|
211
|
7.5 |
HIGH
Network
|
-
|
-
|
kafka-python prior to 2.3.2 contains a denial-of-service vulnerability in the protocol parser that allows a malicious broker or machine-in-the-middle attacker to exhaust memory or hang connections by…
New
|
CWE-789
Memory Allocation with Excessive Size Value
|
CVE-2026-10142
|
2026-06-12 00:22 |
2026-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212
|
7.5 |
HIGH
Network
|
-
|
-
|
kafka-python prior to 2.3.2 contains a denial-of-service vulnerability in SCRAM authentication handling that allows a malicious or machine-in-the-middle broker to freeze the client event loop by supp…
New
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2026-10143
|
2026-06-12 00:22 |
2026-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213
|
- |
|
-
|
-
|
A cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS® software enables a malicious authenticated administrator to store a JavaScript payload using the web interface.
This issue i…
New
|
CWE-79
Cross-site Scripting
|
CVE-2026-0266
|
2026-06-12 00:21 |
2026-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214
|
- |
|
-
|
-
|
An information exposure vulnerability in the Palo Alto Networks GlobalProtect app on macOS enables a local user to learn the configured passcodes for disabling, disconnecting, or uninstalling the Glo…
New
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2026-0267
|
2026-06-12 00:21 |
2026-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215
|
- |
|
-
|
-
|
A security control bypass vulnerability in Prisma Access Agent for Linux allows a local attacker to route network traffic outside the VPN tunnel.
This does not impact Prisma Access Agent on Window…
New
|
CWE-424
Improper Protection of Alternate Path
|
CVE-2026-0268
|
2026-06-12 00:21 |
2026-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
216
|
- |
|
-
|
-
|
A memory corruption vulnerability in the processing of tunnel traffic in Palo Alto Networks PAN-OS® software allows an authenticated user to initiate system reboots using a maliciously crafted packet…
New
|
CWE-754
Improper Check for Unusual or Exceptional Conditions
|
CVE-2026-0269
|
2026-06-12 00:21 |
2026-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
217
|
- |
|
-
|
-
|
A path traversal vulnerability in Palo Alto Networks Cortex XSOAR engine software running on Linux allows an unauthenticated attacker on an adjacent network, with the ability to intercept and manipu…
New
|
CWE-22
Path Traversal
|
CVE-2026-0270
|
2026-06-12 00:21 |
2026-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218
|
- |
|
-
|
-
|
A privilege escalation (PE) vulnerability in the Palo Alto Networks Prisma Access Agent app on Linux devices enables a local user to execute code with elevated privileges.
This does not impact Pri…
New
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2026-0271
|
2026-06-12 00:21 |
2026-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219
|
- |
|
-
|
-
|
A privilege escalation vulnerability in Palo Alto Networks PAN-OS® software allows an authenticated administrator with access to the Command Line Interface (CLI) to perform actions on the device with…
New
|
CWE-862
Missing Authorization
|
CVE-2026-0272
|
2026-06-12 00:21 |
2026-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220
|
- |
|
-
|
-
|
A command injection vulnerability in Palo Alto Networks PAN-OS® software enables an authenticated administrator to bypass system restrictions and run arbitrary commands as a root user. To be able to …
New
|
CWE-78
OS Command
|
CVE-2026-0273
|
2026-06-12 00:21 |
2026-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
