QSearchQSearch

CVE-2026-0267

An information exposure vulnerability in the Palo Alto Networks GlobalProtect app on macOS enables a local user to learn the configured p...

Published: 2026-06-10 · Last updated: 2026-06-10

Severity and scoring

CWE
CWE-532

Description

An information exposure vulnerability in the Palo Alto Networks GlobalProtect app on macOS enables a local user to learn the configured passcodes for disabling, disconnecting, or uninstalling the GlobalProtect app. After the passcode is known, the user can perform these actions even if the GlobalProtect app configuration would not normally permit them to do so.

Source: NVD

References

Related CVEs

Same CWE

  • CVE-2026-9751 The ldapQueryPassword parameter, when set through the runtime setParameter command, will log the new password to the mongod.log file in p... (5.5 MEDIUM)
  • CVE-2026-9735 MongoDB server may log authentication parameters, including credentials, to the server log during SASL authentication (5.5 MEDIUM)
  • CVE-2026-45581 fabric-chaincode-java is a Java based implementation of Hyperledger Fabric chaincode shim APIs (5.5 MEDIUM)
  • CVE-2026-50205 System log files output unencrypted SMTP server authentication passwords alongside sensitive employee corporate identification data (8.2 HIGH)
  • CVE-2026-45679 OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard (6.5 MEDIUM)