|
5521
|
- |
|
-
|
-
|
A race condition vulnerability in Palo Alto Networks Prisma® Browser enables a locally authenticated non-admin user to bypass certain access and data control policies.
|
CWE-754
Improper Check for Unusual or Exceptional Conditions
|
CVE-2026-0235
|
2026-05-15 01:21 |
2026-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5522
|
- |
|
-
|
-
|
A code injection vulnerability in Palo Alto Networks Prisma® Browser on macOS fails to properly restrict access to its AppleScript interface allowing a locally authenticated non-admin user to leverag…
|
CWE-94
Code Injection
|
CVE-2026-0236
|
2026-05-15 01:21 |
2026-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5523
|
- |
|
-
|
-
|
A vulnerability in Palo Alto Networks Broker VM allows an authenticated administrator to inject arbitrary content into certain Broker VM fields.
|
CWE-20
Improper Input Validation
|
CVE-2026-0238
|
2026-05-15 01:21 |
2026-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5524
|
- |
|
-
|
-
|
An information disclosure vulnerability in the Chronosphere Chronocollector enables an unauthenticated attacker with network access to the collector service to retrieve sensitive information.
|
CWE-497
Exposure of Sensitive System Information to an Unauthorized Control Sphere
|
CVE-2026-0239
|
2026-05-15 01:21 |
2026-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5525
|
- |
|
-
|
-
|
An information disclosure vulnerability in Trust Protection Foundation enables an authenticated attacker to obtain sensitive information from the server's vault. Successful exploitation of this issue…
|
CWE-497
Exposure of Sensitive System Information to an Unauthorized Control Sphere
|
CVE-2026-0240
|
2026-05-15 01:21 |
2026-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5526
|
- |
|
-
|
-
|
Incorrect Authorization vulnerabilities in Trust Protection Foundation allow attackers to bypass access controls and perform unauthorized actions on restricted resources.
|
CWE-754
Improper Check for Unusual or Exceptional Conditions
|
CVE-2026-0241
|
2026-05-15 01:21 |
2026-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5527
|
- |
|
-
|
-
|
A SQL injection vulnerability in Trust Protection Foundation allows an authenticated attacker to execute arbitrary SQL commands against the product database. Successful exploitation could allow an at…
|
CWE-89
SQL Injection
|
CVE-2026-0242
|
2026-05-15 01:21 |
2026-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5528
|
- |
|
-
|
-
|
An improper certificate validation vulnerability in the Palo Alto Networks Prisma SD-WAN ION enables man-in-the-middle (MitM) attacker to impersonate the controller.
|
CWE-295
Improper Certificate Validation
|
CVE-2026-0244
|
2026-05-15 01:21 |
2026-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5529
|
- |
|
-
|
-
|
Multiple information disclosure vulnerabilities in Prisma Access Agent® allow a local user to access sensitive configuration data and credentials.
The Prisma Access Agent on Linux, ChromeOS, Andro…
|
CWE-200
Information Exposure
|
CVE-2026-0245
|
2026-05-15 01:21 |
2026-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5530
|
- |
|
-
|
-
|
A vulnerability with a privilege management mechanism in the Palo Alto Networks Prisma Access Agent® enables a locally authenticated non-administrative user to escalate their privileges to root on ma…
|
CWE-862
Missing Authorization
|
CVE-2026-0246
|
2026-05-15 01:21 |
2026-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
