10
CVEs
0
Critical
1
High
0
KEV
0
PoC
1
Unpatched C/H
0.0%
Patch Rate
0.0%
Avg EPSS
Severity Breakdown
CRITICAL
0
HIGH
1
MEDIUM
2
LOW
3
Monthly CVE Trend
Affected Products (15)
Top Risky CVEs
| CVE | Summary | Severity | CVSS | EPSS | Priority | Signals |
|---|---|---|---|---|---|---|
| CVE-2026-0227 | Unauthenticated remote attackers can crash Palo Alto Networks PAN-OS firewalls through repeated requests, forcing the devices into maintenance mode and causing denial of service. This vulnerability affects Palo Alto firewalls and Prisma Access deployments with no available patch, creating ongoing operational risk. The attack requires no authentication or user interaction and can be exploited over the network. | HIGH | 7.5 | 0.0% | 38 |
No patch
|
| CVE-2025-20373 | In Splunk Add-on for Palo Alto Networks versions below 2.0.2, the add-on exposes client secrets in plain text in the _internal index during the addition of new “Data Security Accounts“. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available. | LOW | 2.7 | 0.0% | 14 |
No patch
|
| CVE-2026-0229 | A denial-of-service (DoS) vulnerability in the Advanced DNS Security (ADNS) feature of Palo Alto Networks PAN-OS® software enables an unauthenticated attacker to initiate system reboots using a maliciously crafted packet. | – | 0.0% | 0 |
No patch
|
|
| CVE-2026-0230 | A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on macOS allows a local administrator to disable the agent. This issue could be leveraged by malware to perform malicious activity without detection. | – | 0.0% | 0 |
No patch
|
|
| CVE-2026-0231 | An information disclosure vulnerability in Palo Alto Networks Cortex XDR® Broker VM allows an authenticated user to obtain and modify sensitive information by triggering live terminal session via Cortex UI and modifying any configuration setting. | – | 0.0% | 0 |
No patch
|
|
| CVE-2026-0228 | An improper certificate validation vulnerability in PAN-OS allows users to connect Terminal Server Agents on Windows to PAN-OS using expired certificates even if the PAN-OS configuration would not normally permit them to do so. | – | 0.0% | 0 |
No patch
|
|
| CVE-2025-4619 | A denial-of-service (DoS) vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to reboot a firewall by sending a specially crafted packet through the dataplane. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available. | MEDIUM | 6.6 | 0.1% | – |
No patch
|
| CVE-2025-4616 | An insufficient validation of an untrusted input vulnerability in Palo Alto Networks Prisma® Browser allows a locally authenticated non-admin user to revert the browser’s security controls. Rated low severity (CVSS 1.1), this vulnerability is low attack complexity. No vendor patch available. | LOW | 1.1 | 0.0% | – |
No patch
|
| CVE-2025-4617 | An insufficient policy enforcement vulnerability in Palo Alto Networks Prisma® Browser on Windows allows a locally authenticated non-admin user to bypass the screenshot control feature of the. Rated low severity (CVSS 1.1), this vulnerability is low attack complexity. No vendor patch available. | LOW | 1.1 | 0.0% | – |
No patch
|
| CVE-2025-4618 | A sensitive information disclosure vulnerability in Palo Alto Networks Prisma® Browser allows a locally authenticated non-admin user to retrieve sensitive data from Prisma Browser. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available. | MEDIUM | 4.4 | 0.0% | – |
No patch
|