PatchSiren cyber security CVE debrief
CVE-2026-0267 Palo Alto Networks CVE debrief
CVE-2026-0267 is a MEDIUM-severity vulnerability in the Palo Alto Networks GlobalProtect app on macOS. The vulnerability enables a local user to learn the configured passcodes for disabling, disconnecting, or uninstalling the GlobalProtect app. After obtaining the passcode, the user can perform these actions even if the GlobalProtect app configuration would not normally permit them to do so. The vulnerability has a CVSS score of 4.4.
- Vendor
- Palo Alto Networks
- Product
- GlobalProtect
- CVSS
- MEDIUM 4.4
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-10
- Original CVE updated
- 2026-06-11
- Advisory published
- 2026-06-10
- Advisory updated
- 2026-06-11
Who should care
Users of Palo Alto Networks GlobalProtect app on macOS should be aware of this vulnerability and take necessary actions to mitigate it.
Technical summary
The vulnerability is caused by an information exposure issue in the Palo Alto Networks GlobalProtect app on macOS. A local user can exploit this vulnerability to learn the configured passcodes for disabling, disconnecting, or uninstalling the GlobalProtect app.
Defensive priority
MEDIUM
Recommended defensive actions
- Apply patches or updates provided by Palo Alto Networks to fix the vulnerability.
- Restrict access to the GlobalProtect app configuration to prevent unauthorized users from learning the passcodes.
- Monitor the GlobalProtect app logs for suspicious activity.
Evidence notes
The CVE record and NVD detail pages provide information about the vulnerability.
Official resources
CVE-2026-0267 was published on 2026-06-10T22:16:53.187Z and modified on 2026-06-11T15:21:30.653Z.