{"cve":{"cve_id":"CVE-2026-0242","is_kev":false,"kev_date_added":null,"kev_vendor_project":null,"kev_product":null,"kev_vulnerability_name":null,"kev_short_description":null,"kev_required_action":null,"kev_due_date":null,"kev_known_ransomware":null,"kev_notes":null,"kev_cwes":null,"epss_score":0.00248,"epss_percentile":0.15843,"epss_as_of":"2026-06-23","description":"A SQL injection vulnerability in Trust Protection Foundation allows an authenticated attacker to execute arbitrary SQL commands against the product database. Successful exploitation could allow an attacker to read sensitive data, modify database contents, and escalate privileges to gain full administrative control of the platform.","published_at":"2026-05-13T19:04:52.841000Z","last_modified_at":null,"cvss_v3_score":null,"cvss_v3_vector":null,"cvss_v3_severity":null,"cvss_v4_score":6.1,"cvss_v4_vector":"CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:N/E:U/AU:Y/R:U/V:C/RE:M/U:Amber","cvss_v4_severity":"MEDIUM","ssvc_decision":null,"ssvc_exploitation":null,"ssvc_automatable":null,"ssvc_technical_impact":null,"cwes":["CWE-89"],"nvd_references":["https://security.paloaltonetworks.com/CVE-2026-0242"],"vuln_status":null,"trending_score":null,"is_trending":false,"has_trended":false,"trended_number_one":false,"trending_peak_score":null,"trending_peak_rank":null,"started_trending_at":null,"trended_number_one_at":null,"summary_generated":null,"summary_generated_at":null,"summary_model":null,"created_at":"2026-06-24T00:09:39.878444Z","updated_at":"2026-06-28T23:28:46.251824Z"},"effective_severity":"MEDIUM","badges":[],"impact_analysis":[],"cvss_v3_decoded":{"version":null,"metrics":[]},"cvss_v4_decoded":{"version":"4.0","metrics":[{"metric":"AV","name":"Attack Vector","value":"A","value_label":"Adjacent"},{"metric":"AC","name":"Attack Complexity","value":"L","value_label":"Low"},{"metric":"AT","name":"Attack Requirements","value":"N","value_label":"None"},{"metric":"PR","name":"Privileges Required","value":"L","value_label":"Low"},{"metric":"UI","name":"User Interaction","value":"N","value_label":"None"},{"metric":"VC","name":"Confidentiality (Vulnerable System)","value":"H","value_label":"High"},{"metric":"VI","name":"Integrity (Vulnerable System)","value":"H","value_label":"High"},{"metric":"VA","name":"Availability (Vulnerable System)","value":"H","value_label":"High"},{"metric":"SC","name":"Confidentiality (Subsequent System)","value":"L","value_label":"Low"},{"metric":"SI","name":"Integrity (Subsequent System)","value":"L","value_label":"Low"},{"metric":"SA","name":"Availability (Subsequent System)","value":"N","value_label":"None"},{"metric":"E","name":"E","value":"U","value_label":"Unchanged"},{"metric":"AU","name":"AU","value":"Y","value_label":"Y"},{"metric":"R","name":"R","value":"U","value_label":"Unchanged"},{"metric":"V","name":"V","value":"C","value_label":"Changed"},{"metric":"RE","name":"RE","value":"M","value_label":"M"},{"metric":"U","name":"U","value":"Amber","value_label":"Amber"}]},"affected":[{"vendor_slug":"palo-alto-networks","vendor_name":"Palo Alto Networks","product_slug":"trust-protection-foundation","product_name":"Trust Protection Foundation","version_start":"25.3.0","version_start_inclusive":true,"version_end":"25.3.3","version_end_inclusive":false,"cpe23_uri":"cve5:palo-alto-networks:trust-protection-foundation:25.3.0:25.3.3"},{"vendor_slug":"palo-alto-networks","vendor_name":"Palo Alto Networks","product_slug":"trust-protection-foundation","product_name":"Trust Protection Foundation","version_start":"25.1.0","version_start_inclusive":true,"version_end":"25.1.8","version_end_inclusive":false,"cpe23_uri":"cve5:palo-alto-networks:trust-protection-foundation:25.1.0:25.1.8"},{"vendor_slug":"palo-alto-networks","vendor_name":"Palo Alto Networks","product_slug":"trust-protection-foundation","product_name":"Trust Protection Foundation","version_start":"24.3.0","version_start_inclusive":true,"version_end":"24.3.6","version_end_inclusive":false,"cpe23_uri":"cve5:palo-alto-networks:trust-protection-foundation:24.3.0:24.3.6"},{"vendor_slug":"palo-alto-networks","vendor_name":"Palo Alto Networks","product_slug":"trust-protection-foundation","product_name":"Trust Protection Foundation","version_start":"24.1.0","version_start_inclusive":true,"version_end":"24.1.13","version_end_inclusive":false,"cpe23_uri":"cve5:palo-alto-networks:trust-protection-foundation:24.1.0:24.1.13"}],"exploit_refs":[],"news":[],"references":[{"url":"https://security.paloaltonetworks.com/CVE-2026-0242","source_type":"MISC","tags":[]}],"timeline":[{"type":"published","at":"2026-05-13T19:04:52.841000Z","label":"CVE published","source":null},{"type":"cvss_changed","at":"2026-06-28T17:50:21.811688Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:50:21.811688Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:50:21.811688Z","label":"CVSS score revised","source":"cvelistv5"}]}