PAN-SA-2025-0003 Informational: PAN-OS BIOS and Bootloader Security Bulletin (Severity: INFORMATIONAL) July 19, 2025June 24, 2025
CVE-2025-0138 Prisma Cloud Compute Edition: Insufficient Session Expiration Vulnerability in the Web Interface (Severity: LOW) July 19, 2025June 23, 2025
CVE-2025-4227 GlobalProtect App: Interception in Endpoint Traffic Policy Enforcement (Severity: LOW) July 19, 2025June 13, 2025
CVE-2025-0125 PAN-OS: Improper Neutralization of Input in the Management Web Interface (Severity: MEDIUM) July 19, 2025June 12, 2025
CVE-2025-0115 PAN-OS: Authenticated Admin File Read Vulnerability in PAN-OS CLI (Severity: MEDIUM) July 19, 2025June 12, 2025
CVE-2025-4231 PAN-OS: Authenticated Admin Command Injection Vulnerability in the Management Web Interface (Severity: MEDIUM) July 19, 2025June 11, 2025
CVE-2025-4228 Cortex XDR Broker VM: Privilege Escalation (PE) Vulnerability (Severity: LOW) July 19, 2025June 11, 2025
PAN-SA-2025-0011 Chromium and Prisma Access Browser: Monthly Vulnerability Update (June 2025) (Severity: HIGH) July 19, 2025June 11, 2025
PAN-SA-2025-0009 Chromium: Monthly Vulnerability Update (May 2025) (Severity: HIGH) July 19, 2025May 15, 2025
CVE-2025-0134 Cortex XDR Broker VM: Authenticated Code Injection Vulnerability in Broker VM (Severity: LOW) July 19, 2025May 14, 2025
CVE-2025-0131 GlobalProtect App: Incorrect Privilege Management Vulnerability in OPSWAT MetaDefender Endpoint Security SDK (Severity: MEDIUM) July 19, 2025May 14, 2025
CVE-2025-0132 Cortex XDR Broker VM: Unauthenticated User Can Disable Internal Services (Severity: LOW) July 19, 2025May 14, 2025
CVE-2025-0130 PAN-OS: Firewall Denial-of-Service (DoS) in the Web-Proxy Feature via a Burst of Maliciously Crafted Packets (Severity: MEDIUM) July 19, 2025May 14, 2025
CVE-2024-3094 Informational: Impact of Malicious Code in XZ Tools and Libraries (CVE-2024-3094) (Severity: NONE) April 1, 2024
CVE-2024-2432 GlobalProtect App: Local Privilege Escalation (PE) Vulnerability (Severity: MEDIUM) March 13, 2024March 13, 2024
CVE-2024-2433 PAN-OS: Improper Privilege Management Vulnerability in Panorama Software Leads to Availability Loss (Severity: MEDIUM) March 13, 2024March 13, 2024
CVE-2024-2431 GlobalProtect App: Local User Can Disable GlobalProtect (Severity: MEDIUM) March 13, 2024March 13, 2024
PAN-SA-2024-0002 Impact of Leaky Vessels Vulnerabilities (CVE-2024-21626, CVE-2024-23651, CVE-2024-23652, and CVE-2024-23653) (Severity: NONE) February 22, 2024February 22, 2024
CVE-2024-0011 PAN-OS: Reflected Cross-Site Scripting (XSS) Vulnerability in Captive Portal Authentication (Severity: MEDIUM) February 14, 2024February 14, 2024
CVE-2024-0009 PAN-OS: Improper IP Address Verification in GlobalProtect Gateway (Severity: MEDIUM) February 14, 2024February 14, 2024