CVE-2026-0251
Severity CVSS v4.0:
MEDIUM
Type:
CWE-426
Untrusted Search Path
Publication date:
13/05/2026
Last modified:
14/05/2026
Description
Multiple local privilege escalation vulnerabilities in the Palo Alto Networks GlobalProtect™ app allow a local user to escalate their privileges to NT AUTHORITY\SYSTEM on Windows and root on macOS and Linux. This enables a non-administrative user to execute arbitrary commands with administrative privileges.<br />
<br />
The GlobalProtect app on iOS, Android, Chrome OS and GlobalProtect UWP app are not affected.



