Product
low
threat
CVE-2026-0279 PAN-OS: Multiple Cross-Site Scripting (XSS) Vulnerabilities
2 TTPsPalo Alto Networks has disclosed multiple low-severity cross-site scripting (XSS) vulnerabilities, CVE-2026-0279, in PAN-OS software affecting the User-ID Authentication Portal, GlobalProtect gateway/portal features, and Clientless VPN, which could allow a malicious unauthenticated user to inject and execute JavaScript in a victim's browser.
exploited
PAN-OS 12.1 +8
xss
vulnerability
firewall
network-device
web-application
2t
low
threat
CVE-2026-0282 PAN-OS: Unauthenticated File Deletion Vulnerability
An unauthenticated attacker with network access to the management web interface of Palo Alto Networks PAN-OS software can exploit CVE-2026-0282, a file deletion vulnerability, to delete files from a temporary directory, impacting PA-Series and VM-Series firewalls, and Panorama appliances.
exploited
PAN-OS 12.1 +6
vulnerability
pan-os
network-device
file-deletion