PALO ALTO: 📅 Published on June 13, 2026

PALO ALTO Security Advisory

Published Date: June 13, 2026

CVE: CVE-2026-0249

Advisory Summary

⬢ CVE-2026-0249: GlobalProtect App Certificate Validation Bypass Vulnerabilities

Palo Alto Networks has disclosed medium-severity vulnerabilities in their GlobalProtect App that allow attackers to bypass certificate validation mechanisms. This flaw could potentially enable man-in-the-middle (MITM) attacks, compromising secure connections and exposing sensitive data transmitted through the VPN client.

Security professionals and administrators using GlobalProtect are advised to prioritize patching and updating to the latest version where these vulnerabilities have been addressed. Ensuring robust certificate validation is critical to maintaining trust and integrity in encrypted communications across enterprise environments.

Immediate action will mitigate risk and maintain the reliability of secure remote access solutions vital for organizational security postures.

• Apply the provided patches from Palo Alto Networks without delay.
• Review certificate handling policies within GlobalProtect configurations.
• Monitor network traffic for any unusual certificate or connection anomalies.

Reference: Vendor Advisory