Vulnerability in Palo Alto Networks Global Protect App

CVE-2026-0251

Multiple local privilege escalation vulnerabilities in the Palo Alto Networks GlobalProtect™ app allow a local user to escalate their privileges to NT AUTHORITY\SYSTEM on Windows and root on macOS and Linux. This enables a non-administrati…

EPSS: 0.000 (0.5th percentile) — read the EPSS interpretation.

Affected products

Palo Alto Networks Global Protect App — versions All
Palo Alto Networks Globalprotect App — versions 6.3.0, 6.2.0, 6.0.0

Weakness classification (CWE)

CWE-426 — Untrusted Search Path

References

psirt@paloaltonetworks.com (vendor-advisory)