Buffer overflow in Palo Alto Networks Globalprotect App

CVE-2026-0250

A buffer overflow vulnerability exists in the Palo Alto Networks GlobalProtect™ app that enables a man in the middle attacker to disrupt system processes and potentially execute arbitrary code with SYSTEM privileges. This vulnerability is…

Vulnerability class: Buffer Overflow

EPSS: 0.000 (0.6th percentile) — read the EPSS interpretation.

Affected products

Palo Alto Networks Globalprotect App — versions 6.3.0, 6.2.0, 6.1
Palo Alto Networks Globalprotect Uwp App — versions 6.3

Weakness classification (CWE)

CWE-787 — Out-of-bounds Write

References

psirt@paloaltonetworks.com (vendor-advisory)