cbcvebase.
CVE-2026-0249
published 2026-05-13

CVE-2026-0249: Multiple improper certificate validation vulnerabilities in the Palo Alto Networks GlobalProtect™ app enables an attacker to intercept encrypted communications…

PriorityP423medium4.9CVSS 4.0
AVAACLATPPRNUINVCHVIHVANSCNSINSANEUCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUNRUVDREMUAmber
EPSS
0.11%
1.6th percentile
Multiple improper certificate validation vulnerabilities in the Palo Alto Networks GlobalProtect™ app enables an attacker to intercept encrypted communications and potentially compromise the endpoint. This can enable a local non-administrative operating system user or an attacker on the same subnet to redirect traffic to an unauthorized server and facilitate the installation of malicious software. The GlobalProtect app on Linux, Windows, iOS and GlobalProtect UWP app are not affected.

Affected

6 ranges
VendorProductVersion rangeFixed in
palo_alto_networksglobalprotect_app>= 6.0.0 < 6.0.146.0.14
palo_alto_networksglobalprotect_app>= 6.0.0 < 6.0.136.0.13
palo_alto_networksglobalprotect_app>= 6.1.0 < 6.1.136.1.13
palo_alto_networksglobalprotect_app>= 6.2.0 < 6.2.8-h10 (6.2.8-948)6.2.8-h10 (6.2.8-948)
palo_alto_networksglobalprotect_app>= 6.3.0 < 6.3.3-h9 (6.3.3-999)6.3.3-h9 (6.3.3-999)
paloaltoglobalprotect_app

CVSS provenance

nvdv4.04.9MEDIUMCVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:D/RE:M/U:Amber
cisa8.8HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.