🔐 CVE Alert

CVE-2026-0250

UNKNOWN 0.0

GlobalProtect App: Buffer Overflow Vulnerability during connection to Portal or Gateway

CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th

A buffer overflow vulnerability exists in the Palo Alto Networks GlobalProtect™ app that enables a man in the middle attacker to disrupt system processes and potentially execute arbitrary code with SYSTEM privileges. This vulnerability is triggered during the processing of requests and responses exchanged between Portal and Gateway. The GlobalProtect app on iOS is not affected.

CWE CWE-787
Vendor palo alto networks
Product globalprotect app
Published May 13, 2026
Last Updated May 13, 2026
Stay Ahead of the Next One

Get instant alerts for palo alto networks globalprotect app

Be the first to know when new unknown vulnerabilities affecting palo alto networks globalprotect app are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Palo Alto Networks / GlobalProtect App
6.3.0 < 6.3.3-h9 (6.3.3-999) 6.2.0 < 6.2.8-h10 (6.2.8-948)
Palo Alto Networks / GlobalProtect App
6.1 < 6.1.13
Palo Alto Networks / GlobalProtect App
6.3.0 < 6.3.3-h2 (6.3.3-42) 6.0.0 < 6.0.11
Palo Alto Networks / GlobalProtect App
6.0 < 6.0.13
Palo Alto Networks / GlobalProtect App
6.0 < 6.0.14
Palo Alto Networks / GlobalProtect UWP App
6.3 < 6.3.3-h10
Palo Alto Networks / GlobalProtect App
All versions affected

References

NVD ↗ CVE.org ↗ EPSS Data ↗
security.paloaltonetworks.com: https://security.paloaltonetworks.com/CVE-2026-0250

Credits

our internal security research teams