Palo Alto Networks security patch release for CVE-2026-0227
Security Patch Release
Summary
Hide ▲
Show ▼
Palo Alto Networks released security updates for CVE-2026-0227, a high-severity flaw in PAN-OS and Prisma Access affecting GlobalProtect Gateway and Portal configurations. The issue can let an unauthenticated attacker trigger a denial-of-service (DoS) condition that may push a firewall into maintenance mode. Palo Alto said there is a proof-of-concept exploit, making the patching priority higher for exposed deployments. There is no workaround to mitigate the flaw.
Related Happenings
SimpleHelp security update for CVE-2026-48558
Security Patch Release
H score65
First: 15.06.2026 23:06
Last: 15.06.2026 23:06
Sources 1
About this happening:
**SimpleHelp** released **5.5.16** and **6.0 RC2** on **June 9** to fix **CVE-2026-48558**, a critical **OIDC** authentication flaw in **SimpleHelp remote management software** th...
SimpleHelp security update for CVE-2026-48558
Security Patch ReleaseAbout this happening: **SimpleHelp** released **5.5.16** and **6.0 RC2** on **June 9** to fix **CVE-2026-48558**, a critical **OIDC** authentication flaw in **SimpleHelp remote management software** th...
SolarWinds Serv-U advisory and mitigations for CVE-2026-28318
Advisory/Mitigation
H score52
First: 06.06.2026 11:14
Last: 06.06.2026 11:14
Sources 1
About this happening:
**SolarWinds Serv-U** mitigation guidance now covers **CVE-2026-28318**, reducing **unauthenticated DoS** risk from specially crafted POST requests. SolarWinds says the flaw is ad...
SolarWinds Serv-U advisory and mitigations for CVE-2026-28318
Advisory/MitigationAbout this happening: **SolarWinds Serv-U** mitigation guidance now covers **CVE-2026-28318**, reducing **unauthenticated DoS** risk from specially crafted POST requests. SolarWinds says the flaw is ad...
F5 security patch release for CVE-2026-42945
Security Patch Release
H score25
First: 14.05.2026 09:00
Last: 14.05.2026 09:00
Sources 1
About this happening:
F5 released **security fixes** for **NGINX Plus** and **NGINX Open Source** after disclosing **multiple vulnerabilities**, including **CVE-2026-42945**. The patch release covers i...
F5 security patch release for CVE-2026-42945
Security Patch ReleaseAbout this happening: F5 released **security fixes** for **NGINX Plus** and **NGINX Open Source** after disclosing **multiple vulnerabilities**, including **CVE-2026-42945**. The patch release covers i...
Latest development: 17.05.2026 14:57
VulnCheck reported active exploitation of CVE-2026-42945 against NGINX Plus and NGINX Open, saying honeypot networks saw weaponized crafted HTTP requests that can crash worker processes and, when ASLR is disabled, enable remote code execution.
Fortinet security patch release for CVE-2026-44277
Security Patch Release
H score39
First: 12.05.2026 21:23
Last: 12.05.2026 21:23
Sources 1
About this happening:
Fortinet released **security updates** for **FortiSandbox** and **FortiAuthenticator** to fix **two critical vulnerabilities** that could let an **unauthenticated attacker** execu...
Fortinet security patch release for CVE-2026-44277
Security Patch ReleaseAbout this happening: Fortinet released **security updates** for **FortiSandbox** and **FortiAuthenticator** to fix **two critical vulnerabilities** that could let an **unauthenticated attacker** execu...
Cisco security patch release for CVE-2026-20188
Security Patch Release
H score35
First: 06.05.2026 21:06
Last: 06.05.2026 21:06
Sources 1
About this happening:
**Cisco** released security updates for **CVE-2026-20188**, a high-severity **DoS vulnerability** in **Crosswork Network Controller (CNC)** and **Network Services Orchestrator (NS...
Cisco security patch release for CVE-2026-20188
Security Patch ReleaseAbout this happening: **Cisco** released security updates for **CVE-2026-20188**, a high-severity **DoS vulnerability** in **Crosswork Network Controller (CNC)** and **Network Services Orchestrator (NS...
Timeline
-
15.01.2026 10:18 2 articles · 5mo ago
Palo Alto Networks releases fixes for CVE-2026-0227 in GlobalProtect
Mitigation Patch UpdatePalo Alto Networks released security updates for CVE-2026-0227, a high-severity denial-of-service flaw in PAN-OS and Prisma Access affecting GlobalProtect Gateway and Portal configurations. The issue can let an unauthenticated attacker trigger a DoS condition that may force a firewall into maintenance mode, and Palo Alto Networks said a proof-of-concept exploit exists. The vulnerability applies only to PAN-OS NGFW or Prisma Access deployments with an enabled GlobalProtect gateway or portal, does not affect the company's Cloud Next-Generation Firewall, and has no workaround.
Show sources
- Palo Alto Fixes GlobalProtect DoS Flaw That Can Crash Firewalls Without Login — thehackernews.com — 15.01.2026 10:18
- Palo Alto Networks warns of DoS bug letting hackers disable firewalls — www.bleepingcomputer.com — 15.01.2026 11:02