CVE-2026-0259 (GCVE-0-2026-0259)

Vulnerability from cvelistv5 – Published: 2026-05-13 18:05 – Updated: 2026-05-13 18:57
VLAI
Title
WildFire WF-500 and WF-500-B: Arbitrary File Read and Delete Vulnerability in WildFire Appliance (WF-500, WF-500-B)
Summary
An arbitrary File Read and Delete Vulnerability in Palo Alto Networks WildFire® WF-500 and WF-500-B appliances enables users to read sensitive information and delete arbitrary files. This vulnerability affects WF-500 and WF-500-B appliances running in the default non-FIPS configuration mode. The WildFire Appliance (WF-500, WF-500-B) software update is now available to customers that use the WildFire Appliance (WF-500, WF-500-B) for on-premise sandboxing. Please note that customers using the WildFire Public cloud service are NOT impacted by this vulnerability.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-73 - External Control of File Name or Path
Assigner
References
Impacted products
Vendor Product Version
Palo Alto Networks WildFire WF-500 and WF-500-B Affected: 12.1.0 , < 12.1.7, 12.1.4-h5 (custom)
Affected: 11.2.0 , < 11.2.11,11.2.7-h7 (custom)
Affected: 11.1.0 , < 11.1.13,11.1.10-h8 (custom)
Affected: 10.2.0 , < 10.2.18-h6, 10.2.16-h7, 10.2.13-h21, 10.2.10-h36, 10.2.7-h34 (custom)
Create a notification for this product.
Date Public
2026-05-13 16:00
Credits
Palo Alto Networks thanks our internal security research teams for discovering and reporting this issue.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-0259",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-13T18:56:39.294156Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-13T18:57:18.638Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "WildFire WF-500 and WF-500-B",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "12.1.7",
                  "status": "unaffected"
                },
                {
                  "at": "12.1.4-h5",
                  "status": "unaffected"
                }
              ],
              "lessThan": "12.1.7, 12.1.4-h5",
              "status": "affected",
              "version": "12.1.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "11.2.12",
                  "status": "unaffected"
                },
                {
                  "at": "11.2.10-h6",
                  "status": "unaffected"
                },
                {
                  "at": "11.2.7-h13",
                  "status": "unaffected"
                },
                {
                  "at": "11.2.4-h17",
                  "status": "unaffected"
                }
              ],
              "lessThan": "11.2.11,11.2.7-h7",
              "status": "affected",
              "version": "11.2.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "11.1.15",
                  "status": "unaffected"
                },
                {
                  "at": "11.1.13-h5",
                  "status": "unaffected"
                },
                {
                  "at": "11.1.10-h25",
                  "status": "unaffected"
                },
                {
                  "at": "11.1.7-h6",
                  "status": "unaffected"
                },
                {
                  "at": "11.1.6-h32",
                  "status": "unaffected"
                },
                {
                  "at": "11.1.4-h33",
                  "status": "unaffected"
                }
              ],
              "lessThan": "11.1.13,11.1.10-h8",
              "status": "affected",
              "version": "11.1.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.2.18-h6",
                  "status": "unaffected"
                },
                {
                  "at": "10.2.16-h7",
                  "status": "unaffected"
                },
                {
                  "at": "10.2.13-h21",
                  "status": "unaffected"
                },
                {
                  "at": "10.2.10-h36",
                  "status": "unaffected"
                },
                {
                  "at": "10.2.7-h34",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.2.18-h6, 10.2.16-h7, 10.2.13-h21, 10.2.10-h36, 10.2.7-h34",
              "status": "affected",
              "version": "10.2.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "eng",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "No special configuration is required to be affected by this issue."
            }
          ],
          "value": "No special configuration is required to be affected by this issue."
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:palo_alto_networks:wildfire_wf-500_and_wf-500-b:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "12.1.7_12.1.4-h5",
                  "versionStartIncluding": "12.1.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:palo_alto_networks:wildfire_wf-500_and_wf-500-b:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "11.2.11_11.2.7-h7",
                  "versionStartIncluding": "11.2.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:palo_alto_networks:wildfire_wf-500_and_wf-500-b:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "11.1.13_11.1.10-h8",
                  "versionStartIncluding": "11.1.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:palo_alto_networks:wildfire_wf-500_and_wf-500-b:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.2.18-h6_10.2.16-h7_10.2.13-h21_10.2.10-h36_10.2.7-h34",
                  "versionStartIncluding": "10.2.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ],
          "operator": "OR"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "other",
          "value": "Palo Alto Networks thanks our internal security research teams for discovering and reporting this issue."
        }
      ],
      "datePublic": "2026-05-13T16:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eAn arbitrary File Read and Delete Vulnerability in Palo Alto Networks WildFire\u00ae WF-500 and WF-500-B appliances enables users to read sensitive information and delete arbitrary files. This vulnerability affects WF-500 and WF-500-B appliances running in the default non-FIPS configuration mode.\u003c/p\u003e\u003cp\u003eThe WildFire Appliance (WF-500, WF-500-B) software update is now available to customers that use the WildFire Appliance (WF-500, WF-500-B) for on-premise sandboxing.\u003c/p\u003e\u003cp\u003ePlease note that customers using the WildFire Public cloud service are NOT impacted by this vulnerability.\u003cbr\u003e\u003c/p\u003e"
            }
          ],
          "value": "An arbitrary File Read and Delete Vulnerability in Palo Alto Networks WildFire\u00ae WF-500 and WF-500-B appliances enables users to read sensitive information and delete arbitrary files. This vulnerability affects WF-500 and WF-500-B appliances running in the default non-FIPS configuration mode.\n\n\n\nThe WildFire Appliance (WF-500, WF-500-B) software update is now available to customers that use the WildFire Appliance (WF-500, WF-500-B) for on-premise sandboxing.\n\n\n\nPlease note that customers using the WildFire Public cloud service are NOT impacted by this vulnerability."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003ePalo Alto Networks is not aware of any malicious exploitation of this issue.\u003c/p\u003e"
            }
          ],
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-597",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-597 Absolute Path Traversal"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "YES",
            "Recovery": "USER",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 5,
            "baseSeverity": "MEDIUM",
            "exploitMaturity": "UNREPORTED",
            "privilegesRequired": "LOW",
            "providerUrgency": "AMBER",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "CONCENTRATED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/AU:Y/R:U/V:C/RE:M/U:Amber",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "LOW",
            "vulnerabilityResponseEffort": "MODERATE"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-73",
              "description": "CWE-73 External Control of File Name or Path",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-13T18:05:45.862Z",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2026-0259"
        }
      ],
      "solutions": [
        {
          "lang": "eng",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003ctable class=\"tbl\"\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eVersion\u003c/th\u003e\u003cth\u003eMinor Version Range\u003c/th\u003e\u003cth\u003eSuggested Solution\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003eWildFire WF-500 and WF-500-B 12.1\u003c/td\u003e\u003ctd\u003e12.1.5 through 12.1.6\u003c/td\u003e\u003ctd\u003eUpgrade to 12.1.7 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e12.1.2 through 12.1.4-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 12.1.4-h5 or 12.1.7 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eWildFire WF-500 and WF-500-B 11.2\u003c/td\u003e\u003ctd\u003e11.2.11 or later\u003c/td\u003e\u003ctd\u003eUpgrade to 11.2.12 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.2.8 through 11.2.10-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.2.10-h6 or 11.2.12 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.2.5 through 11.2.7-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.2.7-h13 or 11.2.12 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.2.0 through 11.2.4-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.2.4-h17 or 11.2.12 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eWildFire WF-500 and WF-500-B 11.1\u003c/td\u003e\u003ctd\u003e11.1.14 or later\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.15 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.1.11 through 11.1.13-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.13-h5 or 11.1.15 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.1.8 through 11.1.10-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.10-h25 or 11.1.15 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.1.7 through 11.1.7-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.7-h6 or 11.1.15 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.1.5 through 11.1.6-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.6-h32 or 11.1.15 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.1.0 through 11.1.4-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.4-h33 or 11.1.15 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eWildFire WF-500 and WF-500-B 10.2\u003c/td\u003e\u003ctd\u003e10.2.17 through 10.2.18-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.18-h6 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e10.2.14 through 10.2.16-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.16-h7 or 10.2.18-h6 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e10.2.11 through 10.2.13-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.13-h21 or 10.2.18-h6 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e10.2.8 through 10.2.10-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.10-h36 or 10.2.18-h6 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e10.2.0 through 10.2.7-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.7-h34 or 10.2.18-h6 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eWildFire WF-500 and WF-500-B 10.1\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e\u0026nbsp;All (EoL)\u003c/td\u003e\u003ctd\u003eNo fix planned. Upgrade to a supported version.\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e"
            }
          ],
          "value": "VERSION                             MINOR VERSION RANGE          SUGGESTED SOLUTION\nWildFire WF-500 and WF-500-B 12.1   12.1.5 through 12.1.6        Upgrade to 12.1.7 or later.\n                                    12.1.2 through 12.1.4-h*     Upgrade to 12.1.4-h5 or 12.1.7 or later.\nWildFire WF-500 and WF-500-B 11.2   11.2.11 or later             Upgrade to 11.2.12 or later.\n                                    11.2.8 through 11.2.10-h*    Upgrade to 11.2.10-h6 or 11.2.12 or later.\n                                    11.2.5 through 11.2.7-h*     Upgrade to 11.2.7-h13 or 11.2.12 or later.\n                                    11.2.0 through 11.2.4-h*     Upgrade to 11.2.4-h17 or 11.2.12 or later.\nWildFire WF-500 and WF-500-B 11.1   11.1.14 or later             Upgrade to 11.1.15 or later.\n                                    11.1.11 through 11.1.13-h*   Upgrade to 11.1.13-h5 or 11.1.15 or later.\n                                    11.1.8 through 11.1.10-h*    Upgrade to 11.1.10-h25 or 11.1.15 or later.\n                                    11.1.7 through 11.1.7-h*     Upgrade to 11.1.7-h6 or 11.1.15 or later.\n                                    11.1.5 through 11.1.6-h*     Upgrade to 11.1.6-h32 or 11.1.15 or later.\n                                    11.1.0 through 11.1.4-h*     Upgrade to 11.1.4-h33 or 11.1.15 or later.\nWildFire WF-500 and WF-500-B 10.2   10.2.17 through 10.2.18-h*   Upgrade to 10.2.18-h6 or later.\n                                    10.2.14 through 10.2.16-h*   Upgrade to 10.2.16-h7 or 10.2.18-h6 or later.\n                                    10.2.11 through 10.2.13-h*   Upgrade to 10.2.13-h21 or 10.2.18-h6 or later.\n                                    10.2.8 through 10.2.10-h*    Upgrade to 10.2.10-h36 or 10.2.18-h6 or later.\n                                    10.2.0 through 10.2.7-h*     Upgrade to 10.2.7-h34 or 10.2.18-h6 or later.\nWildFire WF-500 and WF-500-B 10.1    All (EoL)                   No fix planned. Upgrade to a supported version."
        }
      ],
      "source": {
        "discovery": "INTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2026-05-13T16:00:00.000Z",
          "value": "Initial publication."
        }
      ],
      "title": "WildFire WF-500 and WF-500-B: Arbitrary File Read and Delete Vulnerability in WildFire Appliance (WF-500, WF-500-B)",
      "workarounds": [
        {
          "lang": "eng",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eFor airgapped deployments, we strongly recommend that you secure WildFire 500 appliances by restricting access to only trusted internal IP addresses.\u003c/p\u003e\u003cp\u003eCustomers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat ID 510010 (Applications and Threats content version 9100-10044 and later). \u003cbr\u003e\u003c/p\u003e\u003cb\u003e\u003c/b\u003e\u003cp\u003ePlease note that this Threat ID requires SSL Decryption.\u003c/p\u003e"
            }
          ],
          "value": "For airgapped deployments, we strongly recommend that you secure WildFire 500 appliances by restricting access to only trusted internal IP addresses.\n\nCustomers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat ID 510010 (Applications and Threats content version 9100-10044 and later).\n\n\nPlease note that this Threat ID requires SSL Decryption."
        }
      ],
      "x_affectedList": [
        "WildFire WF-500 and WF-500-B 12.1.0",
        "WildFire WF-500 and WF-500-B 12.1.1",
        "WildFire WF-500 and WF-500-B 12.1.2",
        "WildFire WF-500 and WF-500-B 12.1.3",
        "WildFire WF-500 and WF-500-B 11.2.0",
        "WildFire WF-500 and WF-500-B 11.2.1",
        "WildFire WF-500 and WF-500-B 11.2.2",
        "WildFire WF-500 and WF-500-B 11.2.3",
        "WildFire WF-500 and WF-500-B 11.1.0",
        "WildFire WF-500 and WF-500-B 11.1.1",
        "WildFire WF-500 and WF-500-B 11.1.2",
        "WildFire WF-500 and WF-500-B 11.1.3",
        "WildFire WF-500 and WF-500-B 10.2.0",
        "WildFire WF-500 and WF-500-B 10.2.1",
        "WildFire WF-500 and WF-500-B 10.2.2",
        "WildFire WF-500 and WF-500-B 10.2.3",
        "WildFire WF-500 and WF-500-B 10.2.4",
        "WildFire WF-500 and WF-500-B 10.2.5",
        "WildFire WF-500 and WF-500-B 10.2.6"
      ],
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2026-0259",
    "datePublished": "2026-05-13T18:05:45.862Z",
    "dateReserved": "2025-11-03T20:44:19.922Z",
    "dateUpdated": "2026-05-13T18:57:18.638Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2026-0259",
      "date": "2026-07-15",
      "epss": "0.00336",
      "percentile": "0.25698"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2026-0259\",\"sourceIdentifier\":\"psirt@paloaltonetworks.com\",\"published\":\"2026-05-13T19:17:01.873\",\"lastModified\":\"2026-07-14T15:52:52.800\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An arbitrary File Read and Delete Vulnerability in Palo Alto Networks WildFire\u00ae WF-500 and WF-500-B appliances enables users to read sensitive information and delete arbitrary files. This vulnerability affects WF-500 and WF-500-B appliances running in the default non-FIPS configuration mode.\\n\\n\\n\\nThe WildFire Appliance (WF-500, WF-500-B) software update is now available to customers that use the WildFire Appliance (WF-500, WF-500-B) for on-premise sandboxing.\\n\\n\\n\\nPlease note that customers using the WildFire Public cloud service are NOT impacted by this vulnerability.\"}],\"affected\":[{\"source\":\"psirt@paloaltonetworks.com\",\"affectedData\":[{\"vendor\":\"Palo Alto Networks\",\"product\":\"WildFire WF-500 and WF-500-B\",\"defaultStatus\":\"unaffected\",\"versions\":[{\"version\":\"12.1.0\",\"lessThan\":\"12.1.7, 12.1.4-h5\",\"versionType\":\"custom\",\"status\":\"affected\",\"changes\":[{\"at\":\"12.1.7\",\"status\":\"unaffected\"},{\"at\":\"12.1.4-h5\",\"status\":\"unaffected\"}]},{\"version\":\"11.2.0\",\"lessThan\":\"11.2.11,11.2.7-h7\",\"versionType\":\"custom\",\"status\":\"affected\",\"changes\":[{\"at\":\"11.2.12\",\"status\":\"unaffected\"},{\"at\":\"11.2.10-h6\",\"status\":\"unaffected\"},{\"at\":\"11.2.7-h13\",\"status\":\"unaffected\"},{\"at\":\"11.2.4-h17\",\"status\":\"unaffected\"}]},{\"version\":\"11.1.0\",\"lessThan\":\"11.1.13,11.1.10-h8\",\"versionType\":\"custom\",\"status\":\"affected\",\"changes\":[{\"at\":\"11.1.15\",\"status\":\"unaffected\"},{\"at\":\"11.1.13-h5\",\"status\":\"unaffected\"},{\"at\":\"11.1.10-h25\",\"status\":\"unaffected\"},{\"at\":\"11.1.7-h6\",\"status\":\"unaffected\"},{\"at\":\"11.1.6-h32\",\"status\":\"unaffected\"},{\"at\":\"11.1.4-h33\",\"status\":\"unaffected\"}]},{\"version\":\"10.2.0\",\"lessThan\":\"10.2.18-h6, 10.2.16-h7, 10.2.13-h21, 10.2.10-h36, 10.2.7-h34\",\"versionType\":\"custom\",\"status\":\"affected\",\"changes\":[{\"at\":\"10.2.18-h6\",\"status\":\"unaffected\"},{\"at\":\"10.2.16-h7\",\"status\":\"unaffected\"},{\"at\":\"10.2.13-h21\",\"status\":\"unaffected\"},{\"at\":\"10.2.10-h36\",\"status\":\"unaffected\"},{\"at\":\"10.2.7-h34\",\"status\":\"unaffected\"}]}]}]}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"psirt@paloaltonetworks.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:U/V:C/RE:M/U:Amber\",\"baseScore\":5.0,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"HIGH\",\"vulnIntegrityImpact\":\"LOW\",\"vulnAvailabilityImpact\":\"NONE\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"UNREPORTED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"YES\",\"Recovery\":\"USER\",\"valueDensity\":\"CONCENTRATED\",\"vulnerabilityResponseEffort\":\"MODERATE\",\"providerUrgency\":\"AMBER\"}}],\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2026-05-13T18:56:39.294156Z\",\"id\":\"CVE-2026-0259\",\"options\":[{\"exploitation\":\"none\"},{\"automatable\":\"no\"},{\"technicalImpact\":\"partial\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"weaknesses\":[{\"source\":\"psirt@paloaltonetworks.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-73\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.2.7\",\"matchCriteriaId\":\"57F7F91D-1366-42D9-B106-B200D38D8A38\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.2.8\",\"versionEndExcluding\":\"10.2.10\",\"matchCriteriaId\":\"F5A3E6A6-EE04-409C-AE6F-FC1ACE4C4666\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.2.11\",\"versionEndExcluding\":\"10.2.13\",\"matchCriteriaId\":\"CD4B8D09-F2B3-4C9A-A583-46DE85D9D43E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.2.14\",\"versionEndExcluding\":\"10.2.16\",\"matchCriteriaId\":\"4386D092-83D6-4914-8C26-3A1EE056FEC4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8C42D98-CF8F-456B-9D57-80BBDC2C8E74\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h1:*:*:*:*:*:*\",\"matchCriteriaId\":\"B3AAD4BA-22DD-43D3-91F1-8A6F5FBBF029\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h10:*:*:*:*:*:*\",\"matchCriteriaId\":\"EFB63AFC-C3EC-4D1A-BC4A-810662AD16BD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h11:*:*:*:*:*:*\",\"matchCriteriaId\":\"E67DEF1D-8674-41E8-AA07-0499DCCFD67A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h12:*:*:*:*:*:*\",\"matchCriteriaId\":\"AA4994CB-6591-4B44-A5D7-3CDF540B97DE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h13:*:*:*:*:*:*\",\"matchCriteriaId\":\"71EB32DA-D82F-49DD-B06F-7F10F08F740E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h14:*:*:*:*:*:*\",\"matchCriteriaId\":\"BF05E61D-0EC2-4755-8FCF-12E102A4D8FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h15:*:*:*:*:*:*\",\"matchCriteriaId\":\"22ED8EDB-5549-4D29-90D2-FFE33D030912\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h16:*:*:*:*:*:*\",\"matchCriteriaId\":\"A6AB7874-FE24-42AC-8E3A-822A70722126\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h17:*:*:*:*:*:*\",\"matchCriteriaId\":\"61B69220-4155-4462-A133-CE7A54747B83\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h18:*:*:*:*:*:*\",\"matchCriteriaId\":\"34B083B9-CC1B-43CD-9A16-C018F7FA2DDB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h19:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D88CC33-7E32-4E82-8A94-70759E910510\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h2:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA109AEA-0015-4EAA-BD86-F070FEEA2DF7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h20:*:*:*:*:*:*\",\"matchCriteriaId\":\"F90EF82F-1CC6-44B4-AFF9-02DF4EE84F81\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h21:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA91A4E9-CE1E-4CB8-B717-4B0E314C0171\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h22:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B4D43CC-1B4E-4380-B4A2-487870EFC5B4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h23:*:*:*:*:*:*\",\"matchCriteriaId\":\"DF7382E1-0678-40BC-8964-9D00F6C4C6F3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h24:*:*:*:*:*:*\",\"matchCriteriaId\":\"28994519-3519-4E94-8D8B-7C4251A82B8B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h3:*:*:*:*:*:*\",\"matchCriteriaId\":\"776E06EC-2FDA-4664-AB43-9F6BE9B897CA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h32:*:*:*:*:*:*\",\"matchCriteriaId\":\"53981EA8-847F-4FBC-BA55-8EDF591E0FF8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h4:*:*:*:*:*:*\",\"matchCriteriaId\":\"20A2E1F0-8303-483F-9199-9FE257B8A228\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h5:*:*:*:*:*:*\",\"matchCriteriaId\":\"3AF4AB7F-F9B0-4DC4-BFC5-8FC60CE65A9B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h6:*:*:*:*:*:*\",\"matchCriteriaId\":\"CBE09375-A863-42FF-813F-C20679D7C45C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h7:*:*:*:*:*:*\",\"matchCriteriaId\":\"0247BDD2-714F-4FFD-9433-FEC7747B30D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h8:*:*:*:*:*:*\",\"matchCriteriaId\":\"1311961A-0EF6-488E-B0C2-EDBD508587C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h9:*:*:*:*:*:*\",\"matchCriteriaId\":\"C779DF2B-D72A-4327-8AD8-3EA6751741F1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"03C5ABF2-8C53-4376-8A64-6CB34E18E77C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h1:*:*:*:*:*:*\",\"matchCriteriaId\":\"64F22CCE-6EAF-403B-B522-C11085410C65\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h10:*:*:*:*:*:*\",\"matchCriteriaId\":\"FF7FCD8B-80DF-4004-A9D2-4EE884F089A6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h11:*:*:*:*:*:*\",\"matchCriteriaId\":\"15F5A583-A213-475E-8305-B8087DADCABF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h12:*:*:*:*:*:*\",\"matchCriteriaId\":\"83C9637A-B615-4CC2-84AA-BDCFE611484C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h13:*:*:*:*:*:*\",\"matchCriteriaId\":\"7EB3881C-B255-41AD-B61F-C14743824A3E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h14:*:*:*:*:*:*\",\"matchCriteriaId\":\"224270A7-767D-433B-AD51-C031506747C1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h17:*:*:*:*:*:*\",\"matchCriteriaId\":\"A532EFC6-A883-4279-8C05-9CD600B3F963\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h18:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4F20C02-DF90-4609-9254-B765481C83E0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h2:*:*:*:*:*:*\",\"matchCriteriaId\":\"872BC747-512A-4872-AC86-E7F1DC589F47\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h21:*:*:*:*:*:*\",\"matchCriteriaId\":\"E5E36C87-E01D-49DC-AB73-10E5EE27F596\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h27:*:*:*:*:*:*\",\"matchCriteriaId\":\"39437442-B24D-492F-B637-2203492327FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h3:*:*:*:*:*:*\",\"matchCriteriaId\":\"67F527D0-F85B-4B83-AEA5-BA636FC89210\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h30:*:*:*:*:*:*\",\"matchCriteriaId\":\"984BE1FB-ADB7-4831-AEDD-39DBAED078B0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h31:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF2C954D-9763-41E3-A132-F83C82E79BC0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h4:*:*:*:*:*:*\",\"matchCriteriaId\":\"6CF8F985-7E51-49E6-857A-FAAF027F5611\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h5:*:*:*:*:*:*\",\"matchCriteriaId\":\"B437DCEA-ABA3-41CA-B320-97EC430F1122\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h6:*:*:*:*:*:*\",\"matchCriteriaId\":\"223673C1-9327-4C12-BF02-7447D2CAD16C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h7:*:*:*:*:*:*\",\"matchCriteriaId\":\"593AFE7A-CB37-4156-A2B8-646A317F3176\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h8:*:*:*:*:*:*\",\"matchCriteriaId\":\"63F4EE10-4A97-4668-9050-2DB4CEBFB307\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.13:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2B871A6-0636-42A0-9573-6F693D7753AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.13:h1:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1FC63B8-B8D9-4EC1-85CA-2E12B38ACD3E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.13:h10:*:*:*:*:*:*\",\"matchCriteriaId\":\"F3F8462A-71C0-4F81-9882-C73BC90697CA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.13:h15:*:*:*:*:*:*\",\"matchCriteriaId\":\"85653992-4FBF-445C-881B-5F2494B597BE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.13:h16:*:*:*:*:*:*\",\"matchCriteriaId\":\"C1B72E68-2D01-483F-BEC5-59C49E96B976\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.13:h18:*:*:*:*:*:*\",\"matchCriteriaId\":\"E49419C4-9AFE-4B7F-90EF-DB50EBB608D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.13:h2:*:*:*:*:*:*\",\"matchCriteriaId\":\"60CE628F-C4CB-4342-8D71-DE61A089B612\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.13:h3:*:*:*:*:*:*\",\"matchCriteriaId\":\"2447D2B1-A145-4036-B9F2-17648B193465\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.13:h4:*:*:*:*:*:*\",\"matchCriteriaId\":\"C24353AF-DC81-49B9-9132-9EEC8E6009BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.13:h5:*:*:*:*:*:*\",\"matchCriteriaId\":\"B4420489-AE0F-4A48-B2CE-C165BEBFA6A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.13:h7:*:*:*:*:*:*\",\"matchCriteriaId\":\"C45D8DF1-9483-4B24-AB94-B1FF4A5F2606\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.16:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"BC38A9CD-CDB6-423A-BE8D-2E0E45A3B239\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.16:h1:*:*:*:*:*:*\",\"matchCriteriaId\":\"41B48ECA-FD05-4EA2-B1C9-771624EAAFF4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.16:h4:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D65D1F0-323E-41AF-962E-1F9741748A76\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.16:h6:*:*:*:*:*:*\",\"matchCriteriaId\":\"D5D41E00-D517-4B81-A7FC-C8E101884807\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.17:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEBB519E-9AC8-4100-B71C-E7D3276ED79C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.18:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"19604659-570D-4766-B8B5-8B9920E2607F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.18:h1:*:*:*:*:*:*\",\"matchCriteriaId\":\"745A3A2A-73CF-4DC2-968B-ACFC66389E11\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.18:h5:*:*:*:*:*:*\",\"matchCriteriaId\":\"3A1E533E-DE4A-4F2F-A71A-FFF56E757087\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:paloaltonetworks:wf-500:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3F9D532F-67BA-438B-8BD5-65B2EADF35D8\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:paloaltonetworks:wf-500-b:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FFE4B73A-0C35-4254-B028-A7E587780888\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.1.0\",\"versionEndExcluding\":\"11.1.4\",\"matchCriteriaId\":\"459485B4-47FF-4A5F-9249-AE0445A0096A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.1.5\",\"versionEndExcluding\":\"11.1.6\",\"matchCriteriaId\":\"F35F4848-BBF3-4B43-9E5C-98E7AB437FF2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.1.8\",\"versionEndExcluding\":\"11.1.10\",\"matchCriteriaId\":\"45D0EA32-45AE-4411-8E14-43B74715387C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.1.11\",\"versionEndExcluding\":\"11.1.13\",\"matchCriteriaId\":\"D9CE1AA7-46F4-4740-BF21-EE6732134D57\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"DF83EAA1-49E1-4AD0-A049-F1B3065950BC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h1:*:*:*:*:*:*\",\"matchCriteriaId\":\"BE3F7369-9F35-409A-9F47-45A959592DFA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h10:*:*:*:*:*:*\",\"matchCriteriaId\":\"6650937C-D778-4B5D-AA28-E7DA96DDAB7E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h11:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB835E23-6984-413D-A870-8734E626D219\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h12:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD247097-EEC7-48E7-9C14-3314900BD5F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h13:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD701663-4C57-4115-BD59-9DFFB504E2AF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h15:*:*:*:*:*:*\",\"matchCriteriaId\":\"82816C09-6A9D-4AB2-AA55-62CC714CCA82\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h16:*:*:*:*:*:*\",\"matchCriteriaId\":\"9AA9F77D-BC9C-4A2C-8988-6DEE65CD9C8E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h17:*:*:*:*:*:*\",\"matchCriteriaId\":\"A5A3CEBF-9F8A-47F9-A302-7C395F2A8146\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h18:*:*:*:*:*:*\",\"matchCriteriaId\":\"A79B51D2-74E8-4BA3-AE33-829A9C1776E9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h2:*:*:*:*:*:*\",\"matchCriteriaId\":\"83A04AA3-4B6C-4B75-9797-74FA230FD299\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h25:*:*:*:*:*:*\",\"matchCriteriaId\":\"E08297B1-95E9-4730-B59D-252B958C4199\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h27:*:*:*:*:*:*\",\"matchCriteriaId\":\"B56B153E-8693-4257-9E33-38904A949ED8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h3:*:*:*:*:*:*\",\"matchCriteriaId\":\"AECB34F6-76F3-46E4-8F08-8570247AC281\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h32:*:*:*:*:*:*\",\"matchCriteriaId\":\"A220ED95-5E1A-45AA-85BD-8A58CFC6C697\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h4:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9DB4DA9-2262-4E9E-B3A1-49D261D01295\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h5:*:*:*:*:*:*\",\"matchCriteriaId\":\"552C1E17-E4A7-462C-97E4-AF14C00B89FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h6:*:*:*:*:*:*\",\"matchCriteriaId\":\"1EB942A4-026C-494D-A1DD-96259354CB0D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h7:*:*:*:*:*:*\",\"matchCriteriaId\":\"4852E738-990C-4DD2-8252-D4625D843A99\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h8:*:*:*:*:*:*\",\"matchCriteriaId\":\"010E5816-BB0D-438B-A280-AF35B435DCFA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h9:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB2C59F8-2583-4510-90F8-500F8329AFFD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"52C50A07-F4D8-4F1F-BA61-3429BB1721BE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:h1:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D12FF27-C186-467C-8627-1284EBC67243\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:h10:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF4AA997-35BC-4BC1-9EF2-644503B2D806\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:h14:*:*:*:*:*:*\",\"matchCriteriaId\":\"12EF4DDF-9773-4B02-8FF4-F94A1D49E6AA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:h17:*:*:*:*:*:*\",\"matchCriteriaId\":\"8FAE17BB-7938-41D0-8D62-46F829C647BC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:h18:*:*:*:*:*:*\",\"matchCriteriaId\":\"2682D64E-79A4-4522-8742-7EF1637764AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:h19:*:*:*:*:*:*\",\"matchCriteriaId\":\"6DA5A0AD-C4FB-4210-8651-F94F2875A0EA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:h2:*:*:*:*:*:*\",\"matchCriteriaId\":\"45D633D7-A4B5-4D68-9BAB-D9BA25877F36\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:h20:*:*:*:*:*:*\",\"matchCriteriaId\":\"B79DB477-A907-4300-A651-16F93880B049\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:h21:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF74D8FA-677F-484D-9338-A1761614FFD6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:h22:*:*:*:*:*:*\",\"matchCriteriaId\":\"F9FC5118-4056-4E22-A1F0-D6FFA2B88472\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:h23:*:*:*:*:*:*\",\"matchCriteriaId\":\"5E7A808F-F52F-4786-950C-591CCADB2EE4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:h25:*:*:*:*:*:*\",\"matchCriteriaId\":\"0CA82012-AA59-44C1-BB9D-0B28764D507E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:h29:*:*:*:*:*:*\",\"matchCriteriaId\":\"27233F80-A620-42D3-927D-4FCDE6345456\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:h3:*:*:*:*:*:*\",\"matchCriteriaId\":\"63729FA6-ED2A-4593-9436-232F282A0A78\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:h4:*:*:*:*:*:*\",\"matchCriteriaId\":\"F39792EF-61B5-4874-9FD0-7544F8C5C0D4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:h5:*:*:*:*:*:*\",\"matchCriteriaId\":\"CCC24BCD-E508-4553-9BAC-468A1078C9A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:h6:*:*:*:*:*:*\",\"matchCriteriaId\":\"4A06B6F4-DCAE-4115-93D4-25D0A37AAB9F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:h7:*:*:*:*:*:*\",\"matchCriteriaId\":\"91529C45-FA55-4844-A153-682F729F440D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.7:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"64B56778-2698-493D-80AD-B4AE81F48124\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.7:h1:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A9D3E2E-BA37-4F2A-BD43-97DD93E43D08\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.7:h2:*:*:*:*:*:*\",\"matchCriteriaId\":\"9DCE8F6C-541E-4C61-ABC8-4A618B0DD58D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.7:h4:*:*:*:*:*:*\",\"matchCriteriaId\":\"1E5EF79B-1A25-4AAB-AF2E-D151359E7FFE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.10:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"A92886DF-C989-47AD-8F68-8F468BBC6E57\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.10:h1:*:*:*:*:*:*\",\"matchCriteriaId\":\"9893920B-A00E-4890-A897-EE1CF0751BA0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.10:h10:*:*:*:*:*:*\",\"matchCriteriaId\":\"D1289923-12D8-4FDD-B18B-C52516F14922\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.10:h12:*:*:*:*:*:*\",\"matchCriteriaId\":\"AFC923D7-672D-4556-8344-BBD285324067\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.10:h21:*:*:*:*:*:*\",\"matchCriteriaId\":\"E1510DE9-04A3-4E08-872D-C0F6041BCFCD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.10:h4:*:*:*:*:*:*\",\"matchCriteriaId\":\"31CD3B15-2CE0-404A-9542-9C39B8E71027\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.10:h5:*:*:*:*:*:*\",\"matchCriteriaId\":\"0194DA0B-041A-4810-8BFB-2308290517B3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.10:h7:*:*:*:*:*:*\",\"matchCriteriaId\":\"69E64D86-034F-4BC7-9A4E-2703D834EBC1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.10:h9:*:*:*:*:*:*\",\"matchCriteriaId\":\"B992628F-1114-4FC8-9364-800ACE997044\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.13:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"9223B0D4-6194-4684-8EF4-84A0EF511D8F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.13:h1:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB16C018-2B70-4F4D-9025-69FF82CD40F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.13:h2:*:*:*:*:*:*\",\"matchCriteriaId\":\"1259B519-130D-4584-86AA-E4EA1E89ACB2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.13:h3:*:*:*:*:*:*\",\"matchCriteriaId\":\"0DCA6D54-E623-4985-B35F-AC98299828EF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.14:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"20A38461-BC7E-4D75-A168-FA493955A54C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:paloaltonetworks:wf-500:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3F9D532F-67BA-438B-8BD5-65B2EADF35D8\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:paloaltonetworks:wf-500-b:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FFE4B73A-0C35-4254-B028-A7E587780888\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.2.0\",\"versionEndExcluding\":\"11.2.4\",\"matchCriteriaId\":\"7E4D3A51-0A40-4B19-AAFC-A2484B1CF5D7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.2.5\",\"versionEndExcluding\":\"11.2.7\",\"matchCriteriaId\":\"A52983E4-71BF-46D7-8A4A-D199F7DCAA36\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.2.8\",\"versionEndExcluding\":\"11.2.10\",\"matchCriteriaId\":\"85010E8F-E824-4C69-9B59-58DB01789ECB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"C01AD190-F3C2-4349-A063-8C5C78B725B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:h1:*:*:*:*:*:*\",\"matchCriteriaId\":\"30F4CD1C-6862-4279-8D2D-40B4D164222F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:h10:*:*:*:*:*:*\",\"matchCriteriaId\":\"8137F3AF-BA32-41BC-AD2E-A668FFA33892\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:h11:*:*:*:*:*:*\",\"matchCriteriaId\":\"8C977AF0-D2B0-401A-A7C5-A1C71AC3C072\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:h12:*:*:*:*:*:*\",\"matchCriteriaId\":\"B9C0A53F-2AFE-4B0D-AEC1-464E6001E02F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:h14:*:*:*:*:*:*\",\"matchCriteriaId\":\"D720448D-F40B-4C92-9101-A48AC36C9CBF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:h15:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F12F7AC-D5B3-499E-87DA-27427D8BFFC5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:h2:*:*:*:*:*:*\",\"matchCriteriaId\":\"A52B7A7A-483A-4075-B1E9-5C14B66F7FC3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:h3:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E46608E-682E-47B8-B810-8714571286C5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:h4:*:*:*:*:*:*\",\"matchCriteriaId\":\"76949F0F-2ADC-492F-83F0-0A1B0E861F97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:h5:*:*:*:*:*:*\",\"matchCriteriaId\":\"C1DD83BC-4E8E-4C1D-80C7-A6209B4E70CE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:h6:*:*:*:*:*:*\",\"matchCriteriaId\":\"73888909-64C5-41BC-BAE0-BD9BDEEAF723\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:h7:*:*:*:*:*:*\",\"matchCriteriaId\":\"E7861D82-815D-4894-9E11-1B6B1E66CDEC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:h8:*:*:*:*:*:*\",\"matchCriteriaId\":\"D269E33D-9A79-40CC-B79A-C9A398AB7AFE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:h9:*:*:*:*:*:*\",\"matchCriteriaId\":\"9762E441-856F-466F-812C-798CA2EEF965\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.2.7:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A25C9D9-BC83-49AE-BEE7-EF05F8336B01\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.2.7:h1:*:*:*:*:*:*\",\"matchCriteriaId\":\"A93C2B58-EC78-4C3D-89FF-35D9C489E39F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.2.7:h10:*:*:*:*:*:*\",\"matchCriteriaId\":\"A32E35C0-913E-4348-8AD4-E1F169C40C92\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.2.7:h11:*:*:*:*:*:*\",\"matchCriteriaId\":\"39112398-2A93-4E26-A7DF-0E3FA81C5130\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.2.7:h12:*:*:*:*:*:*\",\"matchCriteriaId\":\"C88442D1-599F-411D-B7A2-E17AA839F177\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.2.7:h2:*:*:*:*:*:*\",\"matchCriteriaId\":\"D12C3EB6-842E-4378-896C-FDBB2BC75D10\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.2.7:h3:*:*:*:*:*:*\",\"matchCriteriaId\":\"86B41903-FF08-454D-B626-184CB73B122E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.2.7:h4:*:*:*:*:*:*\",\"matchCriteriaId\":\"396DC378-7716-40F6-88A4-99299A16CAF1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.2.7:h7:*:*:*:*:*:*\",\"matchCriteriaId\":\"5E5C6E3A-262C-4212-B21C-00E8079AA8CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.2.7:h8:*:*:*:*:*:*\",\"matchCriteriaId\":\"4C855108-D3C9-4DE3-B9F4-9735A0A439AF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.2.10:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"051673AB-50BF-4DD0-8679-F5825520241A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.2.10:h1:*:*:*:*:*:*\",\"matchCriteriaId\":\"BAC15D8A-83CA-413F-BA2B-17EC2B169F6E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.2.10:h2:*:*:*:*:*:*\",\"matchCriteriaId\":\"70B3EB0C-87F1-46C2-B95C-C5808E473BD2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.2.10:h3:*:*:*:*:*:*\",\"matchCriteriaId\":\"073BF631-451B-4DFC-B23C-F0F68C2450F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.2.10:h4:*:*:*:*:*:*\",\"matchCriteriaId\":\"13AA1BEF-F2F6-4534-89F3-DF4E79217978\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.2.10:h5:*:*:*:*:*:*\",\"matchCriteriaId\":\"CBFDE611-4981-4D92-ABAF-858DF132535F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.2.11:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE68AC6C-61B6-4245-96AE-3D1F96D44721\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:paloaltonetworks:wf-500:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3F9D532F-67BA-438B-8BD5-65B2EADF35D8\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:paloaltonetworks:wf-500-b:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FFE4B73A-0C35-4254-B028-A7E587780888\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.1.0\",\"versionEndExcluding\":\"12.1.4\",\"matchCriteriaId\":\"181F9096-34AB-483A-B33F-F4A7F250052F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.1.5\",\"versionEndExcluding\":\"12.1.7\",\"matchCriteriaId\":\"D1EA4C4A-D7DC-4A63-B109-9C9328772E9E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:12.1.4:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"8C1ADE94-3F05-48EE-94E0-FD6EB682705C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:12.1.4:h2:*:*:*:*:*:*\",\"matchCriteriaId\":\"F727C18E-1C8D-448A-954C-073294FBC65C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:12.1.4:h3:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E492BE6-EB2E-4616-85EA-3B389741301B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:paloaltonetworks:wf-500:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3F9D532F-67BA-438B-8BD5-65B2EADF35D8\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:paloaltonetworks:wf-500-b:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FFE4B73A-0C35-4254-B028-A7E587780888\"}]}]}],\"references\":[{\"url\":\"https://security.paloaltonetworks.com/CVE-2026-0259\",\"source\":\"psirt@paloaltonetworks.com\",\"tags\":[\"Vendor Advisory\"]}]}}",
    "redhat_vex": {
      "current_release_date": "2026-06-05T19:25:40+00:00",
      "cve": "CVE-2026-0259",
      "id": "CVE-2026-0259",
      "initial_release_date": "2026-05-13T16:00:00+00:00",
      "product_status:known_not_affected": "1",
      "source": "Red Hat CSAF VEX",
      "status": "final",
      "title": "WildFire WF-500 and WF-500-B: Arbitrary File Read and Delete Vulnerability in WildFire Appliance (WF-500, WF-500-B)",
      "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-0259.json",
      "version": "3"
    },
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-0259\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-05-13T18:56:39.294156Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-05-13T18:57:10.236Z\"}}], \"cna\": {\"title\": \"WildFire WF-500 and WF-500-B: Arbitrary File Read and Delete Vulnerability in WildFire Appliance (WF-500, WF-500-B)\", \"source\": {\"discovery\": \"INTERNAL\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"other\", \"value\": \"Palo Alto Networks thanks our internal security research teams for discovering and reporting this issue.\"}], \"impacts\": [{\"capecId\": \"CAPEC-597\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-597 Absolute Path Traversal\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV4_0\": {\"Safety\": \"NOT_DEFINED\", \"version\": \"4.0\", \"Recovery\": \"USER\", \"baseScore\": 5, \"Automatable\": \"YES\", \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"valueDensity\": \"CONCENTRATED\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/AU:Y/R:U/V:C/RE:M/U:Amber\", \"exploitMaturity\": \"UNREPORTED\", \"providerUrgency\": \"AMBER\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"LOW\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"LOW\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"NONE\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"HIGH\", \"vulnerabilityResponseEffort\": \"MODERATE\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Palo Alto Networks\", \"product\": \"WildFire WF-500 and WF-500-B\", \"versions\": [{\"status\": \"affected\", \"changes\": [{\"at\": \"12.1.7\", \"status\": \"unaffected\"}, {\"at\": \"12.1.4-h5\", \"status\": \"unaffected\"}], \"version\": \"12.1.0\", \"lessThan\": \"12.1.7, 12.1.4-h5\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"changes\": [{\"at\": \"11.2.12\", \"status\": \"unaffected\"}, {\"at\": \"11.2.10-h6\", \"status\": \"unaffected\"}, {\"at\": \"11.2.7-h13\", \"status\": \"unaffected\"}, {\"at\": \"11.2.4-h17\", \"status\": \"unaffected\"}], \"version\": \"11.2.0\", \"lessThan\": \"11.2.11,11.2.7-h7\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"changes\": [{\"at\": \"11.1.15\", \"status\": \"unaffected\"}, {\"at\": \"11.1.13-h5\", \"status\": \"unaffected\"}, {\"at\": \"11.1.10-h25\", \"status\": \"unaffected\"}, {\"at\": \"11.1.7-h6\", \"status\": \"unaffected\"}, {\"at\": \"11.1.6-h32\", \"status\": \"unaffected\"}, {\"at\": \"11.1.4-h33\", \"status\": \"unaffected\"}], \"version\": \"11.1.0\", \"lessThan\": \"11.1.13,11.1.10-h8\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"changes\": [{\"at\": \"10.2.18-h6\", \"status\": \"unaffected\"}, {\"at\": \"10.2.16-h7\", \"status\": \"unaffected\"}, {\"at\": \"10.2.13-h21\", \"status\": \"unaffected\"}, {\"at\": \"10.2.10-h36\", \"status\": \"unaffected\"}, {\"at\": \"10.2.7-h34\", \"status\": \"unaffected\"}], \"version\": \"10.2.0\", \"lessThan\": \"10.2.18-h6, 10.2.16-h7, 10.2.13-h21, 10.2.10-h36, 10.2.7-h34\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}], \"exploits\": [{\"lang\": \"en\", \"value\": \"Palo Alto Networks is not aware of any malicious exploitation of this issue.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cp\u003ePalo Alto Networks is not aware of any malicious exploitation of this issue.\u003c/p\u003e\", \"base64\": false}]}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2026-05-13T16:00:00.000Z\", \"value\": \"Initial publication.\"}], \"solutions\": [{\"lang\": \"eng\", \"value\": \"VERSION                             MINOR VERSION RANGE          SUGGESTED SOLUTION\\nWildFire WF-500 and WF-500-B 12.1   12.1.5 through 12.1.6        Upgrade to 12.1.7 or later.\\n                                    12.1.2 through 12.1.4-h*     Upgrade to 12.1.4-h5 or 12.1.7 or later.\\nWildFire WF-500 and WF-500-B 11.2   11.2.11 or later             Upgrade to 11.2.12 or later.\\n                                    11.2.8 through 11.2.10-h*    Upgrade to 11.2.10-h6 or 11.2.12 or later.\\n                                    11.2.5 through 11.2.7-h*     Upgrade to 11.2.7-h13 or 11.2.12 or later.\\n                                    11.2.0 through 11.2.4-h*     Upgrade to 11.2.4-h17 or 11.2.12 or later.\\nWildFire WF-500 and WF-500-B 11.1   11.1.14 or later             Upgrade to 11.1.15 or later.\\n                                    11.1.11 through 11.1.13-h*   Upgrade to 11.1.13-h5 or 11.1.15 or later.\\n                                    11.1.8 through 11.1.10-h*    Upgrade to 11.1.10-h25 or 11.1.15 or later.\\n                                    11.1.7 through 11.1.7-h*     Upgrade to 11.1.7-h6 or 11.1.15 or later.\\n                                    11.1.5 through 11.1.6-h*     Upgrade to 11.1.6-h32 or 11.1.15 or later.\\n                                    11.1.0 through 11.1.4-h*     Upgrade to 11.1.4-h33 or 11.1.15 or later.\\nWildFire WF-500 and WF-500-B 10.2   10.2.17 through 10.2.18-h*   Upgrade to 10.2.18-h6 or later.\\n                                    10.2.14 through 10.2.16-h*   Upgrade to 10.2.16-h7 or 10.2.18-h6 or later.\\n                                    10.2.11 through 10.2.13-h*   Upgrade to 10.2.13-h21 or 10.2.18-h6 or later.\\n                                    10.2.8 through 10.2.10-h*    Upgrade to 10.2.10-h36 or 10.2.18-h6 or later.\\n                                    10.2.0 through 10.2.7-h*     Upgrade to 10.2.7-h34 or 10.2.18-h6 or later.\\nWildFire WF-500 and WF-500-B 10.1    All (EoL)                   No fix planned. Upgrade to a supported version.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003ctable class=\\\"tbl\\\"\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eVersion\u003c/th\u003e\u003cth\u003eMinor Version Range\u003c/th\u003e\u003cth\u003eSuggested Solution\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003eWildFire WF-500 and WF-500-B 12.1\u003c/td\u003e\u003ctd\u003e12.1.5 through 12.1.6\u003c/td\u003e\u003ctd\u003eUpgrade to 12.1.7 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e12.1.2 through 12.1.4-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 12.1.4-h5 or 12.1.7 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eWildFire WF-500 and WF-500-B 11.2\u003c/td\u003e\u003ctd\u003e11.2.11 or later\u003c/td\u003e\u003ctd\u003eUpgrade to 11.2.12 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.2.8 through 11.2.10-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.2.10-h6 or 11.2.12 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.2.5 through 11.2.7-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.2.7-h13 or 11.2.12 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.2.0 through 11.2.4-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.2.4-h17 or 11.2.12 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eWildFire WF-500 and WF-500-B 11.1\u003c/td\u003e\u003ctd\u003e11.1.14 or later\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.15 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.1.11 through 11.1.13-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.13-h5 or 11.1.15 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.1.8 through 11.1.10-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.10-h25 or 11.1.15 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.1.7 through 11.1.7-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.7-h6 or 11.1.15 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.1.5 through 11.1.6-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.6-h32 or 11.1.15 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.1.0 through 11.1.4-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.4-h33 or 11.1.15 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eWildFire WF-500 and WF-500-B 10.2\u003c/td\u003e\u003ctd\u003e10.2.17 through 10.2.18-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.18-h6 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e10.2.14 through 10.2.16-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.16-h7 or 10.2.18-h6 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e10.2.11 through 10.2.13-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.13-h21 or 10.2.18-h6 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e10.2.8 through 10.2.10-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.10-h36 or 10.2.18-h6 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e10.2.0 through 10.2.7-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.7-h34 or 10.2.18-h6 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eWildFire WF-500 and WF-500-B 10.1\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e\u0026nbsp;All (EoL)\u003c/td\u003e\u003ctd\u003eNo fix planned. Upgrade to a supported version.\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\", \"base64\": false}]}], \"datePublic\": \"2026-05-13T16:00:00.000Z\", \"references\": [{\"url\": \"https://security.paloaltonetworks.com/CVE-2026-0259\", \"tags\": [\"vendor-advisory\"]}], \"workarounds\": [{\"lang\": \"eng\", \"value\": \"For airgapped deployments, we strongly recommend that you secure WildFire 500 appliances by restricting access to only trusted internal IP addresses.\\n\\nCustomers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat ID 510010 (Applications and Threats content version 9100-10044 and later).\\n\\n\\nPlease note that this Threat ID requires SSL Decryption.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cp\u003eFor airgapped deployments, we strongly recommend that you secure WildFire 500 appliances by restricting access to only trusted internal IP addresses.\u003c/p\u003e\u003cp\u003eCustomers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat ID 510010 (Applications and Threats content version 9100-10044 and later). \u003cbr\u003e\u003c/p\u003e\u003cb\u003e\u003c/b\u003e\u003cp\u003ePlease note that this Threat ID requires SSL Decryption.\u003c/p\u003e\", \"base64\": false}]}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"An arbitrary File Read and Delete Vulnerability in Palo Alto Networks WildFire\\u00ae WF-500 and WF-500-B appliances enables users to read sensitive information and delete arbitrary files. This vulnerability affects WF-500 and WF-500-B appliances running in the default non-FIPS configuration mode.\\n\\n\\n\\nThe WildFire Appliance (WF-500, WF-500-B) software update is now available to customers that use the WildFire Appliance (WF-500, WF-500-B) for on-premise sandboxing.\\n\\n\\n\\nPlease note that customers using the WildFire Public cloud service are NOT impacted by this vulnerability.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cp\u003eAn arbitrary File Read and Delete Vulnerability in Palo Alto Networks WildFire\\u00ae WF-500 and WF-500-B appliances enables users to read sensitive information and delete arbitrary files. This vulnerability affects WF-500 and WF-500-B appliances running in the default non-FIPS configuration mode.\u003c/p\u003e\u003cp\u003eThe WildFire Appliance (WF-500, WF-500-B) software update is now available to customers that use the WildFire Appliance (WF-500, WF-500-B) for on-premise sandboxing.\u003c/p\u003e\u003cp\u003ePlease note that customers using the WildFire Public cloud service are NOT impacted by this vulnerability.\u003cbr\u003e\u003c/p\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-73\", \"description\": \"CWE-73 External Control of File Name or Path\"}]}], \"configurations\": [{\"lang\": \"eng\", \"value\": \"No special configuration is required to be affected by this issue.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"No special configuration is required to be affected by this issue.\", \"base64\": false}]}], \"x_affectedList\": [\"WildFire WF-500 and WF-500-B 12.1.0\", \"WildFire WF-500 and WF-500-B 12.1.1\", \"WildFire WF-500 and WF-500-B 12.1.2\", \"WildFire WF-500 and WF-500-B 12.1.3\", \"WildFire WF-500 and WF-500-B 11.2.0\", \"WildFire WF-500 and WF-500-B 11.2.1\", \"WildFire WF-500 and WF-500-B 11.2.2\", \"WildFire WF-500 and WF-500-B 11.2.3\", \"WildFire WF-500 and WF-500-B 11.1.0\", \"WildFire WF-500 and WF-500-B 11.1.1\", \"WildFire WF-500 and WF-500-B 11.1.2\", \"WildFire WF-500 and WF-500-B 11.1.3\", \"WildFire WF-500 and WF-500-B 10.2.0\", \"WildFire WF-500 and WF-500-B 10.2.1\", \"WildFire WF-500 and WF-500-B 10.2.2\", \"WildFire WF-500 and WF-500-B 10.2.3\", \"WildFire WF-500 and WF-500-B 10.2.4\", \"WildFire WF-500 and WF-500-B 10.2.5\", \"WildFire WF-500 and WF-500-B 10.2.6\"], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:a:palo_alto_networks:wildfire_wf-500_and_wf-500-b:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"12.1.7_12.1.4-h5\", \"versionStartIncluding\": \"12.1.0\"}, {\"criteria\": \"cpe:2.3:a:palo_alto_networks:wildfire_wf-500_and_wf-500-b:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"11.2.11_11.2.7-h7\", \"versionStartIncluding\": \"11.2.0\"}, {\"criteria\": \"cpe:2.3:a:palo_alto_networks:wildfire_wf-500_and_wf-500-b:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"11.1.13_11.1.10-h8\", \"versionStartIncluding\": \"11.1.0\"}, {\"criteria\": \"cpe:2.3:a:palo_alto_networks:wildfire_wf-500_and_wf-500-b:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.2.18-h6_10.2.16-h7_10.2.13-h21_10.2.10-h36_10.2.7-h34\", \"versionStartIncluding\": \"10.2.0\"}], \"operator\": \"OR\"}], \"operator\": \"OR\"}], \"providerMetadata\": {\"orgId\": \"d6c1279f-00f6-4ef7-9217-f89ffe703ec0\", \"shortName\": \"palo_alto\", \"dateUpdated\": \"2026-05-13T18:05:45.862Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2026-0259\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-05-13T18:57:18.638Z\", \"dateReserved\": \"2025-11-03T20:44:19.922Z\", \"assignerOrgId\": \"d6c1279f-00f6-4ef7-9217-f89ffe703ec0\", \"datePublished\": \"2026-05-13T18:05:45.862Z\", \"assignerShortName\": \"palo_alto\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}



Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Loading…

Detection rules are retrieved from Rulezet.

Loading…

Loading…