Palo Alto Networks Discloses 26 CVEs as AI Scans Uncover 75 Issues Across 130 Products
Updated
Updated · paloaltonetworks.com · May 13
Palo Alto Networks Discloses 26 CVEs as AI Scans Uncover 75 Issues Across 130 Products
8 articles · Updated · paloaltonetworks.com · May 13
26 CVEs covering 75 issues were disclosed in Palo Alto Networks' May Patch Wednesday release, far above its usual fewer than 5 CVEs a month.
Frontier AI models produced most of those findings for the first time after an initial scan of more than 130 products across the company's platforms.
Palo Alto said all important vulnerabilities in SaaS products have been patched and fixes are available for customer-operated products, with no disclosed flaws currently exploited in the wild.
Testing of Anthropic and OpenAI models showed capability varies by model, pushing Palo Alto toward a multimodel scanning approach and repeated rescans with added context and threat intelligence.
The company now sees a narrow 3-to-5-month window for organizations to fix exposures before AI-driven exploits become commonplace and says AI-based detection, patching and security operations must accelerate.
With AI finding decades-old security flaws, is our entire digital infrastructure on the verge of collapse?
As AI automates hacking for just $50, can small businesses survive the coming 'vulnerability deluge'?
When an autonomous AI launches a catastrophic cyberattack, who is ultimately held responsible?
AI-Accelerated Cybersecurity in 2026: Zero-Day Threats, Infinite Vulnerabilities, and the Urgent Need for Governance
Overview
In May 2026, a critical zero-day vulnerability, CVE-2026-0300, was discovered in Palo Alto Networks products and was quickly exploited in the wild. These attacks, which targeted edge network devices, showed clear signs of being carried out by state-sponsored hacking groups, with strong indications pointing to Chinese state actors. The exploitation of this vulnerability by well-resourced adversaries poses a significant risk to national security and critical infrastructure, highlighting the urgent need for organizations to strengthen the security of their perimeter devices and adapt to the evolving threat landscape.