CVE-2026-0256 – PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in the Web Interface

CVE ID :CVE-2026-0256

Published : May 13, 2026, 6:18 p.m. | 40 minutes ago

Description :A stored cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS® software enables a malicious authenticated administrator to store a JavaScript payload using the web interface.

This issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series).

Cloud NGFW and Prisma® Access are not impacted by this vulnerability.

Severity: 4.4 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more… 

نوشته های مشابه

CVE-2026-0239 – Chronosphere Chronocollector Information Disclosure Vulnerability

CVE-2026-0250 – GlobalProtect App: Buffer Overflow Vulnerability during connection to Portal or Gateway

CVE-2026-8466 – Unbounded buffer accumulation in multipart header parsing causes denial of service in cowboy

CVE-2026-44248 – Netty: Resource exhaustion in MqttDecoder