CVE-2026-0266EPSS p11.5%

CVE-2026-0266CVE-2026-0266

Description

A cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS® software enables a malicious authenticated administrator to store a JavaScript payload using the web interface. This issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series). Cloud NGFW and Prisma® Access are not affected by this vulnerability.

Scoring

EPSS0.21% probability of exploitation · percentile 11.5% · 2026-06-19T12:03:05Z
Last modified2026-06-11

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-0256
CVE
CVE-2026-0261
CVE
CVE-2026-0265
CVE
CVE-2026-0273
CVE
CVE-2026-0262
CVE
Palo Alto Networks PAN-OS Management Interface OS Command Injection Vulnerability
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.