Main Vulnerability Database SB2026051512

SB2026051512 - Improper Certificate Validation in Palo Alto GlobalProtect App

Published: May 15, 2026

Security Bulletin ID SB2026051512

CSH Severity

Medium

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Adjecent network

Highest impact Data manipulation

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 vulnerability.

1) Improper Certificate Validation (CVE-ID: CVE-2026-0249)

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to improper certificate validation. A remote attacker on the local network can intercept encrypted communications and redirect traffic to an unauthorized server and facilitate the installation of malicious software.

Remediation

Install update from vendor's website.

References

https://security.paloaltonetworks.com/CVE-2026-0249