Submit finding

All findings

CVE-2026-0235 + 25 more high

Palo Alto Networks reports 26-CVE frontier-AI scan wave

Palo Alto Networks says its May 2026 Patch Wednesday wave covered 26 CVEs representing 75 issues after scanning more than 130 products with frontier AI models, including Anthropic Mythos, Claude Opus 4.7, and OpenAI GPT-5.5-Cyber.

Bug class
Vendor-scale frontier-AI vulnerability-discovery wave across PAN-OS, GlobalProtect, Prisma, Cortex, WildFire, Browser, and related products
Affected codebase
Palo Alto Networks products
Credited system
Palo Alto frontier AI scan
Disclosed
May 13, 2026
Attribution
Self-reported attribution
Severity
high
Source status: Palo Alto Networks' May 13, 2026 post says the majority of that month's Patch Wednesday findings resulted from frontier AI models scanning more than 130 products, and says the advisory wave covered 26 CVEs representing 75 issues. Palo Alto does not publish a per-CVE model attribution map, so this entry records the wave rather than assigning individual CVEs to Mythos, Claude Opus, OpenAI GPT-5.5-Cyber, or a specific harness.

Summary

Palo Alto Networks’ May 13, 2026 update says the company tested Anthropic’s Mythos, Claude Opus 4.7, and OpenAI’s GPT-5.5-Cyber, and that its May Patch Wednesday advisories were the first cycle where the majority of findings came from frontier AI models scanning Palo Alto’s code.

The same post says the scan covered more than 130 products and that the advisory wave covered 26 CVEs representing 75 issues, compared with a usual monthly volume of fewer than five CVEs. Palo Alto says important SaaS-delivered issues had been patched and customer-operated products had patches available.

Public CVE Set

The public advisory set can be reconstructed from Palo Alto’s advisory CSV and the May Prisma Browser bulletin. It includes 23 individual CVE advisory pages published on May 13, plus three Prisma Browser CVEs embedded in PAN-SA-2026-0007:

The highest-scoring advisory pages in the public set include PAN-OS authentication bypass, DNS proxy/server heap buffer overflow, and IKEv2 remote code execution issues with CVSS-B base scores of 9.2. Palo Alto’s advisory UI labels the wave with its own CVSS-BT driven severities, so Bugflation records the cluster as high impact rather than treating every CVSS-B 9.x item as a separate critical AI-attributed finding.

Attribution Boundary

This is a self-reported AI-attributed entry. Palo Alto is a primary source for the claim that frontier AI models drove the majority of the May Patch Wednesday findings. The public advisories and CSV corroborate the vulnerability records, affected products, fixes, and dates.

The missing piece is exact attribution. Palo Alto does not say which specific CVEs were found by Mythos, Claude Opus 4.7, GPT-5.5-Cyber, a Palo Alto harness, or traditional internal/external research. Many individual advisory pages use generic acknowledgments such as internal security research teams, external researchers, or both. Bugflation therefore counts the wave as relevant evidence while explicitly not assigning individual CVEs to a specific model.

Why it matters

This is an important bugflation entry even with imperfect attribution. It is a major security vendor reporting a step-change in disclosure volume after frontier-model scanning of its own product portfolio. The operational signal is the same as in Microsoft’s MDASH and Anthropic’s CVD dashboard: once vendors can aim stronger models at mature codebases, patch and validation capacity becomes the constraint.

References

Catalogued in the Bugflation public ledger. Disagree with the attribution or severity label? Email the desk.