CVE-2026-0262

CVE-2026-0262 refers to multiple denial of service vulnerabilities in Palo Alto Networks PAN-OS software. An unauthenticated attacker with network access can cause a DoS by sending specially crafted network traffic. The issues do not affect Panorama or Cloud NGFW. The provided documents do not in...

PT-2026-40758

Multiple denial of service vulnerabilities in Palo Alto Networks PAN-OS® software allow an unauthenticated attacker with network access to cause a denial of service DoS condition by sending specially crafted network traffic. Panorama and Cloud NGFW are not impacted by these vulnerabilities...

CVE-2026-0229

A denial-of-service DoS vulnerability in the Advanced DNS Security ADNS feature of Palo Alto Networks PAN-OS® software enables an unauthenticated attacker to initiate system reboots using a maliciously crafted packet. Repeated attempts to initiate a reboot causes the firewall to enter maintenance...

CVE-2026-0229

CVE-2026-0229 is a DoS vulnerability in the Advanced DNS Security (ADNS) feature of Palo Alto Networks PAN-OS software. It allows an unauthenticated attacker to reboot the firewall by sending a maliciously crafted packet; repeated reboot attempts can drive the device into maintenance mode. Cloud ...

PT-2026-7632

Name of the Vulnerable Software and Affected Versions Palo Alto Networks PAN-OS versions affected versions not specified Description A denial-of-service DoS condition exists in the Advanced DNS Security ADNS feature of Palo Alto Networks PAN-OS software. An unauthenticated attacker can exploit th...

CVE-2025-4614

An information disclosure vulnerability in Palo Alto Networks PAN-OS® software enables an authenticated administrator to view session tokens of users authenticated to the firewall web UI. This may allow impersonation of users whose session tokens are leaked. The security risk posed by this issue...

CVE-2025-4614 PAN-OS: Session Token Disclosure Vulnerability

An information disclosure vulnerability in Palo Alto Networks PAN-OS® software enables an authenticated administrator to view session tokens of users authenticated to the firewall web UI. This may allow impersonation of users whose session tokens are leaked. The security risk posed by this issue...

CVE-2025-4231

A command injection vulnerability in Palo Alto Networks PAN-OS® enables an authenticated administrative user to perform actions as the root user. The attacker must have network access to the management web interface and successfully authenticate to exploit this issue. Cloud NGFW and Prisma Access...

CVE-2025-0130

A missing exception check in Palo Alto Networks PAN-OS® software with the web proxy feature enabled allows an unauthenticated attacker to send a burst of maliciously crafted packets that causes the firewall to become unresponsive and eventually reboot. Repeated successful attempts to trigger this...