Reports
AI-generated structured vendor updates
Palo Alto Networks
Other
2026-07-12
Palo Alto Networks PAN-OS Vulnerabilities: Buffer Overflow and Active Exploitation
Palo Alto Networks disclosed 13 PAN-OS vulnerabilities, with the most critical being CVE-2026-0288 (CVSS 9.2), a buffer overflow in User-ID TSA allowing unauthenticated RCE. CVE-2026-0257, an authentication bypass in GlobalProtect, is actively exploited in the wild.
Research
Other
2026-06-30
libssh2 CVE-2026-55200: Pre-auth RCE via Malicious Server, Attack Surface Shifts to Clients
A critical heap out-of-bounds write vulnerability (CVE-2026-55200, CVSS 9.2) in libssh2 allows a malicious SSH server to achieve pre-auth RCE on connecting clients. The flaw affects curl, Git, PHP, and many other projects statically linking the library, expanding the attack surface from servers to virtually any client application, including CI/CD, backup, and embedded systems.