363
CVEs
42
Critical
113
High
14
KEV
25
PoC
143
Unpatched C/H
14.0%
Patch Rate
4.1%
Avg EPSS
Severity Breakdown
CRITICAL
42
HIGH
113
MEDIUM
175
LOW
29
Monthly CVE Trend
Affected Products (30)
Pan Os
217
Globalprotect
27
Prisma Access
17
Cortex Xdr Agent
15
Windows
13
Cloud Ngfw
12
Expedition
12
Cortex Xsoar
8
macOS
7
Jwt Attack
5
Globalprotect App
4
Android
4
Traps
4
Prisma Browser
4
Chrome
4
Prisma Cloud
3
Terminal Services Agent
3
PHP
2
Globalprotect Uwp App
2
Prisma Sd Wan Ion
2
Fedora
2
Prisma Access Agent
2
Session Fixation
2
Global Protect App
1
Wildfire Wf 500 And Wf 500 B
1
Autonomous Digital Experience Manager
1
Netconnect
1
Python
1
Expedition Migration Tool
1
Broker Vm
1
Top Risky CVEs
| CVE | Summary | Severity | CVSS | EPSS | Priority | Signals |
|---|---|---|---|---|---|---|
| CVE-2017-15944 | Palo Alto Networks PAN-OS before 6.1.19, 7.0.x before 7.0.19, 7.1.x before 7.1.14, and 8.0.x before 8.0.6 allows remote attackers to execute arbitrary code via vectors involving the management. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and public exploit code available. | CRITICAL | 9.8 | 94.0% | 228 |
KEV
PoC
No patch
|
| CVE-2025-0108 | Palo Alto Networks PAN-OS management web interface contains an authentication bypass allowing unauthenticated attackers to invoke PHP scripts, potentially leading to system compromise when chained with other vulnerabilities. | HIGH | 8.8 | 94.1% | 208 |
KEV
PoC
No patch
|
| CVE-2025-0107 | Palo Alto Networks Expedition contains an unauthenticated OS command injection vulnerability that allows attackers to execute arbitrary commands as the www-data user. Successful exploitation exposes firewall usernames, cleartext passwords, device configurations, and API keys for PAN-OS managed firewalls. | HIGH | 7.7 | 79.8% | 138 |
PoC
No patch
|
| CVE-2026-0300 | Remote code execution in Palo Alto Networks PAN-OS User-ID Authentication Portal (Captive Portal) allows unauthenticated attackers to execute arbitrary code with root privileges on PA-Series and VM-Series firewalls via specially crafted packets. CISA KEV confirms active exploitation in the wild with publicly available exploit code. EPSS risk assessment is not provided, but the vulnerability achieves maximum impact with minimal attack complexity (CVSS 9.3, AV:N/AC:L/PR:N), making this a critical priority for immediate remediation. The attack surface is significantly reduced when access to the portal is restricted to trusted internal networks per vendor best practices. | CRITICAL | 9.3 | 14.9% | 136 |
KEV
PoC
|
| CVE-2016-9150 | Buffer overflow in the management web interface in Palo Alto Networks PAN-OS before 5.0.20, 5.1.x before 5.1.13, 6.0.x before 6.0.15, 6.1.x before 6.1.15, 7.0.x before 7.0.11, and 7.1.x before 7.1.6. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 62.8%. | CRITICAL | 9.8 | 62.8% | 132 |
PoC
No patch
|
| CVE-2026-0257 | Authentication bypass in the GlobalProtect portal and gateway of Palo Alto Networks PAN-OS allows remote attackers to establish unauthorized VPN connections without valid credentials. The flaw is confirmed actively exploited (CISA KEV) and publicly available exploit code exists, though EPSS remains low at 0.05%, suggesting targeted rather than mass exploitation. Panorama and Cloud NGFW deployments are not affected, but PAN-OS firewalls and Prisma Access tenants running vulnerable trains are exposed. | HIGH | 7.8 | 0.1% | 109 |
KEV
PoC
|
| CVE-2025-0111 | Palo Alto Networks PAN-OS management interface contains an authenticated file read vulnerability allowing reading of files accessible to the 'nobody' user, exploited alongside CVE-2025-0108 for configuration extraction. | HIGH | 7.1 | 3.6% | 89 |
KEV
No patch
|
| CVE-2024-5910 | Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an Expedition admin account takeover for attackers with network access to Expedition. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available. | CRITICAL | 9.3 | 91.8% | 82 |
KEV
PoC
No patch
|
| CVE-2024-0012 | An authentication bypass in Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to gain PAN-OS administrator privileges to. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available. | CRITICAL | 9.3 | 99.7% | 82 |
KEV
PoC
No patch
|
| CVE-2020-2038 | An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available. | HIGH | 7.2 | 86.1% | 71 |
PoC
No patch
|
| CVE-2024-9463 | An OS command injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames,. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available. | CRITICAL | 9.9 | 98.4% | 70 |
KEV
PoC
No patch
|
| CVE-2024-9474 | A privilege escalation vulnerability in Palo Alto Networks PAN-OS software allows a PAN-OS administrator with access to the management web interface to perform actions on the firewall with root. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available. | MEDIUM | 6.9 | 94.8% | 70 |
KEV
PoC
No patch
|
| CVE-2018-10143 | The Palo Alto Networks Expedition Migration tool 1.0.107 and earlier may allow an unauthenticated attacker with remote access to run system level commands on the device hosting this. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available. | CRITICAL | 9.8 | 24.8% | 69 |
PoC
No patch
|
| CVE-2024-9465 | An SQL injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations,. Rated critical severity (CVSS 9.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available. | CRITICAL | 9.2 | 99.6% | 66 |
KEV
PoC
No patch
|
| CVE-2020-2036 | A reflected cross-site scripting (XSS) vulnerability exists in the PAN-OS management web interface. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available. | HIGH | 8.8 | 23.9% | 64 |
PoC
No patch
|