- How many CVEs does Palo Alto Networks have?
- Palo Alto Networks has 423 published CVE records since 2010, including 127 in the last two years.
- How many Palo Alto Networks CVEs are in CISA KEV?
- Yes — 17 of Palo Alto Networks's CVEs are listed in CISA's Known Exploited Vulnerabilities catalog, confirmed exploited in the wild and carrying a CISA remediation deadline.
- Which Palo Alto Networks products have the most CVEs?
- The Palo Alto Networks products with the most published CVEs are PAN-OS, Prisma Access, Cloud NGFW, GlobalProtect, GlobalProtect app.
- What are the most common weakness types in Palo Alto Networks CVEs?
- Palo Alto Networks's CVEs most often map to these CWE weakness types: CWE-78 (Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')), CWE-79 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')), CWE-754 (Improper Check for Unusual or Exceptional Conditions), CWE-532 (Insertion of Sensitive Information into Log File).
- Are there public exploits for Palo Alto Networks vulnerabilities?
- Yes — 35 of Palo Alto Networks's CVEs have a known public exploit.
- How many critical Palo Alto Networks vulnerabilities are there?
- Palo Alto Networks has 46 critical and 142 high-severity CVEs.
- What is the average severity of Palo Alto Networks CVEs?
- The average CVSS base score across Palo Alto Networks's scored CVEs is 6.6.