CVSS: 4.9EPSS: 0%CPEs: 3EXPL: 0CVE-2026-0249 – GlobalProtect App: Certificate Validation Bypass Vulnerabilities
https://notcve.org/view.php?id=CVE-2026-0249
13 May 2026 — Multiple improper certificate validation vulnerabilities in the Palo Alto Networks GlobalProtect™ app enables an attacker to intercept encrypted communications and potentially compromise the endpoint. This can enable a local non-administrative operating system user or an attacker on the same subnet to redirect traffic to an unauthorized server and facilitate the installation of malicious software. The GlobalProtect app on Linux, Windows, iOS and GlobalProtect UWP app are not affected. • https://security.paloaltonetworks.com/CVE-2026-0249 • CWE-295: Improper Certificate Validation •
CVSS: 5.2EPSS: 0%CPEs: 4EXPL: 0CVE-2026-0250 – GlobalProtect App: Buffer Overflow Vulnerability during connection to Portal or Gateway
https://notcve.org/view.php?id=CVE-2026-0250
13 May 2026 — A buffer overflow vulnerability exists in the Palo Alto Networks GlobalProtect™ app that enables a man in the middle attacker to disrupt system processes and potentially execute arbitrary code with SYSTEM privileges. This vulnerability is triggered during the processing of requests and responses exchanged between Portal and Gateway. The GlobalProtect app on iOS is not affected. • https://security.paloaltonetworks.com/CVE-2026-0250 • CWE-787: Out-of-bounds Write •
CVSS: 5.9EPSS: 0%CPEs: 3EXPL: 0CVE-2026-0251 – GlobalProtect App: Local Privilege Escalation Vulnerabilities
https://notcve.org/view.php?id=CVE-2026-0251
13 May 2026 — Multiple local privilege escalation vulnerabilities in the Palo Alto Networks GlobalProtect™ app allow a local user to escalate their privileges to NT AUTHORITY\SYSTEM on Windows and root on macOS and Linux. This enables a non-administrative user to execute arbitrary commands with administrative privileges. The GlobalProtect app on iOS, Android, Chrome OS and GlobalProtect UWP app are not affected. • https://security.paloaltonetworks.com/CVE-2026-0251 • CWE-426: Untrusted Search Path •
CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0CVE-2025-2183 – GlobalProtect App: Improper Certificate Validation Leads to Privilege Escalation
https://notcve.org/view.php?id=CVE-2025-2183
13 Aug 2025 — An insufficient certificate validation issue in the Palo Alto Networks GlobalProtect™ app enables attackers to connect the GlobalProtect app to arbitrary servers. This can enable a local non-administrative operating system user or an attacker on the same subnet to install malicious root certificates on the endpoint and subsequently install malicious software signed by the malicious root certificates on that endpoint. Un problema de validación de certificados insuficiente en la aplicación GlobalProtect™ de P... • https://security.paloaltonetworks.com/CVE-2025-2183 • CWE-295: Improper Certificate Validation •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-2179 – GlobalProtect App: Non Admin User Can Disable the GlobalProtect App
https://notcve.org/view.php?id=CVE-2025-2179
29 Jul 2025 — An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect™ App on Linux devices enables a locally authenticated non administrative user to disable the app even if the GlobalProtect app configuration would not normally permit them to do so. The GlobalProtect app on Windows, macOS, iOS, Android, Chrome OS and GlobalProtect UWP app are not affected. Una vulnerabilidad de asignación incorrecta de privilegios en la aplicación Palo Alto Networks GlobalProtect™ en dispositivos Linux p... • https://security.paloaltonetworks.com/CVE-2025-2179 • CWE-266: Incorrect Privilege Assignment •
CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 0CVE-2025-0141 – GlobalProtect App: Privilege Escalation (PE) Vulnerability
https://notcve.org/view.php?id=CVE-2025-0141
09 Jul 2025 — An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect™ App on enables a locally authenticated non administrative user to escalate their privileges to root on macOS and Linux or NT AUTHORITY\SYSTEM on Windows. The GlobalProtect app on iOS, Android, Chrome OS and GlobalProtect UWP app are not affected. • https://security.paloaltonetworks.com/CVE-2025-0141 • CWE-426: Untrusted Search Path •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-0140 – GlobalProtect App: Non Admin User Can Disable the GlobalProtect App
https://notcve.org/view.php?id=CVE-2025-0140
09 Jul 2025 — An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect™ App on macOS and Linux devices enables a locally authenticated non administrative user to disable the app even if the GlobalProtect app configuration would not normally permit them to do so. The GlobalProtect app on Windows, iOS, Android, Chrome OS and GlobalProtect UWP app are not affected. An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect™ App on macOS devices enables a locally au... • https://security.paloaltonetworks.com/CVE-2025-0140 • CWE-266: Incorrect Privilege Assignment •
CVSS: 3.6EPSS: 0%CPEs: 2EXPL: 0CVE-2025-4227 – GlobalProtect App: Interception in Endpoint Traffic Policy Enforcement
https://notcve.org/view.php?id=CVE-2025-4227
13 Jun 2025 — An improper access control vulnerability in the Endpoint Traffic Policy Enforcement https://docs.paloaltonetworks.com/globalprotect/6-0/globalprotect-app-new-features/new-features-released-in-gp-app/endpoint-traffic-policy-enforcement feature of the Palo Alto Networks GlobalProtect™ app allows certain packets to remain unencrypted instead of being properly secured within the tunnel. An attacker with physical access to the network can inject rogue devices to intercept these packets. Under normal operating co... • https://security.paloaltonetworks.com/CVE-2025-4227 • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-4232 – GlobalProtect: Authenticated Code Injection Through Wildcard on macOS
https://notcve.org/view.php?id=CVE-2025-4232
12 Jun 2025 — An improper neutralization of wildcards vulnerability in the log collection feature of Palo Alto Networks GlobalProtect™ app on macOS allows a non administrative user to escalate their privileges to root. • https://security.paloaltonetworks.com/CVE-2025-4232 • CWE-155: Improper Neutralization of Wildcards or Matching Symbols •
CVSS: 5.2EPSS: 0%CPEs: 2EXPL: 0CVE-2025-0135 – GlobalProtect App on macOS: Non Admin User Can Disable the GlobalProtect App
https://notcve.org/view.php?id=CVE-2025-0135
14 May 2025 — An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect™ App on macOS devices enables a locally authenticated non administrative user to disable the app. The GlobalProtect app on Windows, Linux, iOS, Android, Chrome OS and GlobalProtect UWP app are not affected. • https://security.paloaltonetworks.com/CVE-2025-0135 • CWE-266: Incorrect Privilege Assignment •