CVE-2026-0251

Severity CVSS v4.0:
MEDIUM
Type:
CWE-426 Untrusted Search Path
Publication date:
13/05/2026
Last modified:
14/05/2026

Description

Multiple local privilege escalation vulnerabilities in the Palo Alto Networks GlobalProtect™ app allow a local user to escalate their privileges to NT AUTHORITY\SYSTEM on Windows and root on macOS and Linux. This enables a non-administrative user to execute arbitrary commands with administrative privileges.<br /> <br /> The GlobalProtect app on iOS, Android, Chrome OS and GlobalProtect UWP app are not affected.

References to Advisories, Solutions, and Tools