Serial number: AV26-462
Date: May 13, 2026
On May 13, 2026, Palo Alto Networks published security advisories to address vulnerabilities in the following products:
- PAN-OS 12.1 – versions prior to 12.1.4-h5
- PAN-OS 12.1 – versions prior to 12.1.7
- PAN-OS 11.2 – multiple versions
- PAN-OS 11.1 – multiple versions
- PAN-OS 10.2 – multiple versions
The Cyber Centre encourages users and administrators to review the provided web links, perform the suggested mitigations and apply the necessary updates.
- CVE-2026-0265 PAN-OS: Authentication Bypass with Cloud Authentication Service (CAS) enabled
- CVE-2026-0264 PAN-OS: Heap-Based Buffer Overflow in DNS Proxy and DNS Server Allows Unauthenticated Remote Code Execution
- CVE-2026-0263 PAN-OS: Remote Code Execution (RCE) in IKEv2 Processing
- Palo Alto Network Security Advisories