploited in attacks
BleepingComputer published an news on "Palo Alto GlobalProtect VPN auth bypass flaw now exploited in attacks". Topic areas: ransomware, malware, data-breach, zero-day. Published May 30, 2026. See the
criticalCISA Adds One Known Exploited Vulnerability to Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-0257 Palo Alto Networks PAN-OS Authentication Bypass Vulne
criticalCVE-2026-0257Siemens RUGGEDCOM APE1808 Devices
View CSAF Summary A buffer overflow vulnerability in the User-ID™ Authentication Portal (aka Captive Portal) service of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to execute
criticalCVE-2026-0300Rapid7 Blog Advisory — May 14, 2026
OverviewOn May 13, 2026, Palo Alto Networks published a security advisory for CVE-2026-0265, a signature verification vulnerability that facilitates authentication bypass on PAN-OS, the operating syst
criticalCVE-2026-0265Siemens Ruggedcom Rox
View CSAF Summary Ruggedcom Rox contains an improper access control vulnerability that could allow an authenticated remote attacker to read arbitrary files with root privileges from the underlying ope
criticalCVE-2025-40948Siemens Ruggedcom Rox
View CSAF Summary Ruggedcom Rox contains an input validation vulnerability in the Scheduler functionality that could allow an authenticated remote attacker to execute arbitrary commands with root priv
criticalCVE-2025-40949Siemens Ruggedcom Rox
View CSAF Summary Ruggedcom Rox contains an input validation vulnerability in the feature key installation process that could allow an authenticated remote attacker to execute arbitrary commands with
criticalCVE-2025-40947Palo Alto Zero-Day Exploited in Campaign Bearing Hallmarks of Chinese State Hacking
The cybersecurity firm has not explicitly accused China of being behind the attack, but the evidence suggests it was. The post Palo Alto Zero-Day Exploited in Campaign Bearing Hallmarks of Chinese Sta
criticalPalo Alto Networks firewall zero-day exploited for nearly a month
BleepingComputer published an news on "Palo Alto Networks firewall zero-day exploited for nearly a month". Topic areas: ransomware, malware, data-breach, zero-day. Published May 7, 2026. See the origi
criticalCISA Adds One Known Exploited Vulnerability to Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-0300 Palo Alto Networks PAN-OS Out-of-bounds Write Vulnera
criticalCVE-2026-0300Rapid7 Blog Advisory — May 6, 2026
OverviewOn May 6, 2026, Palo Alto Networks published a security advisory for CVE-2026-0300, a critical unauthenticated buffer overflow vulnerability affecting PAN-OS PA-Series and VM-Series firewall a
criticalCVE-2026-0300Palo Alto Networks warns of firewall RCE zero-day exploited in attacks
Palo Alto Networks warns of firewall RCE zero-day exploited in attacks
criticalPalo Alto PAN-OS Flaw Under Active Exploitation Enables Remote Code Execution
Palo Alto PAN-OS Flaw Under Active Exploitation Enables Remote Code Execution
criticalPalo Alto Networks to Patch Zero-Day Exploited to Hack Firewalls
CVE-2026-0300 affects the Captive Portal service of PAN-OS software on PA and VM series firewalls. The post Palo Alto Networks to Patch Zero-Day Exploited to Hack Firewalls appeared first on SecurityW
criticalCVE-2026-0300Cybersecurity M&A Roundup: 33 Deals Announced in April 2026
Significant cybersecurity M&A deals announced by Airbus, Cyera, Fortra, Palo Alto Networks, Silverfort, and Socket. The post Cybersecurity M&A Roundup: 33 Deals Announced in April 2026 appeared first
criticalAI Can Autonomously Hack Cloud Systems With Minimal Oversight: Researchers
Palo Alto Networks has developed Zealot, a multi-agent penetration testing PoC capable of reconnaissance, exploitation, and exfiltration. The post AI Can Autonomously Hack Cloud Systems With Minimal O
critical
Track Palo Alto exposure across your environment
Vulnios automatically cross-references your asset inventory against new Palo Alto CVEs and surfaces only what affects you. No more sifting manually — actionable findings only.
Start a free scan