VulnCheck KEV: CVE-2026-0257

Authentication bypass vulnerabilities in the GlobalProtect portal and gateway of Palo Alto Networks PAN-OS® software allows the attacker to bypass security restrictions and establish an unauthorized VPN connection. Panorama and Cloud NGFW are not impacted by these issues...

EUVD-2026-30108

Multiple denial of service vulnerabilities in Palo Alto Networks PAN-OS® software allow an unauthenticated attacker with network access to cause a denial of service DoS condition by sending specially crafted network traffic. Panorama and Cloud NGFW are not impacted by these vulnerabilities...

CVE-2026-0261

Multiple command injection vulnerabilities in Palo Alto Networks PAN-OS® software enable an authenticated administrator to bypass system restrictions and run arbitrary commands as a root user. To be able to exploit this issue, the user must have access to the PAN-OS CLI or Web UI. The security ri...

CVE-2026-0262

CVE-2026-0262 refers to multiple denial of service vulnerabilities in Palo Alto Networks PAN-OS software. An unauthenticated attacker with network access can cause a DoS by sending specially crafted network traffic. The issues do not affect Panorama or Cloud NGFW. The provided documents do not in...

CVE-2026-0262 PAN-OS: Denial of Service Vulnerabilities in Network Traffic Parsing

Multiple denial of service vulnerabilities in Palo Alto Networks PAN-OS® software allow an unauthenticated attacker with network access to cause a denial of service DoS condition by sending specially crafted network traffic. Panorama and Cloud NGFW are not impacted by these vulnerabilities...

Palo Alto Networks PAN-OS 10.2.x / 11.1.x / 11.2.x / 12.1.x Vulnerability

The version of Palo Alto Networks PAN-OS running on the remote host is a vulnerable version of 10.2.x, 11.1.x, 11.2.x, or 12.1.x. It is, therefore, affected by a vulnerability. Authentication bypass vulnerabilities in the GlobalProtect portal and gateway of Palo Alto Networks PAN- OS software...

Palo Alto Networks PAN-OS 10.2.x / 11.1.x / 11.2.x / 12.1.x Vulnerability

The version of Palo Alto Networks PAN-OS running on the remote host is a vulnerable version of 10.2.x, 11.1.x, 11.2.x, or 12.1.x. It is, therefore, affected by a vulnerability. An authentication bypass vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacker with...

PT-2026-40758

Multiple denial of service vulnerabilities in Palo Alto Networks PAN-OS® software allow an unauthenticated attacker with network access to cause a denial of service DoS condition by sending specially crafted network traffic. Panorama and Cloud NGFW are not impacted by these vulnerabilities...

Palo Alto Networks PAN-OS 安全漏洞

Palo Alto Networks PAN-OS is an operating system developed by Palo Alto Networks for its firewall devices. There is a security vulnerability in Palo Alto Networks PAN-OS, which stems from buffer overflows in the DNS proxy and DNS server functions. This vulnerability could allow unauthenticated...

PT-2026-40755

Name of the Vulnerable Software and Affected Versions Palo Alto Networks PAN-OS affected versions not specified Description A server-side request forgery SSRF issue in the IKEv2 implementation allows an unauthenticated attacker to force the firewall to send network requests to unintended...

Palo Alto Networks PAN-OS 10.2.x / 11.1.x / 11.2.x / 12.1.x Vulnerability

The version of Palo Alto Networks PAN-OS running on the remote host is a vulnerable version of 10.2.x, 11.1.x, 11.2.x, or 12.1.x. It is, therefore, affected by a vulnerability. Multiple command injection vulnerabilities in Palo Alto Networks PAN-OS software enable an authenticated administrator t...

PT-2026-40754

Name of the Vulnerable Software and Affected Versions PAN-OS versions prior to 10.2.18-h6 PAN-OS versions prior to 11.2.12 PAN-OS versions prior to 12.1.7 Prisma Access affected versions not specified Description Authentication bypass flaws in the GlobalProtect portal and gateway allow a remote,...

CVE-2026-0229

A denial-of-service DoS vulnerability in the Advanced DNS Security ADNS feature of Palo Alto Networks PAN-OS® software enables an unauthenticated attacker to initiate system reboots using a maliciously crafted packet. Repeated attempts to initiate a reboot causes the firewall to enter maintenance...

CVE-2026-0229

CVE-2026-0229 is a DoS vulnerability in the Advanced DNS Security (ADNS) feature of Palo Alto Networks PAN-OS software. It allows an unauthenticated attacker to reboot the firewall by sending a maliciously crafted packet; repeated reboot attempts can drive the device into maintenance mode. Cloud ...

PT-2026-7632

Name of the Vulnerable Software and Affected Versions Palo Alto Networks PAN-OS versions affected versions not specified Description A denial-of-service DoS condition exists in the Advanced DNS Security ADNS feature of Palo Alto Networks PAN-OS software. An unauthenticated attacker can exploit th...

EUVD-2025-175383

A denial-of-service DoS vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to reboot a firewall by sending a specially crafted packet through the dataplane. Repeated attempts to initiate a reboot causes the firewall to enter maintenance mode. This issue is...

CVE-2025-4619

CVE-2025-4619 describes a DoS in Palo Alto Networks PAN-OS where an unauthenticated attacker can reboot a firewall by sending a specially crafted dataplane packet, with repeated attempts causing maintenance mode. Affected products include PAN-OS running on PA-Series firewalls, VM-Series firewalls...

EUVD-2025-33583

An improper input neutralization vulnerability in the management web interface of the Palo Alto Networks PAN-OS® software enables an authenticated administrator to bypass system restrictions and execute arbitrary commands. The security risk posed by this issue is significantly minimized when CLI...

CVE-2025-4614

An information disclosure vulnerability in Palo Alto Networks PAN-OS® software enables an authenticated administrator to view session tokens of users authenticated to the firewall web UI. This may allow impersonation of users whose session tokens are leaked. The security risk posed by this issue...

CVE-2025-4615 PAN-OS: Improper Neutralization of Input in the Management Web Interface

An improper input neutralization vulnerability in the management web interface of the Palo Alto Networks PAN-OS® software enables an authenticated administrator to bypass system restrictions and execute arbitrary commands. The security risk posed by this issue is significantly minimized when CLI...