CVE-2026-0251
GlobalProtect App: Local Privilege Escalation Vulnerabilities
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th
Multiple local privilege escalation vulnerabilities in the Palo Alto Networks GlobalProtect™ app allow a local user to escalate their privileges to NT AUTHORITY\SYSTEM on Windows and root on macOS and Linux. This enables a non-administrative user to execute arbitrary commands with administrative privileges. The GlobalProtect app on iOS, Android, Chrome OS and GlobalProtect UWP app are not affected.
| CWE | CWE-426 |
| Vendor | palo alto networks |
| Product | globalprotect app |
| Published | May 13, 2026 |
| Last Updated | May 13, 2026 |
Stay Ahead of the Next One
Get instant alerts for palo alto networks globalprotect app
Be the first to know when new unknown vulnerabilities affecting palo alto networks globalprotect app are published — delivered to Slack, Telegram or Discord.
Get Free Alerts →
Free · No credit card · 60 sec setup
Affected Versions
Palo Alto Networks / GlobalProtect App
6.3.0 < 6.3.3-h9 (6.3.3-999) 6.2.0 < 6.2.8-h10 (6.2.8-948) 6.0.0 < 6.0.13
Palo Alto Networks / GlobalProtect App
6.3.0 < 6.3.3-h9 (6.3.3-999) 6.2.0 < 6.2.8-h10 (6.2.8-948) 6.0.0 < 6.0.13
Palo Alto Networks / GlobalProtect App
6.3.0 < 6.3.3-h2 (6.3.3-42) 6.0.0 < 6.0.11
Palo Alto Networks / Global Protect App
All versions affected References
Credits
Palo Alto Networks thanks our internal security research teams for discovering and reporting this issue.