Serial number: AV26-462
Date: May 13, 2026
Updated: May 29, 2026
On May 13, 2026, Palo Alto Networks published security advisories to address vulnerabilities in the following products:
- PAN-OS 12.1 – versions prior to 12.1.4-h5
- PAN-OS 12.1 – versions prior to 12.1.7
- PAN-OS 11.2 – multiple versions
- PAN-OS 11.1 – multiple versions
- PAN-OS 10.2 – multiple versions
Update 1
On May 29, 2026, Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-0257 to their Known Exploited Vulnerabilities (KEV) Database.
Impacted products for CVE-2026-0257:
- PAN-OS 12.1 – versions prior to 12.1.4-h6
- PAN-OS 12.1 – versions prior to 12.1.7
- PAN-OS 11.2 – multiple versions
- PAN-OS 11.1 – multiple versions
- PAN-OS 10.2 – multiple versions
- Prisma Access 11.2.0 – versions prior to 11.2.7-h13
- Prisma Access 10.2.0 – versions prior to 10.2.10-h36
The Cyber Centre encourages users and administrators to review the provided web links, perform the suggested mitigations and apply the necessary updates.
- CVE-2026-0265 PAN-OS: Authentication Bypass with Cloud Authentication Service (CAS) enabled
- CVE-2026-0264 PAN-OS: Heap-Based Buffer Overflow in DNS Proxy and DNS Server Allows Unauthenticated Remote Code Execution
- CVE-2026-0263 PAN-OS: Remote Code Execution (RCE) in IKEv2 Processing
- Palo Alto Network Security Advisories
- CVE-2026-0257 PAN-OS: GlobalProtect Authentication Bypass Vulnerabilities
- CISA KEV: CVE-2026-0257