cbcvebase.
CVE-2026-0250
published 2026-05-13

CVE-2026-0250: A buffer overflow vulnerability exists in the Palo Alto Networks GlobalProtect™ app that enables a man in the middle attacker to disrupt system processes and…

PriorityP431medium5.2CVSS 4.0
AVAACLATPPRNUINVCHVIHVAHSCNSINSANEUCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUNRUVDREMUAmber
EPSS
0.21%
11.0th percentile
A buffer overflow vulnerability exists in the Palo Alto Networks GlobalProtect™ app that enables a man in the middle attacker to disrupt system processes and potentially execute arbitrary code with SYSTEM privileges. This vulnerability is triggered during the processing of requests and responses exchanged between Portal and Gateway. The GlobalProtect app on iOS is not affected.

Affected

10 ranges
VendorProductVersion rangeFixed in
palo_alto_networksglobalprotect_app>= 6.0 < 6.0.136.0.13
palo_alto_networksglobalprotect_app>= 6.0 < 6.0.146.0.14
palo_alto_networksglobalprotect_app>= 6.0.0 < 6.0.116.0.11
palo_alto_networksglobalprotect_app>= 6.1 < 6.1.136.1.13
palo_alto_networksglobalprotect_app>= 6.2.0 < 6.2.8-h10 (6.2.8-948)6.2.8-h10 (6.2.8-948)
palo_alto_networksglobalprotect_app>= 6.3.0 < 6.3.3-h9 (6.3.3-999)6.3.3-h9 (6.3.3-999)
palo_alto_networksglobalprotect_app>= 6.3.0 < 6.3.3-h2 (6.3.3-42)6.3.3-h2 (6.3.3-42)
palo_alto_networksglobalprotect_uwp_app>= 6.3 < 6.3.3-h106.3.3-h10
paloaltoglobalprotect_app
paloaltoglobalprotect_uwp_app
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.