CVE-2026-0250— GlobalProtect App: Buffer Overflow Vulnerability during connection to Portal or Gateway
Possible ATT&CK Techniques 3AI
T1557 · Adversary-in-the-Middle T1055 · Process Injection T1190 · Exploit Public-Facing ApplicationAffected Version Matrix 9
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Palo Alto Networks | GlobalProtect App | 6.3.0< 6.3.3-h9 (6.3.3-999) | affected |
6.2.0< 6.2.8-h10 (6.2.8-948) | affected | ||
6.1< 6.1.13 | affected | ||
6.3.0< 6.3.3-h2 (6.3.3-42) | affected | ||
6.0.0< 6.0.11 | affected | ||
6.0< 6.0.13 | affected | ||
6.0< 6.0.14 | affected | ||
All | unaffected | ||
| Palo Alto Networks | GlobalProtect UWP App | 6.3< 6.3.3-h10 | affected |
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-0250
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
GlobalProtect App: Buffer Overflow Vulnerability during connection to Portal or Gateway
Source: NVD (National Vulnerability Database)
Vulnerability Description
A buffer overflow vulnerability exists in the Palo Alto Networks GlobalProtect™ app that enables a man in the middle attacker to disrupt system processes and potentially execute arbitrary code with SYSTEM privileges. This vulnerability is triggered during the processing of requests and responses exchanged between Portal and Gateway. The GlobalProtect app on iOS is not affected.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
跨界内存写
Source: NVD (National Vulnerability Database)
Vulnerability Title
Palo Alto Networks GlobalProtect app 缓冲区错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Palo Alto Networks GlobalProtect app是美国派拓网络(Palo Alto Networks)公司的一款网络防护软件。 Palo Alto Networks GlobalProtect app存在缓冲区错误漏洞,该漏洞源于缓冲区溢出问题,可能导致中间人攻击者中断系统进程并以SYSTEM权限执行任意代码,该漏洞在Portal和Gateway之间交换请求和响应的处理过程中触发。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Palo Alto Networks | GlobalProtect App | 6.3.0 ~ 6.3.3-h9 (6.3.3-999) | - | |
| Palo Alto Networks | GlobalProtect App | 6.1 ~ 6.1.13 | - | |
| Palo Alto Networks | GlobalProtect App | 6.3.0 ~ 6.3.3-h2 (6.3.3-42) | - | |
| Palo Alto Networks | GlobalProtect App | 6.0 ~ 6.0.13 | - | |
| Palo Alto Networks | GlobalProtect App | 6.0 ~ 6.0.14 | - | |
| Palo Alto Networks | GlobalProtect UWP App | 6.3 ~ 6.3.3-h10 | - | |
| Palo Alto Networks | GlobalProtect App | - | - |
II. Public POCs for CVE-2026-0250
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-0250
请登录查看更多情报信息。
Advisory · 1
Same Patch Batch · Palo Alto Networks · 2026-05-13 · 26 CVEs total
| CVE-2026-0256 | PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in the Web Interface | |
| CVE-2026-0242 | Trust Protection Foundation: SQL Injection Vulnerability | |
| CVE-2026-0258 | PAN-OS: Server-Side Request Forgery (SSRF) in IKEv2 Certificate URL Fetching | |
| CVE-2026-0245 | Prisma Access Agent: Information Disclosure Vulnerabilities | |
| CVE-2026-0259 | WildFire WF-500 and WF-500-B: Arbitrary File Read and Delete Vulnerability in WildFire App | |
| CVE-2026-0236 | Prisma Browser: Code Injection Enables Security Controls Bypass | |
| CVE-2026-0241 | Trust Protection Foundation: Multiple Authorization Bypass Vulnerabilities | |
| CVE-2026-0261 | PAN-OS: Authenticated Admin Command Injection Vulnerability | |
| CVE-2026-0265 | PAN-OS: Authentication Bypass with Cloud Authentication Service (CAS) enabled | |
| CVE-2026-0243 | Prisma SD-WAN: Denial of Service (DoS) Vulnerability Through IPv6 Crafted Packet | |
| CVE-2026-0262 | PAN-OS: Denial of Service Vulnerabilities in Network Traffic Parsing | |
| CVE-2026-0237 | Prisma Browser: Improperly Restricted Automation Bridge Allows Security Bypass | |
| CVE-2026-0247 | Prisma Access Agent Endpoint DLP: Authorization Bypass Vulnerabilities | |
| CVE-2026-0263 | PAN-OS: Remote Code Execution (RCE) in IKEv2 Processing | |
| CVE-2026-0238 | Broker VM: Improper Input Validation in Broker VM Certificate and Key Fields | |
| CVE-2026-0264 | PAN-OS: Heap-Based Buffer Overflow in DNS Proxy and DNS Server Allows Unauthenticated Remo | |
| CVE-2026-0235 | Prisma Browser: Access and Data Rule Bypass | |
| CVE-2026-0251 | GlobalProtect App: Local Privilege Escalation Vulnerabilities | |
| CVE-2026-0249 | GlobalProtect App: Certificate Validation Bypass Vulnerabilities | |
| CVE-2026-0240 | Trust Protection Foundation: Sensitive Information Disclosure Vulnerability |
Showing top 20 of 26 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same product: GlobalProtect App
- CVE-2026-0249
GlobalProtect App: Certificate Validation Bypass Vulnerabili - CVE-2026-0251
GlobalProtect App: Local Privilege Escalation Vulnerabilitie - CVE-2025-2183
GlobalProtect App: Improper Certificate Validation Leads to - CVE-2025-2179
GlobalProtect App: Non Admin User Can Disable the GlobalProt - CVE-2025-0141
GlobalProtect App: Privilege Escalation (PE) Vulnerability
Same vendor: Palo Alto Networks
- CVE-2026-0243
Prisma SD-WAN: Denial of Service (DoS) Vulnerability Through - CVE-2026-0248
Prisma Access Agent: Improper Certificate Validation Vulnera - CVE-2026-0242
Trust Protection Foundation: SQL Injection Vulnerability - CVE-2026-0244
Prisma SD-WAN: Improper Certificate Validation Vulnerability - CVE-2026-0241
Trust Protection Foundation: Multiple Authorization Bypass V
V. Comments for CVE-2026-0250
No comments yet