CVE-2026-0272
published 2026-06-10CVE-2026-0272: A privilege escalation vulnerability in Palo Alto Networks PAN-OS® software allows an authenticated administrator with access to the Command Line Interface…
PriorityP337medium6CVSS 4.0
AVNACLATNPRHUINVCHVIHVANSCNSINSANEUCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUNRUVCREMUAmber
EPSS
0.24%
15.2th percentile
A privilege escalation vulnerability in Palo Alto Networks PAN-OS® software allows an authenticated administrator with access to the Command Line Interface (CLI) to perform actions on the device with root privileges.
The security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of administrators and by restricting access to the management interface to only trusted internal IP addresses according to our recommended best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 .
This issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series).
Cloud NGFW, and Prisma® Access are not impacted by this vulnerability.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| palo_alto_networks | pan-os | >= 10.2.0 < 10.2.7-h35 | 10.2.7-h35 |
| palo_alto_networks | pan-os | >= 11.1.0 < 11.1.4-h34 | 11.1.4-h34 |
| palo_alto_networks | pan-os | >= 11.2.0 < 11.2.4-h18 | 11.2.4-h18 |
| palo_alto_networks | pan-os | >= 12.1.0 < 12.1.4-h7 | 12.1.4-h7 |
| paloalto | cloud_ngfw | — | — |
| paloalto | pan-os | — | — |
| paloalto | prisma_access | — | — |
CVSS provenance
nvdv4.06.0MEDIUMCVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:C/RE:M/U:Amber
vendor_redhat9.2CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
A privilege escalation vulnerability in Palo Alto Networks PAN-OS® software allows an authenticated administrator with access to the Command Line Interface (CLI) to perform actions on the device with
ghsa_unreviewed·2026-06-11
CVE-2026-0272 [MEDIUM] CWE-862 A privilege escalation vulnerability in Palo Alto Networks PAN-OS® software allows an authenticated administrator with access to the Command Line Interface (CLI) to perform actions on the device with
A privilege escalation vulnerability in Palo Alto Networks PAN-OS® software allows an authenticated administrator with access to the Command Line Interface (CLI) to perform actions on the device with root privileges.
The security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of administrators and by restricting access to the management interface to only trusted internal IP addresses according to our recommended best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 .
This issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series).
Cloud NGFW, and Prisma® Access are n
Red Hat
vim: Vim: Arbitrary code execution via crafted file
vendor_redhat·2026-03-30·CVSS 9.2
CVE-2026-34714 [CRITICAL] CWE-917 vim: Vim: Arbitrary code execution via crafted file
vim: Vim: Arbitrary code execution via crafted file
Vim before 9.2.0272 allows code execution that happens immediately upon opening a crafted file in the default configuration, because %{expr} injection occurs with tabpanel lacking P_MLE.
A flaw was found in Vim. This vulnerability allows an attacker to execute malicious code on a user's system. This occurs when a user opens a specially crafted file, leading to immediate code execution due to a vulnerability in how Vim handles expressions within its tabpanel feature.
Mitigation: Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Package: vim (Red Hat Enter
Palo Alto
PAN-OS: Privilege Escalation (PE) Vulnerability in the Command Line Interface (CLI)
vendor_paloalto·CVSS 6.0
CVE-2026-0272 [MEDIUM] CWE-862 PAN-OS: Privilege Escalation (PE) Vulnerability in the Command Line Interface (CLI)
PAN-OS: Privilege Escalation (PE) Vulnerability in the Command Line Interface (CLI)
A privilege escalation vulnerability in Palo Alto Networks PAN-OS® software allows an authenticated administrator with access to the Command Line Interface (CLI) to perform actions on the device with root privileges.
The security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of administrators and by restricting access to the management interface to only trusted internal IP addresses according to our recommended best practice deployment guidelines (https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431).
This issue is applicable to PAN-OS software on PA-Series and VM-Series fir
No detection rules found.
No public exploits indexed.
2026-06-10
Published