Multiple vulnerabilities in Palo Alto Networks products (July 09, 2026)
Multiple vulnerabilities have been discovered in Palo Alto Networks products. Some of them allow an attacker to cause remote arbitrary code execution, privilege escalation, and a remote denial of service.
CSIRTS triage
- What
- Multiple vulnerabilities allow an attacker to cause remote arbitrary code execution, privilege escalation, and a remote denial of service.
- Who is affected
- Deployments of various Palo Alto Networks products are affected.
- Urgency
- Remediation urgency is unknown due to unspecified severity.
- Action
- Monitor for updates and apply patches as they become available.
AI-assisted analysis generated from the source advisory — verify against the original.
Details
Original advisory: https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0853/
Exploitation outlook
EPSS (FIRST.org) estimates each CVE’s probability of exploitation in the next 30 days — here is the CSIRTS.com read on those numbers.
- Low exploitation riskCVE-2026-109270.29% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 20% of all scored CVEs.
- Low exploitation riskCVE-2026-109910.36% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 28% of all scored CVEs.
- Low exploitation riskCVE-2026-116370.26% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 18% of all scored CVEs.
- Low exploitation riskCVE-2026-112390.22% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 13% of all scored CVEs.
- Low exploitation riskCVE-2026-111820.25% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 16% of all scored CVEs.
- Low exploitation riskCVE-2026-109860.33% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 25% of all scored CVEs.
- Low exploitation riskCVE-2026-109550.38% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 30% of all scored CVEs.
- Low exploitation riskCVE-2026-111440.26% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 17% of all scored CVEs.
- Low exploitation riskCVE-2026-02810.36% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 28% of all scored CVEs.
- Low exploitation riskCVE-2026-110410.23% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 14% of all scored CVEs.
Referenced CVEs
+12 more CVEs referenced in this advisory.
Same CVEs, other sources
How other CERTs, PSIRTs and databases cover the vulnerabilities in this advisory.
- high[NEW] [high] Palo Alto Networks PAN-OS: Multiple vulnerabilitiescert-bund
- unknownCVE-2026-0283: An authentication bypass vulnerability in Large Scale VPN ( LSVPN) functionality of Palo Alto N…nvd
- unknownCVE-2026-0281: An information disclosure vulnerability in Palo Alto Networks PAN-OS® software enables an unaut…nvd
- unknownPalo Alto Products Multiple Vulnerabilitieshkcert
- highPAN-SA-2026-0010 Chromium and Prisma Browser: Monthly Vulnerability Update (July 2026) (Severity: HIGH)paloalto
- mediumCVE-2026-0283 PAN-OS: Authentication Bypass Vulnerability in Large Scale VPN (LSVPN) (Severity: MEDIUM)paloalto
- lowCVE-2026-0281 PAN-OS: Information Disclosure Vulnerability in Management Web Interface (Severity: LOW)paloalto
- unknownCVE-2026-10927: Chromium: CVE-2026-10927 Out of bounds read in Dawnmsrc
- unknownCVE-2026-11016: Chromium: CVE-2026-11016 Insufficient validation of untrusted input in Networkmsrc
- unknownCVE-2026-10922: Chromium: CVE-2026-10922 Insufficient validation of untrusted input in DevToolsmsrc
- unknownCVE-2026-10995: Chromium: CVE-2026-10995 Heap buffer overflow in TabStripmsrc
- unknownCVE-2026-10991: Chromium: CVE-2026-10991 Use after free in V8msrc
Recent advisories for Palo Alto Networks
A cluster of recent advisories against the same product widens the attack surface — attackers routinely chain freshly published CVEs on one product, so review these together.
- high[NEW] [high] Palo Alto Networks PAN-OS: Multiple vulnerabilitiescert-bund · 2026-07-10
- medium[NEW] [medium] Palo Alto Networks Cortex XDR Broker VM: Vulnerability allows privilege escalationcert-bund · 2026-07-10
- unknownCVE-2026-0276: A privilege escalation vulnerability in Palo Alto Networks Cortex® XDR Broker VM enables a loca…nvd · 2026-07-09
- unknownCVE-2026-0275: A local privilege escalation vulnerability in Palo Alto Networks Prisma® Browser allows a local…nvd · 2026-07-09
- unknownCVE-2026-0287: Multiple denial of service vulnerabilities in Palo Alto Networks PAN-OS® software allow an unau…nvd · 2026-07-09
- unknownCVE-2026-0286: A command injection vulnerability in the management plane of Palo Alto Networks PAN-OS® softwar…nvd · 2026-07-09
More from CERT-FR Avis de sécurité
- unknownVulnerability in NetApp ONTAP 9 (July 10, 2026)2026-07-10
- unknownMultiple vulnerabilities in Red Hat Linux kernel (July 10, 2026)2026-07-10
- unknownMultiple vulnerabilities in Progress MOVEit Transfer (July 10, 2026)2026-07-10
- unknownMultiple vulnerabilities in Ubuntu Linux kernel (July 10, 2026)2026-07-10
- unknownVulnerability in CPython (July 10, 2026)2026-07-10