CVE Vulnerabilities

CVE-2026-0233

Improper Certificate Validation

Published: Apr 13, 2026 | Modified: Jul 07, 2026
CVSS 3.x
8.8
HIGH
Source:
NVD
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu
root.io logo minimus.io logo echo.ai logo

A certificate validation vulnerability in Palo Alto Networks Autonomous Digital Experience Manager on Windows allows an unauthenticated attacker with adjacent network access to execute arbitrary code with NT AUTHORITYSYSTEM privileges.

Weakness

The product does not validate, or incorrectly validates, a certificate.

Affected Software

NameVendorStart VersionEnd Version
Autonomous_digital_experience_managerPaloaltonetworks5.10.0 (including)5.10.14 (excluding)

Potential Mitigations

References