CVE-2026-0265 PAN-OS: Authentication Bypass with Cloud Authentication Service (CAS) enabled (Severity: HIGH)

CVE-2026-0262 PAN-OS: Denial of Service Vulnerabilities in Network Traffic Parsing (Severity: MEDIUM)

CVE-2026-0258 PAN-OS: Server-Side Request Forgery (SSRF) in IKEv2 Certificate URL Fetching (Severity: MEDIUM)

CVE-2026-0259 WildFire WF-500 and WF-500-B: Arbitrary File Read and Delete Vulnerability in WildFire Appliance (WF-500, WF-500-B) (Severity: MEDIUM)

CVE-2026-0261 PAN-OS: Authenticated Admin Command Injection Vulnerability (Severity: MEDIUM)

CVE-2026-0256 PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in the Web Interface (Severity: MEDIUM)

CVE-2026-0264 PAN-OS: Heap-Based Buffer Overflow in DNS Proxy and DNS Server Allows Unauthenticated Remote Code Execution (Severity: HIGH)

CVE-2026-0257 PAN-OS: GlobalProtect Authentication Bypass Vulnerabilities (Severity: MEDIUM)

CVE-2026-0251 GlobalProtect App: Local Privilege Escalation Vulnerabilities (Severity: MEDIUM)

CVE-2026-0300 PAN-OS: Unauthenticated user initiated Buffer Overflow Vulnerability in User-ID™ Authentication Portal (Severity: CRITICAL)

GlobalProtect App 是 Palo Alto Networks 提供的远程接入 VPN 客户端，用于连接企业的 Portal 或 Gateway。该漏洞（CVE-2026-0250）被标记为缓冲区溢出，在连接过程中触发。由于公告未提供详细信息，但缓冲区溢出通常可被远程攻击者利用，导致拒绝服务或潜在的任意代码执行。严重性评估为中等。建议用户及时关注官方安全公告并应用修复补丁。

PAN-SA-2026-0007 Chromium and Prisma Browser: Monthly Vulnerability Update (May 2026) (Severity: MEDIUM)

CVE-2026-0247 Prisma Access Agent Endpoint DLP: Authorization Bypass Vulnerabilities (Severity: MEDIUM)

CVE-2026-0248 Prisma Access Agent: Improper Certificate Validation Vulnerability (Severity: MEDIUM)

CVE-2026-0238 Broker VM: Improper Input Validation in Broker VM Certificate and Key Fields (Severity: LOW)

CVE-2026-0246 Prisma Access Agent: Local Privilege Escalation Vulnerability (Severity: MEDIUM)

CVE-2026-0240 Trust Protection Foundation: Sensitive Information Disclosure Vulnerability (Severity: MEDIUM)

CVE-2026-0241 Trust Protection Foundation: Multiple Authorization Bypass Vulnerabilities (Severity: MEDIUM)

CVE-2026-0242 Trust Protection Foundation: SQL Injection Vulnerability (Severity: MEDIUM)

CVE-2026-0244 Prisma SD-WAN: Improper Certificate Validation Vulnerability (Severity: MEDIUM)

CVE-2026-0239 Chronosphere Chronocollector Information Disclosure Vulnerability (Severity: MEDIUM)

CVE-2026-0263 PAN-OS: Remote Code Execution (RCE) in IKEv2 Processing (Severity: HIGH)

CVE-2026-0249 GlobalProtect App: Certificate Validation Bypass Vulnerabilities (Severity: MEDIUM)

CVE-2026-0245 Prisma Access Agent: Information Disclosure Vulnerabilities (Severity: MEDIUM)

CVE-2026-0243 Prisma SD-WAN: Denial of Service (DoS) Vulnerability Through IPv6 Crafted Packet (Severity: MEDIUM)

该论文针对互联网流量中占比最大的视频流流量，指出目前在基于仿真的测试平台上缺乏能够生成代表性、可复现视频流流量的工具。作者提出了用于创建此类流量的工具集，以支持下一代流量分类、服务质量（QoS）算法和流量工程系统的评估。论文介绍了27种不同的视频流流量类型组合，作为初步工作，并通过实验展示了这些协议在网络层面的动态多样性。核心贡献包括：提供开源工具链、定义流量生成参数、以及验证生成流量的可复现性。适合网络研究人员、流量分析工程师和QoS算法开发者阅读。