Find notable cyber news and cases, enriched with sources, timelines, and signals.

Palo Alto Networks security patch release for CVE-2026-0227

Security Patch Release
First reported
Last updated
Happening score
H score 80
2 unique sources, 2 articles

Summary

Hide ▲

Palo Alto Networks released security updates for CVE-2026-0227, a high-severity flaw in PAN-OS and Prisma Access affecting GlobalProtect Gateway and Portal configurations. The issue can let an unauthenticated attacker trigger a denial-of-service (DoS) condition that may push a firewall into maintenance mode. Palo Alto said there is a proof-of-concept exploit, making the patching priority higher for exposed deployments. There is no workaround to mitigate the flaw.

Related Happenings

SimpleHelp security update for CVE-2026-48558

Security Patch Release
H score65 First: 15.06.2026 23:06 Last: 15.06.2026 23:06 Sources 1

About this happening: **SimpleHelp** released **5.5.16** and **6.0 RC2** on **June 9** to fix **CVE-2026-48558**, a critical **OIDC** authentication flaw in **SimpleHelp remote management software** th...

SolarWinds Serv-U advisory and mitigations for CVE-2026-28318

Advisory/Mitigation
H score52 First: 06.06.2026 11:14 Last: 06.06.2026 11:14 Sources 1

About this happening: **SolarWinds Serv-U** mitigation guidance now covers **CVE-2026-28318**, reducing **unauthenticated DoS** risk from specially crafted POST requests. SolarWinds says the flaw is ad...

F5 security patch release for CVE-2026-42945

Security Patch Release
H score25 First: 14.05.2026 09:00 Last: 14.05.2026 09:00 Sources 1

About this happening: F5 released **security fixes** for **NGINX Plus** and **NGINX Open Source** after disclosing **multiple vulnerabilities**, including **CVE-2026-42945**. The patch release covers i...

Latest development: 17.05.2026 14:57

VulnCheck reported active exploitation of CVE-2026-42945 against NGINX Plus and NGINX Open, saying honeypot networks saw weaponized crafted HTTP requests that can crash worker processes and, when ASLR is disabled, enable remote code execution.

Fortinet security patch release for CVE-2026-44277

Security Patch Release
H score39 First: 12.05.2026 21:23 Last: 12.05.2026 21:23 Sources 1

About this happening: Fortinet released **security updates** for **FortiSandbox** and **FortiAuthenticator** to fix **two critical vulnerabilities** that could let an **unauthenticated attacker** execu...

Cisco security patch release for CVE-2026-20188

Security Patch Release
H score35 First: 06.05.2026 21:06 Last: 06.05.2026 21:06 Sources 1

About this happening: **Cisco** released security updates for **CVE-2026-20188**, a high-severity **DoS vulnerability** in **Crosswork Network Controller (CNC)** and **Network Services Orchestrator (NS...

Timeline

  1. 15.01.2026 10:18 2 articles · 5mo ago

    Palo Alto Networks releases fixes for CVE-2026-0227 in GlobalProtect

    Mitigation Patch Update

    Palo Alto Networks released security updates for CVE-2026-0227, a high-severity denial-of-service flaw in PAN-OS and Prisma Access affecting GlobalProtect Gateway and Portal configurations. The issue can let an unauthenticated attacker trigger a DoS condition that may force a firewall into maintenance mode, and Palo Alto Networks said a proof-of-concept exploit exists. The vulnerability applies only to PAN-OS NGFW or Prisma Access deployments with an enabled GlobalProtect gateway or portal, does not affect the company's Cloud Next-Generation Firewall, and has no workaround.

    Show sources