Search

Find a vulnerability

Search criteria

    208 vulnerabilities found for Cloud NGFW by Palo Alto Networks

    CVE-2026-0287 (GCVE-0-2026-0287)

    Vulnerability from nvd – Published: 2026-07-09 18:51 – Updated: 2026-07-09 19:26
    VLAI
    Title
    PAN-OS: Denial of Service Vulnerabilities in Network Traffic Processing
    Summary
    Multiple denial of service vulnerabilities in Palo Alto Networks PAN-OS® software allow an unauthenticated attacker with network access to cause a denial of service (DoS) condition by sending specially crafted network traffic to or through a dataplane interface. Repeated attempts to trigger this condition result in the firewall entering maintenance mode. Panorama is not impacted by these vulnerabilities.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-754 - Improper Check for Unusual or Exceptional Conditions
    Assigner
    References
    Impacted products
    Vendor Product Version
    Palo Alto Networks Cloud NGFW Affected: All (custom)
    Create a notification for this product.
    Palo Alto Networks PAN-OS Affected: 12.1.0 , < 12.1.4-h8 (custom)
    Affected: 11.2.0 , < 11.2.4-h20 (custom)
    Affected: 11.1.0 , < 11.1.4-h35 (custom)
    Affected: 10.2.0 , < 10.2.7-h36 (custom)
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.7:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.7:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h16:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.15:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.14:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h28:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h27:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h26:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h25:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h34:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h33:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h32:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h29:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h25:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h23:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h22:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h20:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h19:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h34:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h33:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h32:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h27:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h25:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.17:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.15:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.14:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h22:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h16:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h37:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h36:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h31:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h30:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h27:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h26:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h23:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h35:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h34:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h32:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h24:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h23:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h22:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h20:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h19:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h16:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Palo Alto Networks Prisma Access Affected: 11.2.0 , < 11.2.7-h18 (custom)
    Affected: 10.2.0 , < 10.2.10-h39 (custom)
    Create a notification for this product.
    Date Public
    2026-07-08 16:00
    Credits
    our internal security research teams
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-0287",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-09T19:26:14.381516Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-09T19:26:20.257Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "platforms": [
                "AWS",
                "Azure"
              ],
              "product": "Cloud NGFW",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "status": "affected",
                  "version": "All",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.7:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.7:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h16:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.15:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.14:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h28:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h27:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h26:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h25:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h34:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h33:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h32:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h29:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h25:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h23:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h22:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h20:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h19:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h34:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h33:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h32:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h27:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h25:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.17:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.15:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.14:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h22:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h16:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h37:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h36:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h31:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h30:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h27:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h26:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h23:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h35:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h34:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h32:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h24:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h23:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h22:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h20:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h19:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h16:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "PAN-OS",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "12.1.4-h8",
                      "status": "unaffected"
                    },
                    {
                      "at": "12.1.7-h2",
                      "status": "unaffected"
                    },
                    {
                      "at": "12.1.8",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "12.1.4-h8",
                  "status": "affected",
                  "version": "12.1.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "11.2.4-h20",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.2.7-h18",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.2.10-h12",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.2.13",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "11.2.4-h20",
                  "status": "affected",
                  "version": "11.2.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "11.1.4-h35",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.6-h35",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.7-h8",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.10-h30",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.13-h9",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.16",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "11.1.4-h35",
                  "status": "affected",
                  "version": "11.1.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "10.2.7-h36",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.10-h39",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.13-h23",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.16-h9",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.18-h8",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "10.2.7-h36",
                  "status": "affected",
                  "version": "10.2.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Prisma Access",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "11.2.7-h18",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "11.2.7-h18",
                  "status": "affected",
                  "version": "11.2.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "10.2.10-h39",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "10.2.10-h39",
                  "status": "affected",
                  "version": "10.2.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "configurations": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "No special configuration is required to be affected by this issue."
                }
              ],
              "value": "No special configuration is required to be affected by this issue."
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:cloud_ngfw:*:*:*:*:*:AWS:*:*",
                      "versionStartIncluding": "all",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:cloud_ngfw:*:*:*:*:*:Azure:*:*",
                      "versionStartIncluding": "all",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "12.1.4-h8",
                      "versionStartIncluding": "12.1.4",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "12.1.7-h2",
                      "versionStartIncluding": "12.1.7",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "12.1.8",
                      "versionStartIncluding": "12.1.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.4-h20",
                      "versionStartIncluding": "11.2.4",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.7-h18",
                      "versionStartIncluding": "11.2.7",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.10-h12",
                      "versionStartIncluding": "11.2.10",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.13",
                      "versionStartIncluding": "11.2.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.4-h35",
                      "versionStartIncluding": "11.1.4",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.6-h35",
                      "versionStartIncluding": "11.1.6",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.7-h8",
                      "versionStartIncluding": "11.1.7",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.10-h30",
                      "versionStartIncluding": "11.1.10",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.13-h9",
                      "versionStartIncluding": "11.1.13",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.16",
                      "versionStartIncluding": "11.1.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.7-h36",
                      "versionStartIncluding": "10.2.7",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.10-h39",
                      "versionStartIncluding": "10.2.10",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.13-h23",
                      "versionStartIncluding": "10.2.13",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.16-h9",
                      "versionStartIncluding": "10.2.16",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.18-h8",
                      "versionStartIncluding": "10.2.18",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:prisma_access:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.7-h18",
                      "versionStartIncluding": "11.2.7",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:prisma_access:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.10-h39",
                      "versionStartIncluding": "10.2.10",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "our internal security research teams"
            }
          ],
          "datePublic": "2026-07-08T16:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Multiple denial of service vulnerabilities in Palo Alto Networks PAN-OS\u00ae software allow an unauthenticated attacker with network access to cause a denial of service (DoS) condition by sending specially crafted network traffic to or through a dataplane interface. Repeated attempts to trigger this condition result in the firewall entering maintenance mode.\u003cbr\u003e\u003cbr\u003ePanorama is not impacted by these vulnerabilities."
                }
              ],
              "value": "Multiple denial of service vulnerabilities in Palo Alto Networks PAN-OS\u00ae software allow an unauthenticated attacker with network access to cause a denial of service (DoS) condition by sending specially crafted network traffic to or through a dataplane interface. Repeated attempts to trigger this condition result in the firewall entering maintenance mode.\n\nPanorama is not impacted by these vulnerabilities."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
                }
              ],
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-153",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-153 Input Data Manipulation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NO",
                "Recovery": "USER",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 6.6,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "UNREPORTED",
                "privilegesRequired": "NONE",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "CONCENTRATED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:C/RE:M/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "MODERATE"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV4_0": {
                "Automatable": "NO",
                "Recovery": "USER",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "ADJACENT",
                "baseScore": 4.6,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "UNREPORTED",
                "privilegesRequired": "LOW",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "CONCENTRATED",
                "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:C/RE:M/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "MODERATE"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "The risk of exploitation is lower for Prisma Access as it requires an authenticated user and the external network access to the dataplane interface is restricted."
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-754",
                  "description": "CWE-754 Improper Check for Unusual or Exceptional Conditions",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-09T18:51:42.539Z",
            "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
            "shortName": "palo_alto"
          },
          "references": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2026-PAN-323400",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://security.paloaltonetworks.com/CVE-2026-0287"
            }
          ],
          "solutions": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003ctable\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eVersion\u003c/th\u003e\u003cth\u003eMinor Version Range\u003c/th\u003e\u003cth\u003eSuggested Solution\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003eCloud NGFW\u003c/td\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003eCustomers who prefer to upgrade can work with Palo Alto Networks support to schedule an on-demand software upgrade.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 12.1\u003c/td\u003e\u003ctd\u003e12.1.5 through 12.1.7-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 12.1.7-h2 or 12.1.8 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e12.1.2 through 12.1.4-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 12.1.4-h8 or 12.1.8 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 11.2\u003c/td\u003e\u003ctd\u003e11.2.11 through 11.2.12\u003c/td\u003e\u003ctd\u003eUpgrade to 11.2.13 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.2.8 through 11.2.10-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.2.10-h12 or 11.2.13 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.2.5 through 11.2.7-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.2.7-h18 or 11.2.13 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.2.0 through 11.2.4-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.2.4-h20 or 11.2.13 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 11.1\u003c/td\u003e\u003ctd\u003e11.1.14 through 11.1.15\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.16 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.1.11 through 11.1.13-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.13-h9 or 11.1.16 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.1.8 through 11.1.10-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.10-h30 or 11.1.16 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.1.7 through 11.1.7-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.7-h8 or 11.1.16 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.1.5 through 11.1.6-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.6-h35 or 11.1.16 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.1.0 through 11.1.4-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.4-h35 or 11.1.16 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 10.2\u003c/td\u003e\u003ctd\u003e10.2.17 through 10.2.18-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.18-h8 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e10.2.14 through 10.2.16-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.16-h9 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e10.2.11 through 10.2.13-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.13-h23 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e10.2.8 through 10.2.10-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.10-h39 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e10.2.0 through 10.2.7-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.7-h36 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eAll other older\u003cbr\u003eunsupported\u003cbr\u003ePAN-OS versions\u003c/td\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003eUpgrade to a supported fixed version.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePrisma Access 11.2\u003c/td\u003e\u003ctd\u003e11.2.0 through 11.2.7\u003c/td\u003e\u003ctd\u003eUpgrade to 11.2.7-h18 or later.*\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePrisma Access 10.2\u003c/td\u003e\u003ctd\u003e10.2.0 through 10.2.10\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.10-h39 or later.*\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003cbr\u003e* See the note under Product Status for information regarding Cloud NGFW and Prisma Access upgrades."
                }
              ],
              "value": "VersionMinor Version RangeSuggested SolutionCloud NGFW\nCustomers who prefer to upgrade can work with Palo Alto Networks support to schedule an on-demand software upgrade.PAN-OS 12.112.1.5 through 12.1.7-h*Upgrade to 12.1.7-h2 or 12.1.8 or later.\n12.1.2 through 12.1.4-h*Upgrade to 12.1.4-h8 or 12.1.8 or later.PAN-OS 11.211.2.11 through 11.2.12Upgrade to 11.2.13 or later.\n11.2.8 through 11.2.10-h*Upgrade to 11.2.10-h12 or 11.2.13 or later.\n11.2.5 through 11.2.7-h*Upgrade to 11.2.7-h18 or 11.2.13 or later.\n11.2.0 through 11.2.4-h*Upgrade to 11.2.4-h20 or 11.2.13 or later.PAN-OS 11.111.1.14 through 11.1.15Upgrade to 11.1.16 or later.\n11.1.11 through 11.1.13-h*Upgrade to 11.1.13-h9 or 11.1.16 or later.\n11.1.8 through 11.1.10-h*Upgrade to 11.1.10-h30 or 11.1.16 or later.\n11.1.7 through 11.1.7-h*Upgrade to 11.1.7-h8 or 11.1.16 or later.\n11.1.5 through 11.1.6-h*Upgrade to 11.1.6-h35 or 11.1.16 or later.\n11.1.0 through 11.1.4-h*Upgrade to 11.1.4-h35 or 11.1.16 or later.PAN-OS 10.210.2.17 through 10.2.18-h*Upgrade to 10.2.18-h8 or later.\n10.2.14 through 10.2.16-h*Upgrade to 10.2.16-h9 or later.\n10.2.11 through 10.2.13-h*Upgrade to 10.2.13-h23 or later.\n10.2.8 through 10.2.10-h*Upgrade to 10.2.10-h39 or later.\n10.2.0 through 10.2.7-h*Upgrade to 10.2.7-h36 or later.All other older\nunsupported\nPAN-OS versions\nUpgrade to a supported fixed version.Prisma Access 11.211.2.0 through 11.2.7Upgrade to 11.2.7-h18 or later.*Prisma Access 10.210.2.0 through 10.2.10Upgrade to 10.2.10-h39 or later.*\n* See the note under Product Status for information regarding Cloud NGFW and Prisma Access upgrades."
            }
          ],
          "source": {
            "discovery": "INTERNAL"
          },
          "timeline": [
            {
              "lang": "en",
              "time": "2026-07-08T16:00:00.000Z",
              "value": "Initial publication"
            }
          ],
          "title": "PAN-OS: Denial of Service Vulnerabilities in Network Traffic Processing",
          "workarounds": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "No known workarounds exist for this issue."
                }
              ],
              "value": "No known workarounds exist for this issue."
            }
          ],
          "x_affectedList": [
            "PAN-OS 12.1.7-h1",
            "PAN-OS 12.1.7",
            "PAN-OS 12.1.6",
            "PAN-OS 12.1.5",
            "PAN-OS 12.1.4-h7",
            "PAN-OS 12.1.4-h6",
            "PAN-OS 12.1.4-h5",
            "PAN-OS 12.1.4-h3",
            "PAN-OS 12.1.4-h2",
            "PAN-OS 12.1.4",
            "PAN-OS 12.1.3-h3",
            "PAN-OS 12.1.3-h1",
            "PAN-OS 12.1.3",
            "PAN-OS 12.1.2",
            "PAN-OS 11.2.12",
            "PAN-OS 11.2.11",
            "PAN-OS 11.2.10-h10",
            "PAN-OS 11.2.10-h9",
            "PAN-OS 11.2.10-h8",
            "PAN-OS 11.2.10-h7",
            "PAN-OS 11.2.10-h6",
            "PAN-OS 11.2.10-h5",
            "PAN-OS 11.2.10-h4",
            "PAN-OS 11.2.10-h3",
            "PAN-OS 11.2.10-h2",
            "PAN-OS 11.2.10-h1",
            "PAN-OS 11.2.10",
            "PAN-OS 11.2.9",
            "PAN-OS 11.2.8",
            "PAN-OS 11.2.7-h17",
            "PAN-OS 11.2.7-h16",
            "PAN-OS 11.2.7-h15",
            "PAN-OS 11.2.7-h14",
            "PAN-OS 11.2.7-h13",
            "PAN-OS 11.2.7-h12",
            "PAN-OS 11.2.7-h11",
            "PAN-OS 11.2.7-h10",
            "PAN-OS 11.2.7-h8",
            "PAN-OS 11.2.7-h7",
            "PAN-OS 11.2.7-h4",
            "PAN-OS 11.2.7-h3",
            "PAN-OS 11.2.7-h2",
            "PAN-OS 11.2.7-h1",
            "PAN-OS 11.2.7",
            "PAN-OS 11.2.6",
            "PAN-OS 11.2.5",
            "PAN-OS 11.2.4-h18",
            "PAN-OS 11.2.4-h17",
            "PAN-OS 11.2.4-h15",
            "PAN-OS 11.2.4-h14",
            "PAN-OS 11.2.4-h12",
            "PAN-OS 11.2.4-h11",
            "PAN-OS 11.2.4-h10",
            "PAN-OS 11.2.4-h9",
            "PAN-OS 11.2.4-h8",
            "PAN-OS 11.2.4-h7",
            "PAN-OS 11.2.4-h6",
            "PAN-OS 11.2.4-h5",
            "PAN-OS 11.2.4-h4",
            "PAN-OS 11.2.4-h3",
            "PAN-OS 11.2.4-h2",
            "PAN-OS 11.2.4-h1",
            "PAN-OS 11.2.4",
            "PAN-OS 11.2.3-h5",
            "PAN-OS 11.2.3-h4",
            "PAN-OS 11.2.3-h3",
            "PAN-OS 11.2.3-h2",
            "PAN-OS 11.2.3-h1",
            "PAN-OS 11.2.3",
            "PAN-OS 11.2.2-h2",
            "PAN-OS 11.2.2-h1",
            "PAN-OS 11.2.1-h1",
            "PAN-OS 11.2.1",
            "PAN-OS 11.2.0-h1",
            "PAN-OS 11.2.0",
            "PAN-OS 11.1.15",
            "PAN-OS 11.1.14",
            "PAN-OS 11.1.13-h8",
            "PAN-OS 11.1.13-h7",
            "PAN-OS 11.1.13-h6",
            "PAN-OS 11.1.13-h5",
            "PAN-OS 11.1.13-h3",
            "PAN-OS 11.1.13-h2",
            "PAN-OS 11.1.13-h1",
            "PAN-OS 11.1.13",
            "PAN-OS 11.1.12",
            "PAN-OS 11.1.11",
            "PAN-OS 11.1.10-h28",
            "PAN-OS 11.1.10-h27",
            "PAN-OS 11.1.10-h26",
            "PAN-OS 11.1.10-h25",
            "PAN-OS 11.1.10-h21",
            "PAN-OS 11.1.10-h12",
            "PAN-OS 11.1.10-h10",
            "PAN-OS 11.1.10-h9",
            "PAN-OS 11.1.10-h7",
            "PAN-OS 11.1.10-h5",
            "PAN-OS 11.1.10-h4",
            "PAN-OS 11.1.10-h1",
            "PAN-OS 11.1.10",
            "PAN-OS 11.1.9",
            "PAN-OS 11.1.8",
            "PAN-OS 11.1.6-h34",
            "PAN-OS 11.1.6-h33",
            "PAN-OS 11.1.6-h32",
            "PAN-OS 11.1.6-h29",
            "PAN-OS 11.1.6-h25",
            "PAN-OS 11.1.6-h23",
            "PAN-OS 11.1.6-h22",
            "PAN-OS 11.1.6-h21",
            "PAN-OS 11.1.6-h20",
            "PAN-OS 11.1.6-h19",
            "PAN-OS 11.1.6-h18",
            "PAN-OS 11.1.6-h17",
            "PAN-OS 11.1.6-h14",
            "PAN-OS 11.1.6-h10",
            "PAN-OS 11.1.6-h7",
            "PAN-OS 11.1.6-h6",
            "PAN-OS 11.1.6-h4",
            "PAN-OS 11.1.6-h3",
            "PAN-OS 11.1.6-h2",
            "PAN-OS 11.1.6-h1",
            "PAN-OS 11.1.6",
            "PAN-OS 11.1.5-h1",
            "PAN-OS 11.1.5",
            "PAN-OS 11.1.4-h34",
            "PAN-OS 11.1.4-h33",
            "PAN-OS 11.1.4-h32",
            "PAN-OS 11.1.4-h27",
            "PAN-OS 11.1.4-h25",
            "PAN-OS 11.1.4-h18",
            "PAN-OS 11.1.4-h17",
            "PAN-OS 11.1.4-h15",
            "PAN-OS 11.1.4-h13",
            "PAN-OS 11.1.4-h12",
            "PAN-OS 11.1.4-h11",
            "PAN-OS 11.1.4-h10",
            "PAN-OS 11.1.4-h9",
            "PAN-OS 11.1.4-h8",
            "PAN-OS 11.1.4-h7",
            "PAN-OS 11.1.4-h6",
            "PAN-OS 11.1.4-h5",
            "PAN-OS 11.1.4-h4",
            "PAN-OS 11.1.4-h3",
            "PAN-OS 11.1.4-h2",
            "PAN-OS 11.1.4-h1",
            "PAN-OS 11.1.4",
            "PAN-OS 11.1.3-h13",
            "PAN-OS 11.1.3-h12",
            "PAN-OS 11.1.3-h11",
            "PAN-OS 11.1.3-h10",
            "PAN-OS 11.1.3-h9",
            "PAN-OS 11.1.3-h8",
            "PAN-OS 11.1.3-h7",
            "PAN-OS 11.1.3-h6",
            "PAN-OS 11.1.3-h5",
            "PAN-OS 11.1.3-h4",
            "PAN-OS 11.1.3-h3",
            "PAN-OS 11.1.3-h2",
            "PAN-OS 11.1.3-h1",
            "PAN-OS 11.1.3",
            "PAN-OS 11.1.2-h18",
            "PAN-OS 11.1.2-h17",
            "PAN-OS 11.1.2-h16",
            "PAN-OS 11.1.2-h15",
            "PAN-OS 11.1.2-h14",
            "PAN-OS 11.1.2-h13",
            "PAN-OS 11.1.2-h12",
            "PAN-OS 11.1.2-h11",
            "PAN-OS 11.1.2-h10",
            "PAN-OS 11.1.2-h9",
            "PAN-OS 11.1.2-h8",
            "PAN-OS 11.1.2-h7",
            "PAN-OS 11.1.2-h6",
            "PAN-OS 11.1.2-h5",
            "PAN-OS 11.1.2-h4",
            "PAN-OS 11.1.2-h3",
            "PAN-OS 11.1.2-h2",
            "PAN-OS 11.1.2-h1",
            "PAN-OS 11.1.2",
            "PAN-OS 11.1.1-h2",
            "PAN-OS 11.1.1-h1",
            "PAN-OS 11.1.1",
            "PAN-OS 11.1.0-h4",
            "PAN-OS 11.1.0-h3",
            "PAN-OS 11.1.0-h2",
            "PAN-OS 11.1.0-h1",
            "PAN-OS 11.1.0",
            "PAN-OS 10.2.18-h7",
            "PAN-OS 10.2.18-h6",
            "PAN-OS 10.2.18-h5",
            "PAN-OS 10.2.18-h1",
            "PAN-OS 10.2.18",
            "PAN-OS 10.2.17",
            "PAN-OS 10.2.16-h8",
            "PAN-OS 10.2.16-h7",
            "PAN-OS 10.2.16-h6",
            "PAN-OS 10.2.16-h4",
            "PAN-OS 10.2.16-h1",
            "PAN-OS 10.2.16",
            "PAN-OS 10.2.15",
            "PAN-OS 10.2.14-h1",
            "PAN-OS 10.2.14",
            "PAN-OS 10.2.13-h22",
            "PAN-OS 10.2.13-h21",
            "PAN-OS 10.2.13-h18",
            "PAN-OS 10.2.13-h16",
            "PAN-OS 10.2.13-h15",
            "PAN-OS 10.2.13-h10",
            "PAN-OS 10.2.13-h7",
            "PAN-OS 10.2.13-h5",
            "PAN-OS 10.2.13-h4",
            "PAN-OS 10.2.13-h3",
            "PAN-OS 10.2.13-h2",
            "PAN-OS 10.2.13-h1",
            "PAN-OS 10.2.13",
            "PAN-OS 10.2.12-h6",
            "PAN-OS 10.2.12-h5",
            "PAN-OS 10.2.12-h4",
            "PAN-OS 10.2.12-h3",
            "PAN-OS 10.2.12-h2",
            "PAN-OS 10.2.12-h1",
            "PAN-OS 10.2.12",
            "PAN-OS 10.2.11-h13",
            "PAN-OS 10.2.11-h12",
            "PAN-OS 10.2.11-h11",
            "PAN-OS 10.2.11-h10",
            "PAN-OS 10.2.11-h9",
            "PAN-OS 10.2.11-h8",
            "PAN-OS 10.2.11-h7",
            "PAN-OS 10.2.11-h6",
            "PAN-OS 10.2.11-h5",
            "PAN-OS 10.2.11-h4",
            "PAN-OS 10.2.11-h3",
            "PAN-OS 10.2.11-h2",
            "PAN-OS 10.2.11-h1",
            "PAN-OS 10.2.11",
            "PAN-OS 10.2.10-h37",
            "PAN-OS 10.2.10-h36",
            "PAN-OS 10.2.10-h31",
            "PAN-OS 10.2.10-h30",
            "PAN-OS 10.2.10-h27",
            "PAN-OS 10.2.10-h26",
            "PAN-OS 10.2.10-h23",
            "PAN-OS 10.2.10-h21",
            "PAN-OS 10.2.10-h18",
            "PAN-OS 10.2.10-h17",
            "PAN-OS 10.2.10-h14",
            "PAN-OS 10.2.10-h13",
            "PAN-OS 10.2.10-h12",
            "PAN-OS 10.2.10-h11",
            "PAN-OS 10.2.10-h10",
            "PAN-OS 10.2.10-h9",
            "PAN-OS 10.2.10-h8",
            "PAN-OS 10.2.10-h7",
            "PAN-OS 10.2.10-h6",
            "PAN-OS 10.2.10-h5",
            "PAN-OS 10.2.10-h4",
            "PAN-OS 10.2.10-h3",
            "PAN-OS 10.2.10-h2",
            "PAN-OS 10.2.10-h1",
            "PAN-OS 10.2.10",
            "PAN-OS 10.2.9-h21",
            "PAN-OS 10.2.9-h20",
            "PAN-OS 10.2.9-h19",
            "PAN-OS 10.2.9-h18",
            "PAN-OS 10.2.9-h17",
            "PAN-OS 10.2.9-h16",
            "PAN-OS 10.2.9-h15",
            "PAN-OS 10.2.9-h14",
            "PAN-OS 10.2.9-h13",
            "PAN-OS 10.2.9-h12",
            "PAN-OS 10.2.9-h11",
            "PAN-OS 10.2.9-h10",
            "PAN-OS 10.2.9-h9",
            "PAN-OS 10.2.9-h8",
            "PAN-OS 10.2.9-h7",
            "PAN-OS 10.2.9-h6",
            "PAN-OS 10.2.9-h5",
            "PAN-OS 10.2.9-h4",
            "PAN-OS 10.2.9-h3",
            "PAN-OS 10.2.9-h2",
            "PAN-OS 10.2.9-h1",
            "PAN-OS 10.2.9",
            "PAN-OS 10.2.8-h21",
            "PAN-OS 10.2.8-h20",
            "PAN-OS 10.2.8-h19",
            "PAN-OS 10.2.8-h18",
            "PAN-OS 10.2.8-h17",
            "PAN-OS 10.2.8-h16",
            "PAN-OS 10.2.8-h15",
            "PAN-OS 10.2.8-h14",
            "PAN-OS 10.2.8-h13",
            "PAN-OS 10.2.8-h12",
            "PAN-OS 10.2.8-h11",
            "PAN-OS 10.2.8-h10",
            "PAN-OS 10.2.8-h9",
            "PAN-OS 10.2.8-h8",
            "PAN-OS 10.2.8-h7",
            "PAN-OS 10.2.8-h6",
            "PAN-OS 10.2.8-h5",
            "PAN-OS 10.2.8-h4",
            "PAN-OS 10.2.8-h3",
            "PAN-OS 10.2.8-h2",
            "PAN-OS 10.2.8-h1",
            "PAN-OS 10.2.8",
            "PAN-OS 10.2.7-h35",
            "PAN-OS 10.2.7-h34",
            "PAN-OS 10.2.7-h32",
            "PAN-OS 10.2.7-h24",
            "PAN-OS 10.2.7-h23",
            "PAN-OS 10.2.7-h22",
            "PAN-OS 10.2.7-h21",
            "PAN-OS 10.2.7-h20",
            "PAN-OS 10.2.7-h19",
            "PAN-OS 10.2.7-h18",
            "PAN-OS 10.2.7-h17",
            "PAN-OS 10.2.7-h16",
            "PAN-OS 10.2.7-h15",
            "PAN-OS 10.2.7-h14",
            "PAN-OS 10.2.7-h13",
            "PAN-OS 10.2.7-h12",
            "PAN-OS 10.2.7-h11",
            "PAN-OS 10.2.7-h10",
            "PAN-OS 10.2.7-h9",
            "PAN-OS 10.2.7-h8",
            "PAN-OS 10.2.7-h7",
            "PAN-OS 10.2.7-h6",
            "PAN-OS 10.2.7-h5",
            "PAN-OS 10.2.7-h4",
            "PAN-OS 10.2.7-h3",
            "PAN-OS 10.2.7-h2",
            "PAN-OS 10.2.7-h1",
            "PAN-OS 10.2.7",
            "PAN-OS 10.2.6-h6",
            "PAN-OS 10.2.6-h5",
            "PAN-OS 10.2.6-h4",
            "PAN-OS 10.2.6-h3",
            "PAN-OS 10.2.6-h2",
            "PAN-OS 10.2.6-h1",
            "PAN-OS 10.2.6",
            "PAN-OS 10.2.5-h9",
            "PAN-OS 10.2.5-h8",
            "PAN-OS 10.2.5-h7",
            "PAN-OS 10.2.5-h6",
            "PAN-OS 10.2.5-h5",
            "PAN-OS 10.2.5-h4",
            "PAN-OS 10.2.5-h3",
            "PAN-OS 10.2.5-h2",
            "PAN-OS 10.2.5-h1",
            "PAN-OS 10.2.5",
            "PAN-OS 10.2.4-h32",
            "PAN-OS 10.2.4-h31",
            "PAN-OS 10.2.4-h30",
            "PAN-OS 10.2.4-h29",
            "PAN-OS 10.2.4-h28",
            "PAN-OS 10.2.4-h27",
            "PAN-OS 10.2.4-h26",
            "PAN-OS 10.2.4-h25",
            "PAN-OS 10.2.4-h24",
            "PAN-OS 10.2.4-h23",
            "PAN-OS 10.2.4-h22",
            "PAN-OS 10.2.4-h21",
            "PAN-OS 10.2.4-h20",
            "PAN-OS 10.2.4-h19",
            "PAN-OS 10.2.4-h18",
            "PAN-OS 10.2.4-h17",
            "PAN-OS 10.2.4-h16",
            "PAN-OS 10.2.4-h15",
            "PAN-OS 10.2.4-h14",
            "PAN-OS 10.2.4-h13",
            "PAN-OS 10.2.4-h12",
            "PAN-OS 10.2.4-h11",
            "PAN-OS 10.2.4-h10",
            "PAN-OS 10.2.4-h9",
            "PAN-OS 10.2.4-h8",
            "PAN-OS 10.2.4-h7",
            "PAN-OS 10.2.4-h6",
            "PAN-OS 10.2.4-h5",
            "PAN-OS 10.2.4-h4",
            "PAN-OS 10.2.4-h3",
            "PAN-OS 10.2.4-h2",
            "PAN-OS 10.2.4-h1",
            "PAN-OS 10.2.4",
            "PAN-OS 10.2.3-h14",
            "PAN-OS 10.2.3-h13",
            "PAN-OS 10.2.3-h12",
            "PAN-OS 10.2.3-h11",
            "PAN-OS 10.2.3-h10",
            "PAN-OS 10.2.3-h9",
            "PAN-OS 10.2.3-h8",
            "PAN-OS 10.2.3-h7",
            "PAN-OS 10.2.3-h6",
            "PAN-OS 10.2.3-h5",
            "PAN-OS 10.2.3-h4",
            "PAN-OS 10.2.3-h3",
            "PAN-OS 10.2.3-h2",
            "PAN-OS 10.2.3-h1",
            "PAN-OS 10.2.3",
            "PAN-OS 10.2.2-h6",
            "PAN-OS 10.2.2-h5",
            "PAN-OS 10.2.2-h4",
            "PAN-OS 10.2.2-h3",
            "PAN-OS 10.2.2-h2",
            "PAN-OS 10.2.2-h1",
            "PAN-OS 10.2.2",
            "PAN-OS 10.2.1-h3",
            "PAN-OS 10.2.1-h2",
            "PAN-OS 10.2.1-h1",
            "PAN-OS 10.2.1",
            "PAN-OS 10.2.0-h4",
            "PAN-OS 10.2.0-h3",
            "PAN-OS 10.2.0-h2",
            "PAN-OS 10.2.0-h1",
            "PAN-OS 10.2.0"
          ],
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "assignerShortName": "palo_alto",
        "cveId": "CVE-2026-0287",
        "datePublished": "2026-07-09T18:51:42.539Z",
        "dateReserved": "2025-11-03T20:44:45.634Z",
        "dateUpdated": "2026-07-09T19:26:20.257Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-0286 (GCVE-0-2026-0286)

    Vulnerability from nvd – Published: 2026-07-09 18:56 – Updated: 2026-07-09 19:26
    VLAI
    Title
    PAN-OS: Authenticated Command Injection in CLI
    Summary
    A command injection vulnerability in the management plane of Palo Alto Networks PAN-OS® software enables an authenticated administrator to execute arbitrary OS commands as root. The security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of administrators. This issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series). Cloud NGFW and Prisma Access® are not impacted by this vulnerability.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    References
    Impacted products
    Vendor Product Version
    Palo Alto Networks Cloud NGFW Unaffected: All (custom)
    Create a notification for this product.
    Palo Alto Networks PAN-OS Affected: 12.1.0 , < 12.1.8 (custom)
    Affected: 11.2.0 , < 11.2.13 (custom)
    Affected: 11.1.0 , < 11.1.16 (custom)
    Affected: 10.2.0 , < 10.2.18-h8 (custom)
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.7:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.15:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.14:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h26:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h25:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h32:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h29:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h25:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h23:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h22:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h20:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h19:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h33:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h32:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h27:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h25:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.17:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.15:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.14:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h16:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h36:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h31:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h30:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h27:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h26:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h23:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h34:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h32:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h24:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h23:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h22:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h20:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h19:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h16:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Palo Alto Networks Prisma Access Unaffected: All (custom)
    Create a notification for this product.
    Date Public
    2026-07-08 16:00
    Credits
    Curious of TRAPA Security our internal security research teams
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-0286",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-09T19:25:55.330135Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-09T19:26:01.748Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Cloud NGFW",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "All",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.7:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.15:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.14:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h26:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h25:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h32:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h29:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h25:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h23:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h22:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h20:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h19:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h33:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h32:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h27:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h25:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.17:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.15:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.14:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h16:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h36:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h31:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h30:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h27:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h26:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h23:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h34:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h32:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h24:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h23:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h22:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h20:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h19:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h16:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "PAN-OS",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "12.1.8",
                      "status": "unaffected"
                    },
                    {
                      "at": "12.1.7-h2",
                      "status": "unaffected"
                    },
                    {
                      "at": "12.1.4-h8",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "12.1.8",
                  "status": "affected",
                  "version": "12.1.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "11.2.13",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.2.10-h11",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.2.7-h18",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.2.4-h20",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "11.2.13",
                  "status": "affected",
                  "version": "11.2.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "11.1.16",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.13-h9",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.10-h30",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.7-h8",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.6-h35",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.4-h35",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "11.1.16",
                  "status": "affected",
                  "version": "11.1.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "10.2.18-h8",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.16-h9",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.13-h23",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.10-h39",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.7-h36",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "10.2.18-h8",
                  "status": "affected",
                  "version": "10.2.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Prisma Access",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "All",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "configurations": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "No special configuration is required to be affected by this issue."
                }
              ],
              "value": "No special configuration is required to be affected by this issue."
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "12.1.8",
                      "versionStartIncluding": "12.1.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "12.1.7-h2",
                      "versionStartIncluding": "12.1.7",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "12.1.4-h8",
                      "versionStartIncluding": "12.1.4",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.13",
                      "versionStartIncluding": "11.2.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.10-h11",
                      "versionStartIncluding": "11.2.10",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.7-h18",
                      "versionStartIncluding": "11.2.7",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.4-h20",
                      "versionStartIncluding": "11.2.4",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.16",
                      "versionStartIncluding": "11.1.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.13-h9",
                      "versionStartIncluding": "11.1.13",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.10-h30",
                      "versionStartIncluding": "11.1.10",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.7-h8",
                      "versionStartIncluding": "11.1.7",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.6-h35",
                      "versionStartIncluding": "11.1.6",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.4-h35",
                      "versionStartIncluding": "11.1.4",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.18-h8",
                      "versionStartIncluding": "10.2.18",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.16-h9",
                      "versionStartIncluding": "10.2.16",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.13-h23",
                      "versionStartIncluding": "10.2.13",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.10-h39",
                      "versionStartIncluding": "10.2.10",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.7-h36",
                      "versionStartIncluding": "10.2.7",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Curious of TRAPA Security"
            },
            {
              "lang": "en",
              "type": "finder",
              "value": "our internal security research teams"
            }
          ],
          "datePublic": "2026-07-08T16:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eA command injection vulnerability in the management plane of Palo Alto Networks PAN-OS\u00ae software enables an authenticated administrator to execute arbitrary OS commands as root.\u003c/p\u003e\u003cp\u003eThe security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of administrators.\u003c/p\u003e\u003cp\u003eThis issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series).\u003c/p\u003e\u003cp\u003eCloud NGFW and Prisma Access\u00ae  are not impacted by this vulnerability.\u003c/p\u003e"
                }
              ],
              "value": "A command injection vulnerability in the management plane of Palo Alto Networks PAN-OS\u00ae software enables an authenticated administrator to execute arbitrary OS commands as root.\n\n\n\nThe security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of administrators.\n\n\n\nThis issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series).\n\n\n\nCloud NGFW and Prisma Access\u00ae  are not impacted by this vulnerability."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
                }
              ],
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-88",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-88 OS Command Injection"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NO",
                "Recovery": "USER",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 6,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "UNREPORTED",
                "privilegesRequired": "HIGH",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "DIFFUSE",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "MODERATE"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-09T18:56:29.289Z",
            "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
            "shortName": "palo_alto"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://security.paloaltonetworks.com/CVE-2026-0286"
            }
          ],
          "solutions": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003ctable class=\"tbl\"\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eVersion\u003cbr\u003e\u003c/th\u003e\u003cth\u003eMinor Version\u003cbr\u003e\u003c/th\u003e\u003cth\u003eSuggested Solution\u003cbr\u003e\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003eCloud NGFW All\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePAN-OS 12.1\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e12.1.5 through 12.1.7\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 12.1.7-h2 or 12.1.8 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e12.1.2 through 12.1.4\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 12.1.4-h8 or 12.1.8 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePAN-OS 11.2\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.2.11 through 11.2.12\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.2.13 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.2.8 through 11.2.10\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.2.10-h11 or 11.2.13 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.2.5 through 11.2.7\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.2.7-h18 or 11.2.13 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.2.0 through 11.2.4\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.2.4-h20 or 11.2.13 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePAN-OS 11.1\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.14 through 11.1.15\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.16 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.11 through 11.1.13\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.13-h9 or 11.1.16 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.8 through 11.1.10\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.10-h30 or 11.1.16 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.7 through 11.1.7\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.7-h8 or 11.1.16 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.5 through 11.1.6\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.6-h35 or 11.1.16 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.0 through 11.1.4\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.4-h35 or 11.1.16 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePAN-OS 10.2\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e10.2.17 through 10.2.18\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 10.2.18-h8 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e10.2.14 through 10.2.16\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 10.2.16-h9 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e10.2.11 through 10.2.13\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 10.2.13-h23 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e10.2.8 through 10.2.10\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 10.2.10-h39 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e10.2.0 through 10.2.7\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 10.2.7-h36 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eAll older\u003cbr\u003eunsupported\u003cbr\u003ePAN-OS versions\u003c/td\u003e\u003ctd\u003e\u0026nbsp;\u003c/td\u003e\u003ctd\u003eUpgrade to a supported fixed version.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePrisma Access\u0026nbsp;\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e"
                }
              ],
              "value": "Version\nMinor Version\nSuggested Solution\nCloud NGFW All\nNo action needed.\n                                PAN-OS 12.1\n\n                                12.1.5 through 12.1.7-h*\n                                Upgrade to 12.1.7-h2 or 12.1.8 or later.\n                            \n                                \n                                12.1.2 through 12.1.4-h*\n                                Upgrade to 12.1.4-h8 or 12.1.8 or later.\n                            \n                                PAN-OS 11.2\n\n                                11.2.11 through 11.2.12\n                                Upgrade to 11.2.13 or later.\n                            \n                                \n                                11.2.8 through 11.2.10-h*\n                                Upgrade to 11.2.10-h11 or 11.2.13 or later.\n                            \n                                \n                                11.2.5 through 11.2.7-h*\n                                Upgrade to 11.2.7-h18 or 11.2.13 or later.\n                            \n                                \n                                11.2.0 through 11.2.4-h*\n                                Upgrade to 11.2.4-h20 or 11.2.13 or later.\n                            \n                                PAN-OS 11.1\n\n                                11.1.14 through 11.1.15\n                                Upgrade to 11.1.16 or later.\n                            \n                                \n                                11.1.11 through 11.1.13-h*\n                                Upgrade to 11.1.13-h9 or 11.1.16 or later.\n                            \n                                \n                                11.1.8 through 11.1.10-h*\n                                Upgrade to 11.1.10-h30 or 11.1.16 or later.\n                            \n                                \n                                11.1.7 through 11.1.7-h*\n                                Upgrade to 11.1.7-h8 or 11.1.16 or later.\n                            \n                                \n                                11.1.5 through 11.1.6-h*\n                                Upgrade to 11.1.6-h35 or 11.1.16 or later.\n                            \n                                \n                                11.1.0 through 11.1.4-h*\n                                Upgrade to 11.1.4-h35 or 11.1.16 or later.\n                            \n                                PAN-OS 10.2\n\n                                10.2.17 through 10.2.18-h*\n                                Upgrade to 10.2.18-h8 or later.\n                            \n                                \n                                10.2.14 through 10.2.16-h*\n                                Upgrade to 10.2.16-h9 or later.\n                            \n                                \n                                10.2.11 through 10.2.13-h*\n                                Upgrade to 10.2.13-h23 or later.\n                            \n                                \n                                10.2.8 through 10.2.10-h*\n                                Upgrade to 10.2.10-h39 or later.\n                            \n                                \n                                10.2.0 through 10.2.7-h*\n                                Upgrade to 10.2.7-h36 or later.\n                            All older\nunsupported\nPAN-OS versions\u00a0Upgrade to a supported fixed version.Prisma Access\u00a0\n\nNo action needed."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "timeline": [
            {
              "lang": "en",
              "time": "2026-07-08T16:00:00.000Z",
              "value": "Initial Publication"
            }
          ],
          "title": "PAN-OS: Authenticated Command Injection in CLI",
          "workarounds": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003e\u003c/p\u003e\u003cp\u003eCustomers with a Threat Prevention subscription are provided with limited coverage against this vulnerability by enabling Threat ID 510036 (from Applications and Threats content version 9122-10145 and later). For these Threat IDs to protect against attacks for this vulnerability:\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices#id59206398-3dab-4b2f-9b4b-7ea500d036ba\"\u003eRoute incoming traffic for the MGT port through a DP port\u003c/a\u003e, e.g., enabling management profile on a DP interface for management access.\u003c/li\u003e\u003cli\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices#id112f7714-8995-4496-bbf9-781e63dec71c\"\u003eReplace the Certificate for Inbound Traffic Management\u003c/a\u003e.\u0026nbsp;\u003c/li\u003e\u003cli\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices#idbbd82587-17a2-42b4-9245-d3714e1e13a2\"\u003eDecrypt inbound traffic to the management\u0026nbsp;interface\u0026nbsp;so the firewall can inspect it.\u003c/a\u003e\u003c/li\u003e\u003cli\u003eEnable threat prevention on the inbound traffic to management services.\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003ePlease note that this Threat ID requires SSL Decryption.\u003c/p\u003e\u003cp\u003e\u003c/p\u003e"
                }
              ],
              "value": "Customers with a Threat Prevention subscription are provided with limited coverage against this vulnerability by enabling Threat ID 510036 (from Applications and Threats content version 9122-10145 and later). For these Threat IDs to protect against attacks for this vulnerability:\n\n\n\n\n\n  *   Route incoming traffic for the MGT port through a DP port https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices#id59206398-3dab-4b2f-9b4b-7ea500d036ba , e.g., enabling management profile on a DP interface for management access.\n  *   Replace the Certificate for Inbound Traffic Management https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices#id112f7714-8995-4496-bbf9-781e63dec71c .\u00a0\n  *   Decrypt inbound traffic to the management\u00a0interface\u00a0so the firewall can inspect it. https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices#idbbd82587-17a2-42b4-9245-d3714e1e13a2 \n  *  Enable threat prevention on the inbound traffic to management services.\n\n\n\n\n\n\n\n\nPlease note that this Threat ID requires SSL Decryption."
            }
          ],
          "x_affectedList": [
            "PAN-OS 12.1.7",
            "PAN-OS 12.1.6",
            "PAN-OS 12.1.5",
            "PAN-OS 12.1.4-h6",
            "PAN-OS 12.1.4-h5",
            "PAN-OS 12.1.4-h3",
            "PAN-OS 12.1.4-h2",
            "PAN-OS 12.1.4",
            "PAN-OS 12.1.3-h3",
            "PAN-OS 12.1.3-h1",
            "PAN-OS 12.1.3",
            "PAN-OS 12.1.2",
            "PAN-OS 11.2.12",
            "PAN-OS 11.2.11",
            "PAN-OS 11.2.10-h8",
            "PAN-OS 11.2.10-h7",
            "PAN-OS 11.2.10-h6",
            "PAN-OS 11.2.10-h5",
            "PAN-OS 11.2.10-h4",
            "PAN-OS 11.2.10-h3",
            "PAN-OS 11.2.10-h2",
            "PAN-OS 11.2.10-h1",
            "PAN-OS 11.2.10",
            "PAN-OS 11.2.9",
            "PAN-OS 11.2.8",
            "PAN-OS 11.2.7-h15",
            "PAN-OS 11.2.7-h14",
            "PAN-OS 11.2.7-h13",
            "PAN-OS 11.2.7-h12",
            "PAN-OS 11.2.7-h11",
            "PAN-OS 11.2.7-h10",
            "PAN-OS 11.2.7-h8",
            "PAN-OS 11.2.7-h7",
            "PAN-OS 11.2.7-h4",
            "PAN-OS 11.2.7-h3",
            "PAN-OS 11.2.7-h2",
            "PAN-OS 11.2.7-h1",
            "PAN-OS 11.2.7",
            "PAN-OS 11.2.6",
            "PAN-OS 11.2.5",
            "PAN-OS 11.2.4-h17",
            "PAN-OS 11.2.4-h15",
            "PAN-OS 11.2.4-h14",
            "PAN-OS 11.2.4-h12",
            "PAN-OS 11.2.4-h11",
            "PAN-OS 11.2.4-h10",
            "PAN-OS 11.2.4-h9",
            "PAN-OS 11.2.4-h8",
            "PAN-OS 11.2.4-h7",
            "PAN-OS 11.2.4-h6",
            "PAN-OS 11.2.4-h5",
            "PAN-OS 11.2.4-h4",
            "PAN-OS 11.2.4-h3",
            "PAN-OS 11.2.4-h2",
            "PAN-OS 11.2.4-h1",
            "PAN-OS 11.2.4",
            "PAN-OS 11.2.3-h5",
            "PAN-OS 11.2.3-h4",
            "PAN-OS 11.2.3-h3",
            "PAN-OS 11.2.3-h2",
            "PAN-OS 11.2.3-h1",
            "PAN-OS 11.2.3",
            "PAN-OS 11.2.2-h2",
            "PAN-OS 11.2.2-h1",
            "PAN-OS 11.2.1-h1",
            "PAN-OS 11.2.1",
            "PAN-OS 11.2.0-h1",
            "PAN-OS 11.2.0",
            "PAN-OS 11.1.15",
            "PAN-OS 11.1.14",
            "PAN-OS 11.1.13-h6",
            "PAN-OS 11.1.13-h5",
            "PAN-OS 11.1.13-h3",
            "PAN-OS 11.1.13-h2",
            "PAN-OS 11.1.13-h1",
            "PAN-OS 11.1.13",
            "PAN-OS 11.1.12",
            "PAN-OS 11.1.11",
            "PAN-OS 11.1.10-h26",
            "PAN-OS 11.1.10-h25",
            "PAN-OS 11.1.10-h21",
            "PAN-OS 11.1.10-h12",
            "PAN-OS 11.1.10-h10",
            "PAN-OS 11.1.10-h9",
            "PAN-OS 11.1.10-h7",
            "PAN-OS 11.1.10-h5",
            "PAN-OS 11.1.10-h4",
            "PAN-OS 11.1.10-h1",
            "PAN-OS 11.1.10",
            "PAN-OS 11.1.9",
            "PAN-OS 11.1.8",
            "PAN-OS 11.1.6-h32",
            "PAN-OS 11.1.6-h29",
            "PAN-OS 11.1.6-h25",
            "PAN-OS 11.1.6-h23",
            "PAN-OS 11.1.6-h22",
            "PAN-OS 11.1.6-h21",
            "PAN-OS 11.1.6-h20",
            "PAN-OS 11.1.6-h19",
            "PAN-OS 11.1.6-h18",
            "PAN-OS 11.1.6-h17",
            "PAN-OS 11.1.6-h14",
            "PAN-OS 11.1.6-h10",
            "PAN-OS 11.1.6-h7",
            "PAN-OS 11.1.6-h6",
            "PAN-OS 11.1.6-h4",
            "PAN-OS 11.1.6-h3",
            "PAN-OS 11.1.6-h2",
            "PAN-OS 11.1.6-h1",
            "PAN-OS 11.1.6",
            "PAN-OS 11.1.5-h1",
            "PAN-OS 11.1.5",
            "PAN-OS 11.1.4-h33",
            "PAN-OS 11.1.4-h32",
            "PAN-OS 11.1.4-h27",
            "PAN-OS 11.1.4-h25",
            "PAN-OS 11.1.4-h18",
            "PAN-OS 11.1.4-h17",
            "PAN-OS 11.1.4-h15",
            "PAN-OS 11.1.4-h13",
            "PAN-OS 11.1.4-h12",
            "PAN-OS 11.1.4-h11",
            "PAN-OS 11.1.4-h10",
            "PAN-OS 11.1.4-h9",
            "PAN-OS 11.1.4-h8",
            "PAN-OS 11.1.4-h7",
            "PAN-OS 11.1.4-h6",
            "PAN-OS 11.1.4-h5",
            "PAN-OS 11.1.4-h4",
            "PAN-OS 11.1.4-h3",
            "PAN-OS 11.1.4-h2",
            "PAN-OS 11.1.4-h1",
            "PAN-OS 11.1.4",
            "PAN-OS 11.1.3-h13",
            "PAN-OS 11.1.3-h12",
            "PAN-OS 11.1.3-h11",
            "PAN-OS 11.1.3-h10",
            "PAN-OS 11.1.3-h9",
            "PAN-OS 11.1.3-h8",
            "PAN-OS 11.1.3-h7",
            "PAN-OS 11.1.3-h6",
            "PAN-OS 11.1.3-h5",
            "PAN-OS 11.1.3-h4",
            "PAN-OS 11.1.3-h3",
            "PAN-OS 11.1.3-h2",
            "PAN-OS 11.1.3-h1",
            "PAN-OS 11.1.3",
            "PAN-OS 11.1.2-h18",
            "PAN-OS 11.1.2-h17",
            "PAN-OS 11.1.2-h16",
            "PAN-OS 11.1.2-h15",
            "PAN-OS 11.1.2-h14",
            "PAN-OS 11.1.2-h13",
            "PAN-OS 11.1.2-h12",
            "PAN-OS 11.1.2-h11",
            "PAN-OS 11.1.2-h10",
            "PAN-OS 11.1.2-h9",
            "PAN-OS 11.1.2-h8",
            "PAN-OS 11.1.2-h7",
            "PAN-OS 11.1.2-h6",
            "PAN-OS 11.1.2-h5",
            "PAN-OS 11.1.2-h4",
            "PAN-OS 11.1.2-h3",
            "PAN-OS 11.1.2-h2",
            "PAN-OS 11.1.2-h1",
            "PAN-OS 11.1.2",
            "PAN-OS 11.1.1-h2",
            "PAN-OS 11.1.1-h1",
            "PAN-OS 11.1.1",
            "PAN-OS 11.1.0-h4",
            "PAN-OS 11.1.0-h3",
            "PAN-OS 11.1.0-h2",
            "PAN-OS 11.1.0-h1",
            "PAN-OS 11.1.0",
            "PAN-OS 10.2.18-h6",
            "PAN-OS 10.2.18-h5",
            "PAN-OS 10.2.18-h1",
            "PAN-OS 10.2.18",
            "PAN-OS 10.2.17",
            "PAN-OS 10.2.16-h7",
            "PAN-OS 10.2.16-h6",
            "PAN-OS 10.2.16-h4",
            "PAN-OS 10.2.16-h1",
            "PAN-OS 10.2.16",
            "PAN-OS 10.2.15",
            "PAN-OS 10.2.14-h1",
            "PAN-OS 10.2.14",
            "PAN-OS 10.2.13-h21",
            "PAN-OS 10.2.13-h18",
            "PAN-OS 10.2.13-h16",
            "PAN-OS 10.2.13-h15",
            "PAN-OS 10.2.13-h10",
            "PAN-OS 10.2.13-h7",
            "PAN-OS 10.2.13-h5",
            "PAN-OS 10.2.13-h4",
            "PAN-OS 10.2.13-h3",
            "PAN-OS 10.2.13-h2",
            "PAN-OS 10.2.13-h1",
            "PAN-OS 10.2.13",
            "PAN-OS 10.2.12-h6",
            "PAN-OS 10.2.12-h5",
            "PAN-OS 10.2.12-h4",
            "PAN-OS 10.2.12-h3",
            "PAN-OS 10.2.12-h2",
            "PAN-OS 10.2.12-h1",
            "PAN-OS 10.2.12",
            "PAN-OS 10.2.11-h13",
            "PAN-OS 10.2.11-h12",
            "PAN-OS 10.2.11-h11",
            "PAN-OS 10.2.11-h10",
            "PAN-OS 10.2.11-h9",
            "PAN-OS 10.2.11-h8",
            "PAN-OS 10.2.11-h7",
            "PAN-OS 10.2.11-h6",
            "PAN-OS 10.2.11-h5",
            "PAN-OS 10.2.11-h4",
            "PAN-OS 10.2.11-h3",
            "PAN-OS 10.2.11-h2",
            "PAN-OS 10.2.11-h1",
            "PAN-OS 10.2.11",
            "PAN-OS 10.2.10-h36",
            "PAN-OS 10.2.10-h31",
            "PAN-OS 10.2.10-h30",
            "PAN-OS 10.2.10-h27",
            "PAN-OS 10.2.10-h26",
            "PAN-OS 10.2.10-h23",
            "PAN-OS 10.2.10-h21",
            "PAN-OS 10.2.10-h18",
            "PAN-OS 10.2.10-h17",
            "PAN-OS 10.2.10-h14",
            "PAN-OS 10.2.10-h13",
            "PAN-OS 10.2.10-h12",
            "PAN-OS 10.2.10-h11",
            "PAN-OS 10.2.10-h10",
            "PAN-OS 10.2.10-h9",
            "PAN-OS 10.2.10-h8",
            "PAN-OS 10.2.10-h7",
            "PAN-OS 10.2.10-h6",
            "PAN-OS 10.2.10-h5",
            "PAN-OS 10.2.10-h4",
            "PAN-OS 10.2.10-h3",
            "PAN-OS 10.2.10-h2",
            "PAN-OS 10.2.10-h1",
            "PAN-OS 10.2.10",
            "PAN-OS 10.2.9-h21",
            "PAN-OS 10.2.9-h20",
            "PAN-OS 10.2.9-h19",
            "PAN-OS 10.2.9-h18",
            "PAN-OS 10.2.9-h17",
            "PAN-OS 10.2.9-h16",
            "PAN-OS 10.2.9-h15",
            "PAN-OS 10.2.9-h14",
            "PAN-OS 10.2.9-h13",
            "PAN-OS 10.2.9-h12",
            "PAN-OS 10.2.9-h11",
            "PAN-OS 10.2.9-h10",
            "PAN-OS 10.2.9-h9",
            "PAN-OS 10.2.9-h8",
            "PAN-OS 10.2.9-h7",
            "PAN-OS 10.2.9-h6",
            "PAN-OS 10.2.9-h5",
            "PAN-OS 10.2.9-h4",
            "PAN-OS 10.2.9-h3",
            "PAN-OS 10.2.9-h2",
            "PAN-OS 10.2.9-h1",
            "PAN-OS 10.2.9",
            "PAN-OS 10.2.8-h21",
            "PAN-OS 10.2.8-h20",
            "PAN-OS 10.2.8-h19",
            "PAN-OS 10.2.8-h18",
            "PAN-OS 10.2.8-h17",
            "PAN-OS 10.2.8-h16",
            "PAN-OS 10.2.8-h15",
            "PAN-OS 10.2.8-h14",
            "PAN-OS 10.2.8-h13",
            "PAN-OS 10.2.8-h12",
            "PAN-OS 10.2.8-h11",
            "PAN-OS 10.2.8-h10",
            "PAN-OS 10.2.8-h9",
            "PAN-OS 10.2.8-h8",
            "PAN-OS 10.2.8-h7",
            "PAN-OS 10.2.8-h6",
            "PAN-OS 10.2.8-h5",
            "PAN-OS 10.2.8-h4",
            "PAN-OS 10.2.8-h3",
            "PAN-OS 10.2.8-h2",
            "PAN-OS 10.2.8-h1",
            "PAN-OS 10.2.8",
            "PAN-OS 10.2.7-h34",
            "PAN-OS 10.2.7-h32",
            "PAN-OS 10.2.7-h24",
            "PAN-OS 10.2.7-h23",
            "PAN-OS 10.2.7-h22",
            "PAN-OS 10.2.7-h21",
            "PAN-OS 10.2.7-h20",
            "PAN-OS 10.2.7-h19",
            "PAN-OS 10.2.7-h18",
            "PAN-OS 10.2.7-h17",
            "PAN-OS 10.2.7-h16",
            "PAN-OS 10.2.7-h15",
            "PAN-OS 10.2.7-h14",
            "PAN-OS 10.2.7-h13",
            "PAN-OS 10.2.7-h12",
            "PAN-OS 10.2.7-h11",
            "PAN-OS 10.2.7-h10",
            "PAN-OS 10.2.7-h9",
            "PAN-OS 10.2.7-h8",
            "PAN-OS 10.2.7-h7",
            "PAN-OS 10.2.7-h6",
            "PAN-OS 10.2.7-h5",
            "PAN-OS 10.2.7-h4",
            "PAN-OS 10.2.7-h3",
            "PAN-OS 10.2.7-h2",
            "PAN-OS 10.2.7-h1",
            "PAN-OS 10.2.7",
            "PAN-OS 10.2.6-h6",
            "PAN-OS 10.2.6-h5",
            "PAN-OS 10.2.6-h4",
            "PAN-OS 10.2.6-h3",
            "PAN-OS 10.2.6-h2",
            "PAN-OS 10.2.6-h1",
            "PAN-OS 10.2.6",
            "PAN-OS 10.2.5-h9",
            "PAN-OS 10.2.5-h8",
            "PAN-OS 10.2.5-h7",
            "PAN-OS 10.2.5-h6",
            "PAN-OS 10.2.5-h5",
            "PAN-OS 10.2.5-h4",
            "PAN-OS 10.2.5-h3",
            "PAN-OS 10.2.5-h2",
            "PAN-OS 10.2.5-h1",
            "PAN-OS 10.2.5",
            "PAN-OS 10.2.4-h32",
            "PAN-OS 10.2.4-h31",
            "PAN-OS 10.2.4-h30",
            "PAN-OS 10.2.4-h29",
            "PAN-OS 10.2.4-h28",
            "PAN-OS 10.2.4-h27",
            "PAN-OS 10.2.4-h26",
            "PAN-OS 10.2.4-h25",
            "PAN-OS 10.2.4-h24",
            "PAN-OS 10.2.4-h23",
            "PAN-OS 10.2.4-h22",
            "PAN-OS 10.2.4-h21",
            "PAN-OS 10.2.4-h20",
            "PAN-OS 10.2.4-h19",
            "PAN-OS 10.2.4-h18",
            "PAN-OS 10.2.4-h17",
            "PAN-OS 10.2.4-h16",
            "PAN-OS 10.2.4-h15",
            "PAN-OS 10.2.4-h14",
            "PAN-OS 10.2.4-h13",
            "PAN-OS 10.2.4-h12",
            "PAN-OS 10.2.4-h11",
            "PAN-OS 10.2.4-h10",
            "PAN-OS 10.2.4-h9",
            "PAN-OS 10.2.4-h8",
            "PAN-OS 10.2.4-h7",
            "PAN-OS 10.2.4-h6",
            "PAN-OS 10.2.4-h5",
            "PAN-OS 10.2.4-h4",
            "PAN-OS 10.2.4-h3",
            "PAN-OS 10.2.4-h2",
            "PAN-OS 10.2.4-h1",
            "PAN-OS 10.2.4",
            "PAN-OS 10.2.3-h14",
            "PAN-OS 10.2.3-h13",
            "PAN-OS 10.2.3-h12",
            "PAN-OS 10.2.3-h11",
            "PAN-OS 10.2.3-h10",
            "PAN-OS 10.2.3-h9",
            "PAN-OS 10.2.3-h8",
            "PAN-OS 10.2.3-h7",
            "PAN-OS 10.2.3-h6",
            "PAN-OS 10.2.3-h5",
            "PAN-OS 10.2.3-h4",
            "PAN-OS 10.2.3-h3",
            "PAN-OS 10.2.3-h2",
            "PAN-OS 10.2.3-h1",
            "PAN-OS 10.2.3",
            "PAN-OS 10.2.2-h6",
            "PAN-OS 10.2.2-h5",
            "PAN-OS 10.2.2-h4",
            "PAN-OS 10.2.2-h3",
            "PAN-OS 10.2.2-h2",
            "PAN-OS 10.2.2-h1",
            "PAN-OS 10.2.2",
            "PAN-OS 10.2.1-h3",
            "PAN-OS 10.2.1-h2",
            "PAN-OS 10.2.1-h1",
            "PAN-OS 10.2.1",
            "PAN-OS 10.2.0-h4",
            "PAN-OS 10.2.0-h3",
            "PAN-OS 10.2.0-h2",
            "PAN-OS 10.2.0-h1",
            "PAN-OS 10.2.0"
          ],
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "assignerShortName": "palo_alto",
        "cveId": "CVE-2026-0286",
        "datePublished": "2026-07-09T18:56:29.289Z",
        "dateReserved": "2025-11-03T20:44:44.429Z",
        "dateUpdated": "2026-07-09T19:26:01.748Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-0285 (GCVE-0-2026-0285)

    Vulnerability from nvd – Published: 2026-07-09 18:58 – Updated: 2026-07-09 19:25
    VLAI
    Title
    PAN-OS: Server-Side Request Forgery Vulnerability in Management Web Interface
    Summary
    A server-side request forgery (SSRF) vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator with network access to the management web interface to make unauthorized requests from the firewall to internal services. The security risk posed by this issue is minimized when the management interface is restricted to only trusted internal IP addresses according to our recommended  best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 .  Panorama, Cloud NGFW, and Prisma® Access are not impacted by this vulnerability.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-918 - Server-Side Request Forgery (SSRF)
    Assigner
    References
    Impacted products
    Vendor Product Version
    Palo Alto Networks Cloud NGFW Unaffected: All (custom)
    Create a notification for this product.
    Palo Alto Networks PAN-OS Affected: 12.1.0 , < 12.1.8 (custom)
    Affected: 11.2.0 , < 11.2.13 (custom)
    Affected: 11.1.0 , < 11.1.16 (custom)
    Affected: 10.2.0 , < 10.2.18-h8 (custom)
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.7:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.15:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.14:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h26:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h25:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h32:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h29:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h25:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h23:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h22:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h20:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h19:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h33:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h32:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h27:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h25:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.17:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.15:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.14:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h16:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h36:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h31:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h30:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h27:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h26:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h23:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h34:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h32:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h24:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h23:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h22:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h20:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h19:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h16:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Palo Alto Networks Prisma Access Unaffected: All (custom)
    Create a notification for this product.
    Date Public
    2026-07-08 16:00
    Credits
    our internal security research teams
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-0285",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-09T19:25:38.612302Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-09T19:25:44.255Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Cloud NGFW",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "All",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.7:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.15:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.14:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h26:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h25:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h32:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h29:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h25:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h23:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h22:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h20:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h19:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h33:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h32:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h27:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h25:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.17:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.15:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.14:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h16:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h36:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h31:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h30:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h27:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h26:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h23:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h34:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h32:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h24:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h23:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h22:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h20:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h19:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h16:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "PAN-OS",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "12.1.8",
                      "status": "unaffected"
                    },
                    {
                      "at": "12.1.7-h2",
                      "status": "unaffected"
                    },
                    {
                      "at": "12.1.4-h8",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "12.1.8",
                  "status": "affected",
                  "version": "12.1.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "11.2.13",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.2.10-h11",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.2.7-h18",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.2.4-h20",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "11.2.13",
                  "status": "affected",
                  "version": "11.2.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "11.1.16",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.13-h9",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.10-h30",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.7-h8",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.6-h35",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.4-h35",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "11.1.16",
                  "status": "affected",
                  "version": "11.1.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "10.2.18-h8",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.16-h9",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.13-h23",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.10-h39",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.7-h36",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "10.2.18-h8",
                  "status": "affected",
                  "version": "10.2.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Prisma Access",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "All",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "configurations": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003e\u003c/p\u003e\u003cp\u003eThe risk is greatest if you enabled access to the management interface from the internet or any untrusted network either:\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003col\u003e\u003cli\u003eDirectly; or\u003c/li\u003e\u003cli\u003eThrough a dataplane interface that includes a management interface profile.\u003c/li\u003e\u003c/ol\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003eYou reduce the risk if you ensure that you allow only trusted internal IP addresses to access the management interface.\u003c/p\u003e\u003cp\u003e\u003c/p\u003e"
                }
              ],
              "value": "The risk is greatest if you enabled access to the management interface from the internet or any untrusted network either:\n\n\n\n\n\n  *  Directly; or\n  *  Through a dataplane interface that includes a management interface profile.\n\n\n\n\n\n\nYou reduce the risk if you ensure that you allow only trusted internal IP addresses to access the management interface."
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "12.1.4-h8",
                      "versionStartIncluding": "12.1.4",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "12.1.7-h2",
                      "versionStartIncluding": "12.1.7",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "12.1.8",
                      "versionStartIncluding": "12.1.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.4-h20",
                      "versionStartIncluding": "11.2.4",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.7-h18",
                      "versionStartIncluding": "11.2.7",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.10-h11",
                      "versionStartIncluding": "11.2.10",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.13",
                      "versionStartIncluding": "11.2.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.4-h35",
                      "versionStartIncluding": "11.1.4",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.6-h35",
                      "versionStartIncluding": "11.1.6",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.7-h8",
                      "versionStartIncluding": "11.1.7",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.10-h30",
                      "versionStartIncluding": "11.1.10",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.13-h9",
                      "versionStartIncluding": "11.1.13",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.16",
                      "versionStartIncluding": "11.1.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.7-h36",
                      "versionStartIncluding": "10.2.7",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.10-h39",
                      "versionStartIncluding": "10.2.10",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.13-h23",
                      "versionStartIncluding": "10.2.13",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.16-h9",
                      "versionStartIncluding": "10.2.16",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.18-h8",
                      "versionStartIncluding": "10.2.18",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "our internal security research teams"
            }
          ],
          "datePublic": "2026-07-08T16:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003e\u003cspan\u003eA server-side request forgery (SSRF) vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator with network access to the management web interface to make unauthorized requests from the firewall to internal services.\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan\u003eThe security risk posed by this issue is minimized when the management interface is restricted to only trusted internal IP addresses according to our recommended\u0026nbsp;\u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431\"\u003e\u003cspan\u003ebest practice deployment guidelines\u003c/span\u003e\u003c/a\u003e\u003cspan\u003e.\u0026nbsp;\u003cbr\u003e\u003c/span\u003e\u003cspan\u003e\u003cbr\u003ePanorama, Cloud NGFW, and Prisma\u00ae Access are not impacted by this vulnerability.\u003c/span\u003e\u003c/p\u003e"
                }
              ],
              "value": "A server-side request forgery (SSRF) vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator with network access to the management web interface to make unauthorized requests from the firewall to internal services.\n\n\n\nThe security risk posed by this issue is minimized when the management interface is restricted to only trusted internal IP addresses according to our recommended\u00a0 best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 .\u00a0\n\nPanorama, Cloud NGFW, and Prisma\u00ae Access are not impacted by this vulnerability."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
                }
              ],
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-664",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-664 Server-Side Request Forgery"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NO",
                "Recovery": "USER",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 4.7,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "UNREPORTED",
                "privilegesRequired": "HIGH",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "DIFFUSE",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "LOW",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "MODERATE"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "The risk is highest when you allow access to the management interface from external IP addresses on the internet."
                }
              ]
            },
            {
              "cvssV4_0": {
                "Automatable": "NO",
                "Recovery": "USER",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "ADJACENT",
                "baseScore": 4.4,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "UNREPORTED",
                "privilegesRequired": "HIGH",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "DIFFUSE",
                "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "LOW",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "MODERATE"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "You can reduce the risk of exploitation by restricting access to a jump box that is the only system allowed to access the management interface."
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-918",
                  "description": "CWE-918 Server-Side Request Forgery (SSRF)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-09T18:58:14.563Z",
            "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
            "shortName": "palo_alto"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://security.paloaltonetworks.com/CVE-2026-0285"
            }
          ],
          "solutions": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003ctable class=\"tbl\"\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eVersion\u003cbr\u003e\u003c/th\u003e\u003cth\u003eMinor Version\u003cbr\u003e\u003c/th\u003e\u003cth\u003eSuggested Solution\u003cbr\u003e\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003eCloud NGFW\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePAN-OS 12.1\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e12.1.5 through 12.1.7\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 12.1.7-h2 or 12.1.8 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e12.1.2 through 12.1.4\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 12.1.4-h8 or 12.1.8 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePAN-OS 11.2\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.2.11 through 11.2.12\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.2.13 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.2.8 through 11.2.10\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.2.10-h11 or 11.2.13 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.2.5 through 11.2.7\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.2.7-h18 or 11.2.13 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.2.0 through 11.2.4\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.2.4-h20 or 11.2.13 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePAN-OS 11.1\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.14 through 11.1.15\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.16 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.11 through 11.1.13\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.13-h9 or 11.1.16 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.8 through 11.1.10\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.10-h30 or 11.1.16 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.7 through 11.1.7\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.7-h8 or 11.1.16 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.5 through 11.1.6\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.6-h35 or 11.1.16 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.0 through 11.1.4\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.4-h35 or 11.1.16 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePAN-OS 10.2\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e10.2.17 through 10.2.18\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 10.2.18-h8 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e10.2.14 through 10.2.16\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 10.2.16-h9 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e10.2.11 through 10.2.13\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 10.2.13-h23 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e10.2.8 through 10.2.10\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 10.2.10-h39 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e10.2.0 through 10.2.7\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 10.2.7-h36 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eAll older\u003cbr\u003eunsupported\u003cbr\u003ePAN-OS versions\u003c/td\u003e\u003ctd\u003e\u0026nbsp;\u003c/td\u003e\u003ctd\u003eUpgrade to a supported fixed version.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePrisma Access\u0026nbsp;\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e"
                }
              ],
              "value": "Version\nMinor Version\nSuggested Solution\nCloud NGFW\nNo action needed.\n                                PAN-OS 12.1\n\n                                12.1.5 through 12.1.7-h*\n                                Upgrade to 12.1.7-h2 or 12.1.8 or later.\n                            \n                                \n                                12.1.2 through 12.1.4-h*\n                                Upgrade to 12.1.4-h8 or 12.1.8 or later.\n                            \n                                PAN-OS 11.2\n\n                                11.2.11 through 11.2.12\n                                Upgrade to 11.2.13 or later.\n                            \n                                \n                                11.2.8 through 11.2.10-h*\n                                Upgrade to 11.2.10-h11 or 11.2.13 or later.\n                            \n                                \n                                11.2.5 through 11.2.7-h*\n                                Upgrade to 11.2.7-h18 or 11.2.13 or later.\n                            \n                                \n                                11.2.0 through 11.2.4-h*\n                                Upgrade to 11.2.4-h20 or 11.2.13 or later.\n                            \n                                PAN-OS 11.1\n\n                                11.1.14 through 11.1.15\n                                Upgrade to 11.1.16 or later.\n                            \n                                \n                                11.1.11 through 11.1.13-h*\n                                Upgrade to 11.1.13-h9 or 11.1.16 or later.\n                            \n                                \n                                11.1.8 through 11.1.10-h*\n                                Upgrade to 11.1.10-h30 or 11.1.16 or later.\n                            \n                                \n                                11.1.7 through 11.1.7-h*\n                                Upgrade to 11.1.7-h8 or 11.1.16 or later.\n                            \n                                \n                                11.1.5 through 11.1.6-h*\n                                Upgrade to 11.1.6-h35 or 11.1.16 or later.\n                            \n                                \n                                11.1.0 through 11.1.4-h*\n                                Upgrade to 11.1.4-h35 or 11.1.16 or later.\n                            \n                                PAN-OS 10.2\n\n                                10.2.17 through 10.2.18-h*\n                                Upgrade to 10.2.18-h8 or later.\n                            \n                                \n                                10.2.14 through 10.2.16-h*\n                                Upgrade to 10.2.16-h9 or later.\n                            \n                                \n                                10.2.11 through 10.2.13-h*\n                                Upgrade to 10.2.13-h23 or later.\n                            \n                                \n                                10.2.8 through 10.2.10-h*\n                                Upgrade to 10.2.10-h39 or later.\n                            \n                                \n                                10.2.0 through 10.2.7-h*\n                                Upgrade to 10.2.7-h36 or later.\n                            All older\nunsupported\nPAN-OS versions\u00a0Upgrade to a supported fixed version.Prisma Access\u00a0\nNo action needed."
            }
          ],
          "source": {
            "discovery": "INTERNAL"
          },
          "timeline": [
            {
              "lang": "en",
              "time": "2026-07-08T16:00:00.000Z",
              "value": "Initial publication"
            }
          ],
          "title": "PAN-OS: Server-Side Request Forgery Vulnerability in Management Web Interface",
          "workarounds": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003e\u003c/p\u003e\u003cp\u003eThe vast majority of firewalls already follow Palo Alto Networks\u0027 and industry best practices. However, if you have not already, we strongly recommend that you secure access to your management interface according to our \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431\"\u003ebest practice deployment guidelines\u003c/a\u003e. Specifically, you should restrict management interface access to only trusted internal IP addresses.\u003c/p\u003e\u003cp\u003eReview information about how to secure management access to your Palo Alto Networks firewalls:\u003c/p\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431\"\u003e\u003c/a\u003e\u003cul\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431\"\u003e\u003c/a\u003e\u003cli\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431\"\u003e\u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431\"\u003ePalo Alto Networks LIVEcommunity article\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices\"\u003ePalo Alto Networks official and detailed technical documentation\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eCustomers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat ID 510030 (from Applications and Threats content version 9122-10145 and later). For these Threat IDs to protect against attacks for this vulnerability:\u003c/p\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices#id59206398-3dab-4b2f-9b4b-7ea500d036ba\"\u003e\u003c/a\u003e\u003cul\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices#id59206398-3dab-4b2f-9b4b-7ea500d036ba\"\u003e\u003c/a\u003e\u003cli\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices#id59206398-3dab-4b2f-9b4b-7ea500d036ba\"\u003e\u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices#id59206398-3dab-4b2f-9b4b-7ea500d036ba\"\u003eRoute incoming traffic for the MGT port through a DP port\u003c/a\u003e\u0026nbsp;e.g., enabling management profile on a DP interface for management access\u003c/li\u003e\u003cli\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices#id112f7714-8995-4496-bbf9-781e63dec71c\"\u003eReplace the Certificate for Inbound Traffic Management\u003c/a\u003e.\u003c/li\u003e\u003cli\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices#idbbd82587-17a2-42b4-9245-d3714e1e13a2\"\u003eDecrypt inbound traffic to the management interface\u003c/a\u003e\u0026nbsp;so the firewall can inspect it.\u003c/li\u003e\u003cli\u003eEnable threat prevention on the inbound traffic to management services.\u003c/li\u003e\u003c/ul\u003e\u003cp\u003ePlease note that this Threat ID requires SSL Decryption.\u003c/p\u003e\u003cp\u003e\u003c/p\u003e"
                }
              ],
              "value": "The vast majority of firewalls already follow Palo Alto Networks\u0027 and industry best practices. However, if you have not already, we strongly recommend that you secure access to your management interface according to our  best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 . Specifically, you should restrict management interface access to only trusted internal IP addresses.\n\n\n\nReview information about how to secure management access to your Palo Alto Networks firewalls:\n\n  https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431   https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431   *    https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431  Palo Alto Networks LIVEcommunity article https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 \n  *   Palo Alto Networks official and detailed technical documentation https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices \n\n\n\n\nCustomers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat ID 510030 (from Applications and Threats content version 9122-10145 and later). For these Threat IDs to protect against attacks for this vulnerability:\n\n  https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices#id59206398-3dab-4b2f-9b4b-7ea500d036ba   https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices#id59206398-3dab-4b2f-9b4b-7ea500d036ba   *    https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices#id59206398-3dab-4b2f-9b4b-7ea500d036ba  Route incoming traffic for the MGT port through a DP port https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices#id59206398-3dab-4b2f-9b4b-7ea500d036ba \u00a0e.g., enabling management profile on a DP interface for management access\n  *   Replace the Certificate for Inbound Traffic Management https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices#id112f7714-8995-4496-bbf9-781e63dec71c .\n  *   Decrypt inbound traffic to the management interface https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices#idbbd82587-17a2-42b4-9245-d3714e1e13a2 \u00a0so the firewall can inspect it.\n  *  Enable threat prevention on the inbound traffic to management services.\n\n\n\n\nPlease note that this Threat ID requires SSL Decryption."
            }
          ],
          "x_affectedList": [
            "PAN-OS 12.1.7",
            "PAN-OS 12.1.6",
            "PAN-OS 12.1.5",
            "PAN-OS 12.1.4-h6",
            "PAN-OS 12.1.4-h5",
            "PAN-OS 12.1.4-h3",
            "PAN-OS 12.1.4-h2",
            "PAN-OS 12.1.4",
            "PAN-OS 12.1.3-h3",
            "PAN-OS 12.1.3-h1",
            "PAN-OS 12.1.3",
            "PAN-OS 12.1.2",
            "PAN-OS 11.2.12",
            "PAN-OS 11.2.11",
            "PAN-OS 11.2.10-h8",
            "PAN-OS 11.2.10-h7",
            "PAN-OS 11.2.10-h6",
            "PAN-OS 11.2.10-h5",
            "PAN-OS 11.2.10-h4",
            "PAN-OS 11.2.10-h3",
            "PAN-OS 11.2.10-h2",
            "PAN-OS 11.2.10-h1",
            "PAN-OS 11.2.10",
            "PAN-OS 11.2.9",
            "PAN-OS 11.2.8",
            "PAN-OS 11.2.7-h15",
            "PAN-OS 11.2.7-h14",
            "PAN-OS 11.2.7-h13",
            "PAN-OS 11.2.7-h12",
            "PAN-OS 11.2.7-h11",
            "PAN-OS 11.2.7-h10",
            "PAN-OS 11.2.7-h8",
            "PAN-OS 11.2.7-h7",
            "PAN-OS 11.2.7-h4",
            "PAN-OS 11.2.7-h3",
            "PAN-OS 11.2.7-h2",
            "PAN-OS 11.2.7-h1",
            "PAN-OS 11.2.7",
            "PAN-OS 11.2.6",
            "PAN-OS 11.2.5",
            "PAN-OS 11.2.4-h17",
            "PAN-OS 11.2.4-h15",
            "PAN-OS 11.2.4-h14",
            "PAN-OS 11.2.4-h12",
            "PAN-OS 11.2.4-h11",
            "PAN-OS 11.2.4-h10",
            "PAN-OS 11.2.4-h9",
            "PAN-OS 11.2.4-h8",
            "PAN-OS 11.2.4-h7",
            "PAN-OS 11.2.4-h6",
            "PAN-OS 11.2.4-h5",
            "PAN-OS 11.2.4-h4",
            "PAN-OS 11.2.4-h3",
            "PAN-OS 11.2.4-h2",
            "PAN-OS 11.2.4-h1",
            "PAN-OS 11.2.4",
            "PAN-OS 11.2.3-h5",
            "PAN-OS 11.2.3-h4",
            "PAN-OS 11.2.3-h3",
            "PAN-OS 11.2.3-h2",
            "PAN-OS 11.2.3-h1",
            "PAN-OS 11.2.3",
            "PAN-OS 11.2.2-h2",
            "PAN-OS 11.2.2-h1",
            "PAN-OS 11.2.1-h1",
            "PAN-OS 11.2.1",
            "PAN-OS 11.2.0-h1",
            "PAN-OS 11.2.0",
            "PAN-OS 11.1.15",
            "PAN-OS 11.1.14",
            "PAN-OS 11.1.13-h6",
            "PAN-OS 11.1.13-h5",
            "PAN-OS 11.1.13-h3",
            "PAN-OS 11.1.13-h2",
            "PAN-OS 11.1.13-h1",
            "PAN-OS 11.1.13",
            "PAN-OS 11.1.12",
            "PAN-OS 11.1.11",
            "PAN-OS 11.1.10-h26",
            "PAN-OS 11.1.10-h25",
            "PAN-OS 11.1.10-h21",
            "PAN-OS 11.1.10-h12",
            "PAN-OS 11.1.10-h10",
            "PAN-OS 11.1.10-h9",
            "PAN-OS 11.1.10-h7",
            "PAN-OS 11.1.10-h5",
            "PAN-OS 11.1.10-h4",
            "PAN-OS 11.1.10-h1",
            "PAN-OS 11.1.10",
            "PAN-OS 11.1.9",
            "PAN-OS 11.1.8",
            "PAN-OS 11.1.6-h32",
            "PAN-OS 11.1.6-h29",
            "PAN-OS 11.1.6-h25",
            "PAN-OS 11.1.6-h23",
            "PAN-OS 11.1.6-h22",
            "PAN-OS 11.1.6-h21",
            "PAN-OS 11.1.6-h20",
            "PAN-OS 11.1.6-h19",
            "PAN-OS 11.1.6-h18",
            "PAN-OS 11.1.6-h17",
            "PAN-OS 11.1.6-h14",
            "PAN-OS 11.1.6-h10",
            "PAN-OS 11.1.6-h7",
            "PAN-OS 11.1.6-h6",
            "PAN-OS 11.1.6-h4",
            "PAN-OS 11.1.6-h3",
            "PAN-OS 11.1.6-h2",
            "PAN-OS 11.1.6-h1",
            "PAN-OS 11.1.6",
            "PAN-OS 11.1.5-h1",
            "PAN-OS 11.1.5",
            "PAN-OS 11.1.4-h33",
            "PAN-OS 11.1.4-h32",
            "PAN-OS 11.1.4-h27",
            "PAN-OS 11.1.4-h25",
            "PAN-OS 11.1.4-h18",
            "PAN-OS 11.1.4-h17",
            "PAN-OS 11.1.4-h15",
            "PAN-OS 11.1.4-h13",
            "PAN-OS 11.1.4-h12",
            "PAN-OS 11.1.4-h11",
            "PAN-OS 11.1.4-h10",
            "PAN-OS 11.1.4-h9",
            "PAN-OS 11.1.4-h8",
            "PAN-OS 11.1.4-h7",
            "PAN-OS 11.1.4-h6",
            "PAN-OS 11.1.4-h5",
            "PAN-OS 11.1.4-h4",
            "PAN-OS 11.1.4-h3",
            "PAN-OS 11.1.4-h2",
            "PAN-OS 11.1.4-h1",
            "PAN-OS 11.1.4",
            "PAN-OS 11.1.3-h13",
            "PAN-OS 11.1.3-h12",
            "PAN-OS 11.1.3-h11",
            "PAN-OS 11.1.3-h10",
            "PAN-OS 11.1.3-h9",
            "PAN-OS 11.1.3-h8",
            "PAN-OS 11.1.3-h7",
            "PAN-OS 11.1.3-h6",
            "PAN-OS 11.1.3-h5",
            "PAN-OS 11.1.3-h4",
            "PAN-OS 11.1.3-h3",
            "PAN-OS 11.1.3-h2",
            "PAN-OS 11.1.3-h1",
            "PAN-OS 11.1.3",
            "PAN-OS 11.1.2-h18",
            "PAN-OS 11.1.2-h17",
            "PAN-OS 11.1.2-h16",
            "PAN-OS 11.1.2-h15",
            "PAN-OS 11.1.2-h14",
            "PAN-OS 11.1.2-h13",
            "PAN-OS 11.1.2-h12",
            "PAN-OS 11.1.2-h11",
            "PAN-OS 11.1.2-h10",
            "PAN-OS 11.1.2-h9",
            "PAN-OS 11.1.2-h8",
            "PAN-OS 11.1.2-h7",
            "PAN-OS 11.1.2-h6",
            "PAN-OS 11.1.2-h5",
            "PAN-OS 11.1.2-h4",
            "PAN-OS 11.1.2-h3",
            "PAN-OS 11.1.2-h2",
            "PAN-OS 11.1.2-h1",
            "PAN-OS 11.1.2",
            "PAN-OS 11.1.1-h2",
            "PAN-OS 11.1.1-h1",
            "PAN-OS 11.1.1",
            "PAN-OS 11.1.0-h4",
            "PAN-OS 11.1.0-h3",
            "PAN-OS 11.1.0-h2",
            "PAN-OS 11.1.0-h1",
            "PAN-OS 11.1.0",
            "PAN-OS 10.2.18-h6",
            "PAN-OS 10.2.18-h5",
            "PAN-OS 10.2.18-h1",
            "PAN-OS 10.2.18",
            "PAN-OS 10.2.17",
            "PAN-OS 10.2.16-h7",
            "PAN-OS 10.2.16-h6",
            "PAN-OS 10.2.16-h4",
            "PAN-OS 10.2.16-h1",
            "PAN-OS 10.2.16",
            "PAN-OS 10.2.15",
            "PAN-OS 10.2.14-h1",
            "PAN-OS 10.2.14",
            "PAN-OS 10.2.13-h21",
            "PAN-OS 10.2.13-h18",
            "PAN-OS 10.2.13-h16",
            "PAN-OS 10.2.13-h15",
            "PAN-OS 10.2.13-h10",
            "PAN-OS 10.2.13-h7",
            "PAN-OS 10.2.13-h5",
            "PAN-OS 10.2.13-h4",
            "PAN-OS 10.2.13-h3",
            "PAN-OS 10.2.13-h2",
            "PAN-OS 10.2.13-h1",
            "PAN-OS 10.2.13",
            "PAN-OS 10.2.12-h6",
            "PAN-OS 10.2.12-h5",
            "PAN-OS 10.2.12-h4",
            "PAN-OS 10.2.12-h3",
            "PAN-OS 10.2.12-h2",
            "PAN-OS 10.2.12-h1",
            "PAN-OS 10.2.12",
            "PAN-OS 10.2.11-h13",
            "PAN-OS 10.2.11-h12",
            "PAN-OS 10.2.11-h11",
            "PAN-OS 10.2.11-h10",
            "PAN-OS 10.2.11-h9",
            "PAN-OS 10.2.11-h8",
            "PAN-OS 10.2.11-h7",
            "PAN-OS 10.2.11-h6",
            "PAN-OS 10.2.11-h5",
            "PAN-OS 10.2.11-h4",
            "PAN-OS 10.2.11-h3",
            "PAN-OS 10.2.11-h2",
            "PAN-OS 10.2.11-h1",
            "PAN-OS 10.2.11",
            "PAN-OS 10.2.10-h36",
            "PAN-OS 10.2.10-h31",
            "PAN-OS 10.2.10-h30",
            "PAN-OS 10.2.10-h27",
            "PAN-OS 10.2.10-h26",
            "PAN-OS 10.2.10-h23",
            "PAN-OS 10.2.10-h21",
            "PAN-OS 10.2.10-h18",
            "PAN-OS 10.2.10-h17",
            "PAN-OS 10.2.10-h14",
            "PAN-OS 10.2.10-h13",
            "PAN-OS 10.2.10-h12",
            "PAN-OS 10.2.10-h11",
            "PAN-OS 10.2.10-h10",
            "PAN-OS 10.2.10-h9",
            "PAN-OS 10.2.10-h8",
            "PAN-OS 10.2.10-h7",
            "PAN-OS 10.2.10-h6",
            "PAN-OS 10.2.10-h5",
            "PAN-OS 10.2.10-h4",
            "PAN-OS 10.2.10-h3",
            "PAN-OS 10.2.10-h2",
            "PAN-OS 10.2.10-h1",
            "PAN-OS 10.2.10",
            "PAN-OS 10.2.9-h21",
            "PAN-OS 10.2.9-h20",
            "PAN-OS 10.2.9-h19",
            "PAN-OS 10.2.9-h18",
            "PAN-OS 10.2.9-h17",
            "PAN-OS 10.2.9-h16",
            "PAN-OS 10.2.9-h15",
            "PAN-OS 10.2.9-h14",
            "PAN-OS 10.2.9-h13",
            "PAN-OS 10.2.9-h12",
            "PAN-OS 10.2.9-h11",
            "PAN-OS 10.2.9-h10",
            "PAN-OS 10.2.9-h9",
            "PAN-OS 10.2.9-h8",
            "PAN-OS 10.2.9-h7",
            "PAN-OS 10.2.9-h6",
            "PAN-OS 10.2.9-h5",
            "PAN-OS 10.2.9-h4",
            "PAN-OS 10.2.9-h3",
            "PAN-OS 10.2.9-h2",
            "PAN-OS 10.2.9-h1",
            "PAN-OS 10.2.9",
            "PAN-OS 10.2.8-h21",
            "PAN-OS 10.2.8-h20",
            "PAN-OS 10.2.8-h19",
            "PAN-OS 10.2.8-h18",
            "PAN-OS 10.2.8-h17",
            "PAN-OS 10.2.8-h16",
            "PAN-OS 10.2.8-h15",
            "PAN-OS 10.2.8-h14",
            "PAN-OS 10.2.8-h13",
            "PAN-OS 10.2.8-h12",
            "PAN-OS 10.2.8-h11",
            "PAN-OS 10.2.8-h10",
            "PAN-OS 10.2.8-h9",
            "PAN-OS 10.2.8-h8",
            "PAN-OS 10.2.8-h7",
            "PAN-OS 10.2.8-h6",
            "PAN-OS 10.2.8-h5",
            "PAN-OS 10.2.8-h4",
            "PAN-OS 10.2.8-h3",
            "PAN-OS 10.2.8-h2",
            "PAN-OS 10.2.8-h1",
            "PAN-OS 10.2.8",
            "PAN-OS 10.2.7-h34",
            "PAN-OS 10.2.7-h32",
            "PAN-OS 10.2.7-h24",
            "PAN-OS 10.2.7-h23",
            "PAN-OS 10.2.7-h22",
            "PAN-OS 10.2.7-h21",
            "PAN-OS 10.2.7-h20",
            "PAN-OS 10.2.7-h19",
            "PAN-OS 10.2.7-h18",
            "PAN-OS 10.2.7-h17",
            "PAN-OS 10.2.7-h16",
            "PAN-OS 10.2.7-h15",
            "PAN-OS 10.2.7-h14",
            "PAN-OS 10.2.7-h13",
            "PAN-OS 10.2.7-h12",
            "PAN-OS 10.2.7-h11",
            "PAN-OS 10.2.7-h10",
            "PAN-OS 10.2.7-h9",
            "PAN-OS 10.2.7-h8",
            "PAN-OS 10.2.7-h7",
            "PAN-OS 10.2.7-h6",
            "PAN-OS 10.2.7-h5",
            "PAN-OS 10.2.7-h4",
            "PAN-OS 10.2.7-h3",
            "PAN-OS 10.2.7-h2",
            "PAN-OS 10.2.7-h1",
            "PAN-OS 10.2.7",
            "PAN-OS 10.2.6-h6",
            "PAN-OS 10.2.6-h5",
            "PAN-OS 10.2.6-h4",
            "PAN-OS 10.2.6-h3",
            "PAN-OS 10.2.6-h2",
            "PAN-OS 10.2.6-h1",
            "PAN-OS 10.2.6",
            "PAN-OS 10.2.5-h9",
            "PAN-OS 10.2.5-h8",
            "PAN-OS 10.2.5-h7",
            "PAN-OS 10.2.5-h6",
            "PAN-OS 10.2.5-h5",
            "PAN-OS 10.2.5-h4",
            "PAN-OS 10.2.5-h3",
            "PAN-OS 10.2.5-h2",
            "PAN-OS 10.2.5-h1",
            "PAN-OS 10.2.5",
            "PAN-OS 10.2.4-h32",
            "PAN-OS 10.2.4-h31",
            "PAN-OS 10.2.4-h30",
            "PAN-OS 10.2.4-h29",
            "PAN-OS 10.2.4-h28",
            "PAN-OS 10.2.4-h27",
            "PAN-OS 10.2.4-h26",
            "PAN-OS 10.2.4-h25",
            "PAN-OS 10.2.4-h24",
            "PAN-OS 10.2.4-h23",
            "PAN-OS 10.2.4-h22",
            "PAN-OS 10.2.4-h21",
            "PAN-OS 10.2.4-h20",
            "PAN-OS 10.2.4-h19",
            "PAN-OS 10.2.4-h18",
            "PAN-OS 10.2.4-h17",
            "PAN-OS 10.2.4-h16",
            "PAN-OS 10.2.4-h15",
            "PAN-OS 10.2.4-h14",
            "PAN-OS 10.2.4-h13",
            "PAN-OS 10.2.4-h12",
            "PAN-OS 10.2.4-h11",
            "PAN-OS 10.2.4-h10",
            "PAN-OS 10.2.4-h9",
            "PAN-OS 10.2.4-h8",
            "PAN-OS 10.2.4-h7",
            "PAN-OS 10.2.4-h6",
            "PAN-OS 10.2.4-h5",
            "PAN-OS 10.2.4-h4",
            "PAN-OS 10.2.4-h3",
            "PAN-OS 10.2.4-h2",
            "PAN-OS 10.2.4-h1",
            "PAN-OS 10.2.4",
            "PAN-OS 10.2.3-h14",
            "PAN-OS 10.2.3-h13",
            "PAN-OS 10.2.3-h12",
            "PAN-OS 10.2.3-h11",
            "PAN-OS 10.2.3-h10",
            "PAN-OS 10.2.3-h9",
            "PAN-OS 10.2.3-h8",
            "PAN-OS 10.2.3-h7",
            "PAN-OS 10.2.3-h6",
            "PAN-OS 10.2.3-h5",
            "PAN-OS 10.2.3-h4",
            "PAN-OS 10.2.3-h3",
            "PAN-OS 10.2.3-h2",
            "PAN-OS 10.2.3-h1",
            "PAN-OS 10.2.3",
            "PAN-OS 10.2.2-h6",
            "PAN-OS 10.2.2-h5",
            "PAN-OS 10.2.2-h4",
            "PAN-OS 10.2.2-h3",
            "PAN-OS 10.2.2-h2",
            "PAN-OS 10.2.2-h1",
            "PAN-OS 10.2.2",
            "PAN-OS 10.2.1-h3",
            "PAN-OS 10.2.1-h2",
            "PAN-OS 10.2.1-h1",
            "PAN-OS 10.2.1",
            "PAN-OS 10.2.0-h4",
            "PAN-OS 10.2.0-h3",
            "PAN-OS 10.2.0-h2",
            "PAN-OS 10.2.0-h1",
            "PAN-OS 10.2.0"
          ],
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "assignerShortName": "palo_alto",
        "cveId": "CVE-2026-0285",
        "datePublished": "2026-07-09T18:58:14.563Z",
        "dateReserved": "2025-11-03T20:44:43.620Z",
        "dateUpdated": "2026-07-09T19:25:44.255Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-0284 (GCVE-0-2026-0284)

    Vulnerability from nvd – Published: 2026-07-09 18:59 – Updated: 2026-07-09 19:25
    VLAI
    Title
    PAN-OS: XML Injection Vulnerability in Large Scale VPN (LSVPN)
    Summary
    An XML injection vulnerability in the Large Scale VPN (LSVPN) functionality of Palo Alto Networks PAN-OS® software enables an unauthenticated attacker with network access to inject malicious XML content, potentially leading to information disclosure or corruption of internal LSVPN satellite data. Panorama, Cloud NGFW, and Prisma® Access are not impacted by this vulnerability.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
    Assigner
    References
    Impacted products
    Vendor Product Version
    Palo Alto Networks Cloud NGFW Unaffected: All (custom)
    Create a notification for this product.
    Palo Alto Networks PAN-OS Affected: 12.1.0 , < 12.1.4-h8 (custom)
    Affected: 11.2.0 , < 11.2.4-h20 (custom)
    Affected: 11.1.0 , < 11.1.4-h35 (custom)
    Affected: 10.2.0 , < 10.2.7-h36 (custom)
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.7:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.15:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.14:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h26:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h25:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h32:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h29:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h25:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h23:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h22:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h20:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h19:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h33:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h32:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h27:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h25:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.17:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.15:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.14:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h16:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h36:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h31:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h30:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h27:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h26:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h23:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h34:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h32:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h24:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h23:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h22:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h20:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h19:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h16:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Palo Alto Networks Prisma Access Unaffected: All (custom)
    Create a notification for this product.
    Date Public
    2026-07-08 16:00
    Credits
    our internal security research teams
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-0284",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-09T19:25:21.473868Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-09T19:25:27.319Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Cloud NGFW",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "All",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.7:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.15:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.14:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h26:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h25:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h32:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h29:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h25:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h23:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h22:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h20:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h19:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h33:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h32:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h27:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h25:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.17:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.15:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.14:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h16:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h36:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h31:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h30:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h27:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h26:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h23:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h34:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h32:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h24:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h23:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h22:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h20:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h19:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h16:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "PAN-OS",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "12.1.4-h8",
                      "status": "unaffected"
                    },
                    {
                      "at": "12.1.7-h2",
                      "status": "unaffected"
                    },
                    {
                      "at": "12.1.8",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "12.1.4-h8",
                  "status": "affected",
                  "version": "12.1.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "11.2.4-h20",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.2.7-h18",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.2.10-h12",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.2.13",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "11.2.4-h20",
                  "status": "affected",
                  "version": "11.2.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "11.1.4-h35",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.6-h35",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.7-h8",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.10-h30",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.13-h9",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.16",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "11.1.4-h35",
                  "status": "affected",
                  "version": "11.1.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "10.2.7-h36",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.10-h39",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.13-h23",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.16-h9",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.18-h8",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "10.2.7-h36",
                  "status": "affected",
                  "version": "10.2.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Prisma Access",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "All",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "configurations": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "This issue is applicable only to firewalls using Large Scale VPN (LSVPN) with configured satellites.\u003cbr\u003e\u003cbr\u003eTo check if your firewall has LSVPN satellites configured, run the following from the PAN-OS CLI:\u003cbr\u003e\u003ccode\u003eshow config running | match satellite\u003c/code\u003e\u003cbr\u003e\u003cbr\u003eIf output is returned, LSVPN is in use.\u003cbr\u003e\u003cp\u003eYou can also verify in the web interface by navigating to \u003cb\u003eNetwork \u0026gt; GlobalProtect \u0026gt; Portals\u003c/b\u003e, selecting each portal, and checking whether the \u003cb\u003eSatellite\u003c/b\u003e tab contains any \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/ngfw/administration/large-scale-vpn-lsvpn/configure-the-globalprotect-portal-for-lsvpn/define-the-satellite-configurations\"\u003econfigured satellites\u003c/a\u003e.\u003c/p\u003e"
                }
              ],
              "value": "This issue is applicable only to firewalls using Large Scale VPN (LSVPN) with configured satellites.\n\nTo check if your firewall has LSVPN satellites configured, run the following from the PAN-OS CLI:\nshow config running | match satellite\n\nIf output is returned, LSVPN is in use.\n\n\nYou can also verify in the web interface by navigating to Network \u003e GlobalProtect \u003e Portals, selecting each portal, and checking whether the Satellite tab contains any  configured satellites https://docs.paloaltonetworks.com/ngfw/administration/large-scale-vpn-lsvpn/configure-the-globalprotect-portal-for-lsvpn/define-the-satellite-configurations ."
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "12.1.4-h8",
                      "versionStartIncluding": "12.1.4",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "12.1.7-h2",
                      "versionStartIncluding": "12.1.7",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "12.1.8",
                      "versionStartIncluding": "12.1.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.4-h20",
                      "versionStartIncluding": "11.2.4",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.7-h18",
                      "versionStartIncluding": "11.2.7",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.10-h12",
                      "versionStartIncluding": "11.2.10",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.13",
                      "versionStartIncluding": "11.2.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.4-h35",
                      "versionStartIncluding": "11.1.4",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.6-h35",
                      "versionStartIncluding": "11.1.6",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.7-h8",
                      "versionStartIncluding": "11.1.7",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.10-h30",
                      "versionStartIncluding": "11.1.10",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.13-h9",
                      "versionStartIncluding": "11.1.13",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.16",
                      "versionStartIncluding": "11.1.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.7-h36",
                      "versionStartIncluding": "10.2.7",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.10-h39",
                      "versionStartIncluding": "10.2.10",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.13-h23",
                      "versionStartIncluding": "10.2.13",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.16-h9",
                      "versionStartIncluding": "10.2.16",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.18-h8",
                      "versionStartIncluding": "10.2.18",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "our internal security research teams"
            }
          ],
          "datePublic": "2026-07-08T16:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An XML injection vulnerability in the Large Scale VPN (LSVPN) functionality of Palo Alto Networks PAN-OS\u00ae software enables an unauthenticated attacker with network access to inject malicious XML content, potentially leading to information disclosure or corruption of internal LSVPN satellite data.\u003cbr\u003e\u003cbr\u003ePanorama, Cloud NGFW, and Prisma\u00ae Access are not impacted by this vulnerability."
                }
              ],
              "value": "An XML injection vulnerability in the Large Scale VPN (LSVPN) functionality of Palo Alto Networks PAN-OS\u00ae software enables an unauthenticated attacker with network access to inject malicious XML content, potentially leading to information disclosure or corruption of internal LSVPN satellite data.\n\nPanorama, Cloud NGFW, and Prisma\u00ae Access are not impacted by this vulnerability."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
                }
              ],
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-250",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-250 XML Injection"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NO",
                "Recovery": "AUTOMATIC",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 4.7,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "UNREPORTED",
                "privilegesRequired": "NONE",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "LOW",
                "subConfidentialityImpact": "HIGH",
                "subIntegrityImpact": "LOW",
                "userInteraction": "NONE",
                "valueDensity": "DIFFUSE",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:H/SI:L/SA:L/E:U/AU:N/R:A/V:D/RE:M/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "LOW",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "MODERATE"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-74",
                  "description": "CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-09T18:59:57.586Z",
            "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
            "shortName": "palo_alto"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://security.paloaltonetworks.com/CVE-2026-0284"
            }
          ],
          "solutions": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003ctable\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eVersion\u003c/th\u003e\u003cth\u003eMinor Version Range\u003c/th\u003e\u003cth\u003eSuggested Solution\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003eCloud NGFW\u003c/td\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 12.1\u003c/td\u003e\u003ctd\u003e12.1.5 through 12.1.7-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 12.1.7-h2 or 12.1.8 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e12.1.2 through 12.1.4-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 12.1.4-h8 or 12.1.8 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 11.2\u003c/td\u003e\u003ctd\u003e11.2.11 through 11.2.12\u003c/td\u003e\u003ctd\u003eUpgrade to 11.2.13 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.2.8 through 11.2.10-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.2.10-h12 or 11.2.13 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.2.5 through 11.2.7-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.2.7-h18 or 11.2.13 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.2.0 through 11.2.4-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.2.4-h20 or 11.2.13 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 11.1\u003c/td\u003e\u003ctd\u003e11.1.14 through 11.1.15\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.16 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.1.11 through 11.1.13-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.13-h9 or 11.1.16 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.1.8 through 11.1.10-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.10-h30 or 11.1.16 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.1.7 through 11.1.7-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.7-h8 or 11.1.16 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.1.5 through 11.1.6-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.6-h35 or 11.1.16 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.1.0 through 11.1.4-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.4-h35 or 11.1.16 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 10.2\u003c/td\u003e\u003ctd\u003e10.2.17 through 10.2.18-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.18-h8 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e10.2.14 through 10.2.16-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.16-h9 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e10.2.11 through 10.2.13-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.13-h23 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e10.2.8 through 10.2.10-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.10-h39 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e10.2.0 through 10.2.7-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.7-h36 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eAll other older\u003cbr\u003eunsupported\u003cbr\u003ePAN-OS versions\u003c/td\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003eUpgrade to a supported fixed version.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePrisma Access\u003c/td\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e"
                }
              ],
              "value": "VersionMinor Version RangeSuggested SolutionCloud NGFW\nNo action needed.PAN-OS 12.112.1.5 through 12.1.7-h*Upgrade to 12.1.7-h2 or 12.1.8 or later.\n12.1.2 through 12.1.4-h*Upgrade to 12.1.4-h8 or 12.1.8 or later.PAN-OS 11.211.2.11 through 11.2.12Upgrade to 11.2.13 or later.\n11.2.8 through 11.2.10-h*Upgrade to 11.2.10-h12 or 11.2.13 or later.\n11.2.5 through 11.2.7-h*Upgrade to 11.2.7-h18 or 11.2.13 or later.\n11.2.0 through 11.2.4-h*Upgrade to 11.2.4-h20 or 11.2.13 or later.PAN-OS 11.111.1.14 through 11.1.15Upgrade to 11.1.16 or later.\n11.1.11 through 11.1.13-h*Upgrade to 11.1.13-h9 or 11.1.16 or later.\n11.1.8 through 11.1.10-h*Upgrade to 11.1.10-h30 or 11.1.16 or later.\n11.1.7 through 11.1.7-h*Upgrade to 11.1.7-h8 or 11.1.16 or later.\n11.1.5 through 11.1.6-h*Upgrade to 11.1.6-h35 or 11.1.16 or later.\n11.1.0 through 11.1.4-h*Upgrade to 11.1.4-h35 or 11.1.16 or later.PAN-OS 10.210.2.17 through 10.2.18-h*Upgrade to 10.2.18-h8 or later.\n10.2.14 through 10.2.16-h*Upgrade to 10.2.16-h9 or later.\n10.2.11 through 10.2.13-h*Upgrade to 10.2.13-h23 or later.\n10.2.8 through 10.2.10-h*Upgrade to 10.2.10-h39 or later.\n10.2.0 through 10.2.7-h*Upgrade to 10.2.7-h36 or later.All other older\nunsupported\nPAN-OS versions\nUpgrade to a supported fixed version.Prisma Access\nNo action needed."
            }
          ],
          "source": {
            "discovery": "INTERNAL"
          },
          "timeline": [
            {
              "lang": "en",
              "time": "2026-07-08T16:00:00.000Z",
              "value": "Initial publication"
            }
          ],
          "title": "PAN-OS: XML Injection Vulnerability in Large Scale VPN (LSVPN)",
          "workarounds": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "No known workarounds exist for this issue.\u003cbr\u003e\u003cbr\u003eCustomers with a Threat Prevention subscription are provided with limited coverage against this vulnerability by enabling Threat ID 510031 (from Applications and Threats content version\u0026nbsp;9122-10145 and later).\u003cbr\u003e\u003cp\u003eTo ensure the Threat ID provides effective protection against this vulnerability, ensure that \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/globalprotect-articles/applying-vulnerability-protection-to-globalprotect-interfaces/ta-p/340184\"\u003evulnerability protection security profile is applied to your GlobalProtect interface\u003c/a\u003e.\u003c/p\u003e"
                }
              ],
              "value": "No known workarounds exist for this issue.\n\nCustomers with a Threat Prevention subscription are provided with limited coverage against this vulnerability by enabling Threat ID 510031 (from Applications and Threats content version\u00a09122-10145 and later).\n\n\nTo ensure the Threat ID provides effective protection against this vulnerability, ensure that  vulnerability protection security profile is applied to your GlobalProtect interface https://live.paloaltonetworks.com/t5/globalprotect-articles/applying-vulnerability-protection-to-globalprotect-interfaces/ta-p/340184 ."
            }
          ],
          "x_affectedList": [
            "PAN-OS 12.1.7",
            "PAN-OS 12.1.6",
            "PAN-OS 12.1.5",
            "PAN-OS 12.1.4-h6",
            "PAN-OS 12.1.4-h5",
            "PAN-OS 12.1.4-h3",
            "PAN-OS 12.1.4-h2",
            "PAN-OS 12.1.4",
            "PAN-OS 12.1.3-h3",
            "PAN-OS 12.1.3-h1",
            "PAN-OS 12.1.3",
            "PAN-OS 12.1.2",
            "PAN-OS 11.2.12",
            "PAN-OS 11.2.11",
            "PAN-OS 11.2.10-h8",
            "PAN-OS 11.2.10-h7",
            "PAN-OS 11.2.10-h6",
            "PAN-OS 11.2.10-h5",
            "PAN-OS 11.2.10-h4",
            "PAN-OS 11.2.10-h3",
            "PAN-OS 11.2.10-h2",
            "PAN-OS 11.2.10-h1",
            "PAN-OS 11.2.10",
            "PAN-OS 11.2.9",
            "PAN-OS 11.2.8",
            "PAN-OS 11.2.7-h15",
            "PAN-OS 11.2.7-h14",
            "PAN-OS 11.2.7-h13",
            "PAN-OS 11.2.7-h12",
            "PAN-OS 11.2.7-h11",
            "PAN-OS 11.2.7-h10",
            "PAN-OS 11.2.7-h8",
            "PAN-OS 11.2.7-h7",
            "PAN-OS 11.2.7-h4",
            "PAN-OS 11.2.7-h3",
            "PAN-OS 11.2.7-h2",
            "PAN-OS 11.2.7-h1",
            "PAN-OS 11.2.7",
            "PAN-OS 11.2.6",
            "PAN-OS 11.2.5",
            "PAN-OS 11.2.4-h17",
            "PAN-OS 11.2.4-h15",
            "PAN-OS 11.2.4-h14",
            "PAN-OS 11.2.4-h12",
            "PAN-OS 11.2.4-h11",
            "PAN-OS 11.2.4-h10",
            "PAN-OS 11.2.4-h9",
            "PAN-OS 11.2.4-h8",
            "PAN-OS 11.2.4-h7",
            "PAN-OS 11.2.4-h6",
            "PAN-OS 11.2.4-h5",
            "PAN-OS 11.2.4-h4",
            "PAN-OS 11.2.4-h3",
            "PAN-OS 11.2.4-h2",
            "PAN-OS 11.2.4-h1",
            "PAN-OS 11.2.4",
            "PAN-OS 11.2.3-h5",
            "PAN-OS 11.2.3-h4",
            "PAN-OS 11.2.3-h3",
            "PAN-OS 11.2.3-h2",
            "PAN-OS 11.2.3-h1",
            "PAN-OS 11.2.3",
            "PAN-OS 11.2.2-h2",
            "PAN-OS 11.2.2-h1",
            "PAN-OS 11.2.1-h1",
            "PAN-OS 11.2.1",
            "PAN-OS 11.2.0-h1",
            "PAN-OS 11.2.0",
            "PAN-OS 11.1.15",
            "PAN-OS 11.1.14",
            "PAN-OS 11.1.13-h6",
            "PAN-OS 11.1.13-h5",
            "PAN-OS 11.1.13-h3",
            "PAN-OS 11.1.13-h2",
            "PAN-OS 11.1.13-h1",
            "PAN-OS 11.1.13",
            "PAN-OS 11.1.12",
            "PAN-OS 11.1.11",
            "PAN-OS 11.1.10-h26",
            "PAN-OS 11.1.10-h25",
            "PAN-OS 11.1.10-h21",
            "PAN-OS 11.1.10-h12",
            "PAN-OS 11.1.10-h10",
            "PAN-OS 11.1.10-h9",
            "PAN-OS 11.1.10-h7",
            "PAN-OS 11.1.10-h5",
            "PAN-OS 11.1.10-h4",
            "PAN-OS 11.1.10-h1",
            "PAN-OS 11.1.10",
            "PAN-OS 11.1.9",
            "PAN-OS 11.1.8",
            "PAN-OS 11.1.6-h32",
            "PAN-OS 11.1.6-h29",
            "PAN-OS 11.1.6-h25",
            "PAN-OS 11.1.6-h23",
            "PAN-OS 11.1.6-h22",
            "PAN-OS 11.1.6-h21",
            "PAN-OS 11.1.6-h20",
            "PAN-OS 11.1.6-h19",
            "PAN-OS 11.1.6-h18",
            "PAN-OS 11.1.6-h17",
            "PAN-OS 11.1.6-h14",
            "PAN-OS 11.1.6-h10",
            "PAN-OS 11.1.6-h7",
            "PAN-OS 11.1.6-h6",
            "PAN-OS 11.1.6-h4",
            "PAN-OS 11.1.6-h3",
            "PAN-OS 11.1.6-h2",
            "PAN-OS 11.1.6-h1",
            "PAN-OS 11.1.6",
            "PAN-OS 11.1.5-h1",
            "PAN-OS 11.1.5",
            "PAN-OS 11.1.4-h33",
            "PAN-OS 11.1.4-h32",
            "PAN-OS 11.1.4-h27",
            "PAN-OS 11.1.4-h25",
            "PAN-OS 11.1.4-h18",
            "PAN-OS 11.1.4-h17",
            "PAN-OS 11.1.4-h15",
            "PAN-OS 11.1.4-h13",
            "PAN-OS 11.1.4-h12",
            "PAN-OS 11.1.4-h11",
            "PAN-OS 11.1.4-h10",
            "PAN-OS 11.1.4-h9",
            "PAN-OS 11.1.4-h8",
            "PAN-OS 11.1.4-h7",
            "PAN-OS 11.1.4-h6",
            "PAN-OS 11.1.4-h5",
            "PAN-OS 11.1.4-h4",
            "PAN-OS 11.1.4-h3",
            "PAN-OS 11.1.4-h2",
            "PAN-OS 11.1.4-h1",
            "PAN-OS 11.1.4",
            "PAN-OS 11.1.3-h13",
            "PAN-OS 11.1.3-h12",
            "PAN-OS 11.1.3-h11",
            "PAN-OS 11.1.3-h10",
            "PAN-OS 11.1.3-h9",
            "PAN-OS 11.1.3-h8",
            "PAN-OS 11.1.3-h7",
            "PAN-OS 11.1.3-h6",
            "PAN-OS 11.1.3-h5",
            "PAN-OS 11.1.3-h4",
            "PAN-OS 11.1.3-h3",
            "PAN-OS 11.1.3-h2",
            "PAN-OS 11.1.3-h1",
            "PAN-OS 11.1.3",
            "PAN-OS 11.1.2-h18",
            "PAN-OS 11.1.2-h17",
            "PAN-OS 11.1.2-h16",
            "PAN-OS 11.1.2-h15",
            "PAN-OS 11.1.2-h14",
            "PAN-OS 11.1.2-h13",
            "PAN-OS 11.1.2-h12",
            "PAN-OS 11.1.2-h11",
            "PAN-OS 11.1.2-h10",
            "PAN-OS 11.1.2-h9",
            "PAN-OS 11.1.2-h8",
            "PAN-OS 11.1.2-h7",
            "PAN-OS 11.1.2-h6",
            "PAN-OS 11.1.2-h5",
            "PAN-OS 11.1.2-h4",
            "PAN-OS 11.1.2-h3",
            "PAN-OS 11.1.2-h2",
            "PAN-OS 11.1.2-h1",
            "PAN-OS 11.1.2",
            "PAN-OS 11.1.1-h2",
            "PAN-OS 11.1.1-h1",
            "PAN-OS 11.1.1",
            "PAN-OS 11.1.0-h4",
            "PAN-OS 11.1.0-h3",
            "PAN-OS 11.1.0-h2",
            "PAN-OS 11.1.0-h1",
            "PAN-OS 11.1.0",
            "PAN-OS 10.2.18-h6",
            "PAN-OS 10.2.18-h5",
            "PAN-OS 10.2.18-h1",
            "PAN-OS 10.2.18",
            "PAN-OS 10.2.17",
            "PAN-OS 10.2.16-h7",
            "PAN-OS 10.2.16-h6",
            "PAN-OS 10.2.16-h4",
            "PAN-OS 10.2.16-h1",
            "PAN-OS 10.2.16",
            "PAN-OS 10.2.15",
            "PAN-OS 10.2.14-h1",
            "PAN-OS 10.2.14",
            "PAN-OS 10.2.13-h21",
            "PAN-OS 10.2.13-h18",
            "PAN-OS 10.2.13-h16",
            "PAN-OS 10.2.13-h15",
            "PAN-OS 10.2.13-h10",
            "PAN-OS 10.2.13-h7",
            "PAN-OS 10.2.13-h5",
            "PAN-OS 10.2.13-h4",
            "PAN-OS 10.2.13-h3",
            "PAN-OS 10.2.13-h2",
            "PAN-OS 10.2.13-h1",
            "PAN-OS 10.2.13",
            "PAN-OS 10.2.12-h6",
            "PAN-OS 10.2.12-h5",
            "PAN-OS 10.2.12-h4",
            "PAN-OS 10.2.12-h3",
            "PAN-OS 10.2.12-h2",
            "PAN-OS 10.2.12-h1",
            "PAN-OS 10.2.12",
            "PAN-OS 10.2.11-h13",
            "PAN-OS 10.2.11-h12",
            "PAN-OS 10.2.11-h11",
            "PAN-OS 10.2.11-h10",
            "PAN-OS 10.2.11-h9",
            "PAN-OS 10.2.11-h8",
            "PAN-OS 10.2.11-h7",
            "PAN-OS 10.2.11-h6",
            "PAN-OS 10.2.11-h5",
            "PAN-OS 10.2.11-h4",
            "PAN-OS 10.2.11-h3",
            "PAN-OS 10.2.11-h2",
            "PAN-OS 10.2.11-h1",
            "PAN-OS 10.2.11",
            "PAN-OS 10.2.10-h36",
            "PAN-OS 10.2.10-h31",
            "PAN-OS 10.2.10-h30",
            "PAN-OS 10.2.10-h27",
            "PAN-OS 10.2.10-h26",
            "PAN-OS 10.2.10-h23",
            "PAN-OS 10.2.10-h21",
            "PAN-OS 10.2.10-h18",
            "PAN-OS 10.2.10-h17",
            "PAN-OS 10.2.10-h14",
            "PAN-OS 10.2.10-h13",
            "PAN-OS 10.2.10-h12",
            "PAN-OS 10.2.10-h11",
            "PAN-OS 10.2.10-h10",
            "PAN-OS 10.2.10-h9",
            "PAN-OS 10.2.10-h8",
            "PAN-OS 10.2.10-h7",
            "PAN-OS 10.2.10-h6",
            "PAN-OS 10.2.10-h5",
            "PAN-OS 10.2.10-h4",
            "PAN-OS 10.2.10-h3",
            "PAN-OS 10.2.10-h2",
            "PAN-OS 10.2.10-h1",
            "PAN-OS 10.2.10",
            "PAN-OS 10.2.9-h21",
            "PAN-OS 10.2.9-h20",
            "PAN-OS 10.2.9-h19",
            "PAN-OS 10.2.9-h18",
            "PAN-OS 10.2.9-h17",
            "PAN-OS 10.2.9-h16",
            "PAN-OS 10.2.9-h15",
            "PAN-OS 10.2.9-h14",
            "PAN-OS 10.2.9-h13",
            "PAN-OS 10.2.9-h12",
            "PAN-OS 10.2.9-h11",
            "PAN-OS 10.2.9-h10",
            "PAN-OS 10.2.9-h9",
            "PAN-OS 10.2.9-h8",
            "PAN-OS 10.2.9-h7",
            "PAN-OS 10.2.9-h6",
            "PAN-OS 10.2.9-h5",
            "PAN-OS 10.2.9-h4",
            "PAN-OS 10.2.9-h3",
            "PAN-OS 10.2.9-h2",
            "PAN-OS 10.2.9-h1",
            "PAN-OS 10.2.9",
            "PAN-OS 10.2.8-h21",
            "PAN-OS 10.2.8-h20",
            "PAN-OS 10.2.8-h19",
            "PAN-OS 10.2.8-h18",
            "PAN-OS 10.2.8-h17",
            "PAN-OS 10.2.8-h16",
            "PAN-OS 10.2.8-h15",
            "PAN-OS 10.2.8-h14",
            "PAN-OS 10.2.8-h13",
            "PAN-OS 10.2.8-h12",
            "PAN-OS 10.2.8-h11",
            "PAN-OS 10.2.8-h10",
            "PAN-OS 10.2.8-h9",
            "PAN-OS 10.2.8-h8",
            "PAN-OS 10.2.8-h7",
            "PAN-OS 10.2.8-h6",
            "PAN-OS 10.2.8-h5",
            "PAN-OS 10.2.8-h4",
            "PAN-OS 10.2.8-h3",
            "PAN-OS 10.2.8-h2",
            "PAN-OS 10.2.8-h1",
            "PAN-OS 10.2.8",
            "PAN-OS 10.2.7-h34",
            "PAN-OS 10.2.7-h32",
            "PAN-OS 10.2.7-h24",
            "PAN-OS 10.2.7-h23",
            "PAN-OS 10.2.7-h22",
            "PAN-OS 10.2.7-h21",
            "PAN-OS 10.2.7-h20",
            "PAN-OS 10.2.7-h19",
            "PAN-OS 10.2.7-h18",
            "PAN-OS 10.2.7-h17",
            "PAN-OS 10.2.7-h16",
            "PAN-OS 10.2.7-h15",
            "PAN-OS 10.2.7-h14",
            "PAN-OS 10.2.7-h13",
            "PAN-OS 10.2.7-h12",
            "PAN-OS 10.2.7-h11",
            "PAN-OS 10.2.7-h10",
            "PAN-OS 10.2.7-h9",
            "PAN-OS 10.2.7-h8",
            "PAN-OS 10.2.7-h7",
            "PAN-OS 10.2.7-h6",
            "PAN-OS 10.2.7-h5",
            "PAN-OS 10.2.7-h4",
            "PAN-OS 10.2.7-h3",
            "PAN-OS 10.2.7-h2",
            "PAN-OS 10.2.7-h1",
            "PAN-OS 10.2.7",
            "PAN-OS 10.2.6-h6",
            "PAN-OS 10.2.6-h5",
            "PAN-OS 10.2.6-h4",
            "PAN-OS 10.2.6-h3",
            "PAN-OS 10.2.6-h2",
            "PAN-OS 10.2.6-h1",
            "PAN-OS 10.2.6",
            "PAN-OS 10.2.5-h9",
            "PAN-OS 10.2.5-h8",
            "PAN-OS 10.2.5-h7",
            "PAN-OS 10.2.5-h6",
            "PAN-OS 10.2.5-h5",
            "PAN-OS 10.2.5-h4",
            "PAN-OS 10.2.5-h3",
            "PAN-OS 10.2.5-h2",
            "PAN-OS 10.2.5-h1",
            "PAN-OS 10.2.5",
            "PAN-OS 10.2.4-h32",
            "PAN-OS 10.2.4-h31",
            "PAN-OS 10.2.4-h30",
            "PAN-OS 10.2.4-h29",
            "PAN-OS 10.2.4-h28",
            "PAN-OS 10.2.4-h27",
            "PAN-OS 10.2.4-h26",
            "PAN-OS 10.2.4-h25",
            "PAN-OS 10.2.4-h24",
            "PAN-OS 10.2.4-h23",
            "PAN-OS 10.2.4-h22",
            "PAN-OS 10.2.4-h21",
            "PAN-OS 10.2.4-h20",
            "PAN-OS 10.2.4-h19",
            "PAN-OS 10.2.4-h18",
            "PAN-OS 10.2.4-h17",
            "PAN-OS 10.2.4-h16",
            "PAN-OS 10.2.4-h15",
            "PAN-OS 10.2.4-h14",
            "PAN-OS 10.2.4-h13",
            "PAN-OS 10.2.4-h12",
            "PAN-OS 10.2.4-h11",
            "PAN-OS 10.2.4-h10",
            "PAN-OS 10.2.4-h9",
            "PAN-OS 10.2.4-h8",
            "PAN-OS 10.2.4-h7",
            "PAN-OS 10.2.4-h6",
            "PAN-OS 10.2.4-h5",
            "PAN-OS 10.2.4-h4",
            "PAN-OS 10.2.4-h3",
            "PAN-OS 10.2.4-h2",
            "PAN-OS 10.2.4-h1",
            "PAN-OS 10.2.4",
            "PAN-OS 10.2.3-h14",
            "PAN-OS 10.2.3-h13",
            "PAN-OS 10.2.3-h12",
            "PAN-OS 10.2.3-h11",
            "PAN-OS 10.2.3-h10",
            "PAN-OS 10.2.3-h9",
            "PAN-OS 10.2.3-h8",
            "PAN-OS 10.2.3-h7",
            "PAN-OS 10.2.3-h6",
            "PAN-OS 10.2.3-h5",
            "PAN-OS 10.2.3-h4",
            "PAN-OS 10.2.3-h3",
            "PAN-OS 10.2.3-h2",
            "PAN-OS 10.2.3-h1",
            "PAN-OS 10.2.3",
            "PAN-OS 10.2.2-h6",
            "PAN-OS 10.2.2-h5",
            "PAN-OS 10.2.2-h4",
            "PAN-OS 10.2.2-h3",
            "PAN-OS 10.2.2-h2",
            "PAN-OS 10.2.2-h1",
            "PAN-OS 10.2.2",
            "PAN-OS 10.2.1-h3",
            "PAN-OS 10.2.1-h2",
            "PAN-OS 10.2.1-h1",
            "PAN-OS 10.2.1",
            "PAN-OS 10.2.0-h4",
            "PAN-OS 10.2.0-h3",
            "PAN-OS 10.2.0-h2",
            "PAN-OS 10.2.0-h1",
            "PAN-OS 10.2.0"
          ],
          "x_faq": [
            {
              "answer": "Limited coverage in Threat Prevention means that while known attack patterns can be identified using the current Threat ID, variations may exist that cannot currently be detected. If this CVE and Required Configuration for Exposure impact your environment, we recommend upgrading to an unaffected version.",
              "question": "Why do Threat Prevention signatures provide limited coverage?"
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "assignerShortName": "palo_alto",
        "cveId": "CVE-2026-0284",
        "datePublished": "2026-07-09T18:59:57.586Z",
        "dateReserved": "2025-11-03T20:44:42.748Z",
        "dateUpdated": "2026-07-09T19:25:27.319Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-0283 (GCVE-0-2026-0283)

    Vulnerability from nvd – Published: 2026-07-09 19:01 – Updated: 2026-07-09 19:25
    VLAI
    Title
    PAN-OS: Authentication Bypass Vulnerability in Large Scale VPN (LSVPN)
    Summary
    An authentication bypass vulnerability in Large Scale VPN ( LSVPN) functionality of Palo Alto Networks PAN-OS software allows an attacker with network access to bypass security restrictions and establish an unauthorized site-to-site VPN connection. Panorama, Cloud NGFW, and Prisma® Access are not impacted by this vulnerability.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-306 - Missing Authentication for Critical Function
    Assigner
    References
    Impacted products
    Vendor Product Version
    Palo Alto Networks Cloud NGFW Unaffected: All (custom)
    Create a notification for this product.
    Palo Alto Networks PAN-OS Affected: 12.1.0 , < 12.1.8 (custom)
    Affected: 11.2.0 , < 11.2.13 (custom)
    Affected: 11.1.0 , < 11.1.16 (custom)
    Affected: 10.2.0 , < 10.2.18-h8 (custom)
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.7:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.7:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h16:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.15:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.14:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h28:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h27:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h26:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h25:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h34:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h33:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h32:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h29:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h25:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h23:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h22:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h20:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h19:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h34:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h33:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h32:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h27:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h25:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.17:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.15:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.14:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h22:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h16:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h37:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h36:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h31:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h30:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h27:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h26:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h23:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h35:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h34:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h32:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h24:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h23:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h22:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h20:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h19:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h16:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Palo Alto Networks Prisma Access Unaffected: All (custom)
    Create a notification for this product.
    Date Public
    2026-07-08 16:00
    Credits
    Vaibhav Nagar (internal reporter) and our internal security research teams
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-0283",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-09T19:24:57.850143Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-09T19:25:07.889Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Cloud NGFW",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "All",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.7:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.7:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h16:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.15:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.14:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h28:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h27:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h26:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h25:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h34:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h33:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h32:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h29:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h25:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h23:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h22:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h20:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h19:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h34:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h33:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h32:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h27:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h25:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.17:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.15:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.14:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h22:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h16:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h37:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h36:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h31:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h30:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h27:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h26:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h23:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h35:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h34:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h32:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h24:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h23:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h22:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h20:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h19:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h16:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "PAN-OS",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "12.1.8",
                      "status": "unaffected"
                    },
                    {
                      "at": "12.1.7-h2",
                      "status": "unaffected"
                    },
                    {
                      "at": "12.1.4-h8",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "12.1.8",
                  "status": "affected",
                  "version": "12.1.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "11.2.13",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.2.10-h12",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.2.7-h18",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.2.4-h20",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "11.2.13",
                  "status": "affected",
                  "version": "11.2.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "11.1.16",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.13-h9",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.10-h30",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.7-h8",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.6-h35",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.4-h35",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "11.1.16",
                  "status": "affected",
                  "version": "11.1.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "10.2.18-h8",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.16-h9",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.13-h23",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.10-h39",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.7-h36",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "10.2.18-h8",
                  "status": "affected",
                  "version": "10.2.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Prisma Access",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "All",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "configurations": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eThis issue is applicable only to firewalls using Large Scale VPN (LSVPN) with configured satellites.\u003cbr\u003e\u003c/p\u003e\u003cp\u003eTo check if your firewall has LSVPN satellites configured, run the following from the PAN-OS CLI:\u003cbr\u003e\u003c/p\u003eshow config running | match satellite\u003cp\u003eIf output is returned, LSVPN is in use.\u003c/p\u003e\u003cp\u003eYou can also verify in the web interface by navigating to\u0026nbsp;\u003cb\u003eNetwork\u003c/b\u003e\u003cb\u003e \u0026gt; \u003c/b\u003e\u003cb\u003eGlobalProtect\u003c/b\u003e\u003cb\u003e \u0026gt; \u003c/b\u003e\u003cb\u003ePortals\u003c/b\u003e, selecting each portal, and checking whether the Satellite tab contains any\u0026nbsp;\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/ngfw/administration/large-scale-vpn-lsvpn/configure-the-globalprotect-portal-for-lsvpn/define-the-satellite-configurations\"\u003econfigured satellites\u003c/a\u003e.\u003c/p\u003e"
                }
              ],
              "value": "This issue is applicable only to firewalls using Large Scale VPN (LSVPN) with configured satellites.\n\n\n\n\nTo check if your firewall has LSVPN satellites configured, run the following from the PAN-OS CLI:\n\n\nshow config running | match satellite\n\nIf output is returned, LSVPN is in use.\n\n\n\nYou can also verify in the web interface by navigating to\u00a0Network \u003e GlobalProtect \u003e Portals, selecting each portal, and checking whether the Satellite tab contains any\u00a0 configured satellites https://docs.paloaltonetworks.com/ngfw/administration/large-scale-vpn-lsvpn/configure-the-globalprotect-portal-for-lsvpn/define-the-satellite-configurations ."
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "12.1.8",
                      "versionStartIncluding": "12.1.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "12.1.7-h2",
                      "versionStartIncluding": "12.1.7",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "12.1.4-h8",
                      "versionStartIncluding": "12.1.4",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.13",
                      "versionStartIncluding": "11.2.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.10-h12",
                      "versionStartIncluding": "11.2.10",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.7-h18",
                      "versionStartIncluding": "11.2.7",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.4-h20",
                      "versionStartIncluding": "11.2.4",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.16",
                      "versionStartIncluding": "11.1.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.13-h9",
                      "versionStartIncluding": "11.1.13",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.10-h30",
                      "versionStartIncluding": "11.1.10",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.7-h8",
                      "versionStartIncluding": "11.1.7",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.6-h35",
                      "versionStartIncluding": "11.1.6",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.4-h35",
                      "versionStartIncluding": "11.1.4",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.18-h8",
                      "versionStartIncluding": "10.2.18",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.16-h9",
                      "versionStartIncluding": "10.2.16",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.13-h23",
                      "versionStartIncluding": "10.2.13",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.10-h39",
                      "versionStartIncluding": "10.2.10",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.7-h36",
                      "versionStartIncluding": "10.2.7",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Vaibhav Nagar (internal reporter)  and our internal security research teams"
            }
          ],
          "datePublic": "2026-07-08T16:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An authentication bypass vulnerability in Large Scale VPN ( LSVPN) functionality of Palo Alto Networks PAN-OS software allows an attacker with network access to bypass security restrictions and establish an unauthorized site-to-site VPN connection.\u003cbr\u003e\u003cbr\u003ePanorama, Cloud NGFW, and Prisma\u00ae Access are not impacted by this vulnerability."
                }
              ],
              "value": "An authentication bypass vulnerability in Large Scale VPN ( LSVPN) functionality of Palo Alto Networks PAN-OS software allows an attacker with network access to bypass security restrictions and establish an unauthorized site-to-site VPN connection.\n\nPanorama, Cloud NGFW, and Prisma\u00ae Access are not impacted by this vulnerability."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
                }
              ],
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-115",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-115 Authentication Bypass"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NO",
                "Recovery": "USER",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 4.5,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "UNREPORTED",
                "privilegesRequired": "NONE",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "HIGH",
                "subIntegrityImpact": "LOW",
                "userInteraction": "NONE",
                "valueDensity": "DIFFUSE",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:H/SI:L/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "LOW",
                "vulnConfidentialityImpact": "LOW",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "MODERATE"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "The risk is highest when you allow access to the management interface from external IP addresses on the internet."
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-306",
                  "description": "CWE-306 Missing Authentication for Critical Function",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-09T19:01:34.210Z",
            "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
            "shortName": "palo_alto"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://security.paloaltonetworks.com/CVE-2026-0283"
            }
          ],
          "solutions": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003ctable\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eVersion\u003cbr\u003e\u003c/th\u003e\u003cth\u003eMinor Version\u003cbr\u003e\u003c/th\u003e\u003cth\u003eSuggested Solution\u003cbr\u003e\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003eCloud NGFW All\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePAN-OS 12.1\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e12.1.5 through 12.1.7-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 12.1.7-h2 or 12.1.8 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e12.1.2 through 12.1.4-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 12.1.4-h8 or 12.1.8 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePAN-OS 11.2\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.2.11 through 11.2.12\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.2.13 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.2.8 through 11.2.10-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.2.10-h12 or 11.2.13 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.2.5 through 11.2.7-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.2.7-h18 or 11.2.13 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.2.0 through 11.2.4-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.2.4-h20 or 11.2.13 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePAN-OS 11.1\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.14 through 11.1.15\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.16 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.11 through 11.1.13-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.13-h9 or 11.1.16 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.8 through 11.1.10-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.10-h30 or 11.1.16 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.7 through 11.1.7-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.7-h8 or 11.1.16 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.5 through 11.1.6-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.6-h35 or 11.1.16 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.0 through 11.1.4-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.4-h35 or 11.1.16 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePAN-OS 10.2\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e10.2.17 through 10.2.18-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 10.2.18-h8 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e10.2.14 through 10.2.16-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 10.2.16-h9 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e10.2.11 through 10.2.13-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 10.2.13-h23 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e10.2.8 through 10.2.10-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 10.2.10-h39 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e10.2.0 through 10.2.7-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 10.2.7-h36 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eAll older\u003cbr\u003eunsupported\u003cbr\u003ePAN-OS versions\u003c/td\u003e\u003ctd\u003e\u0026nbsp;\u003c/td\u003e\u003ctd\u003eUpgrade to a supported fixed version.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePrisma Access All\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e"
                }
              ],
              "value": "Version\nMinor Version\nSuggested Solution\nCloud NGFW All\nNo action needed.\n                                PAN-OS 12.1\n\n                                12.1.5 through 12.1.7-h*\n                                Upgrade to 12.1.7-h2 or 12.1.8 or later.\n                            \n                                \n                                12.1.2 through 12.1.4-h*\n                                Upgrade to 12.1.4-h8 or 12.1.8 or later.\n                            \n                                PAN-OS 11.2\n\n                                11.2.11 through 11.2.12\n                                Upgrade to 11.2.13 or later.\n                            \n                                \n                                11.2.8 through 11.2.10-h*\n                                Upgrade to 11.2.10-h12 or 11.2.13 or later.\n                            \n                                \n                                11.2.5 through 11.2.7-h*\n                                Upgrade to 11.2.7-h18 or 11.2.13 or later.\n                            \n                                \n                                11.2.0 through 11.2.4-h*\n                                Upgrade to 11.2.4-h20 or 11.2.13 or later.\n                            \n                                PAN-OS 11.1\n\n                                11.1.14 through 11.1.15\n                                Upgrade to 11.1.16 or later.\n                            \n                                \n                                11.1.11 through 11.1.13-h*\n                                Upgrade to 11.1.13-h9 or 11.1.16 or later.\n                            \n                                \n                                11.1.8 through 11.1.10-h*\n                                Upgrade to 11.1.10-h30 or 11.1.16 or later.\n                            \n                                \n                                11.1.7 through 11.1.7-h*\n                                Upgrade to 11.1.7-h8 or 11.1.16 or later.\n                            \n                                \n                                11.1.5 through 11.1.6-h*\n                                Upgrade to 11.1.6-h35 or 11.1.16 or later.\n                            \n                                \n                                11.1.0 through 11.1.4-h*\n                                Upgrade to 11.1.4-h35 or 11.1.16 or later.\n                            \n                                PAN-OS 10.2\n\n                                10.2.17 through 10.2.18-h*\n                                Upgrade to 10.2.18-h8 or later.\n                            \n                                \n                                10.2.14 through 10.2.16-h*\n                                Upgrade to 10.2.16-h9 or later.\n                            \n                                \n                                10.2.11 through 10.2.13-h*\n                                Upgrade to 10.2.13-h23 or later.\n                            \n                                \n                                10.2.8 through 10.2.10-h*\n                                Upgrade to 10.2.10-h39 or later.\n                            \n                                \n                                10.2.0 through 10.2.7-h*\n                                Upgrade to 10.2.7-h36 or later.\n                            All older\nunsupported\nPAN-OS versions\u00a0Upgrade to a supported fixed version.Prisma Access All\nNo action needed."
            }
          ],
          "source": {
            "discovery": "INTERNAL"
          },
          "timeline": [
            {
              "lang": "en",
              "time": "2026-07-08T16:00:00.000Z",
              "value": "Initial publication"
            }
          ],
          "title": "PAN-OS: Authentication Bypass Vulnerability in Large Scale VPN (LSVPN)",
          "workarounds": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eCustomers with a Threat Prevention subscription are provided with limited coverage against this vulnerability when enabling Threat ID 510032 (from Applications and Threats content version\u0026nbsp;9122-10145 and later).\u0026nbsp;\u003cbr\u003e\u003cbr\u003eTo ensure the Threat ID provides effective protection against this vulnerability, ensure that \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/globalprotect-articles/applying-vulnerability-protection-to-globalprotect-interfaces/ta-p/340184\"\u003evulnerability protection security profile is applied to your GlobalProtect interface\u003c/a\u003e.\u003c/p\u003e"
                }
              ],
              "value": "Customers with a Threat Prevention subscription are provided with limited coverage against this vulnerability when enabling Threat ID 510032 (from Applications and Threats content version\u00a09122-10145 and later).\u00a0\n\nTo ensure the Threat ID provides effective protection against this vulnerability, ensure that  vulnerability protection security profile is applied to your GlobalProtect interface https://live.paloaltonetworks.com/t5/globalprotect-articles/applying-vulnerability-protection-to-globalprotect-interfaces/ta-p/340184 ."
            }
          ],
          "x_affectedList": [
            "PAN-OS 12.1.7-h1",
            "PAN-OS 12.1.7",
            "PAN-OS 12.1.6",
            "PAN-OS 12.1.5",
            "PAN-OS 12.1.4-h7",
            "PAN-OS 12.1.4-h6",
            "PAN-OS 12.1.4-h5",
            "PAN-OS 12.1.4-h3",
            "PAN-OS 12.1.4-h2",
            "PAN-OS 12.1.4",
            "PAN-OS 12.1.3-h3",
            "PAN-OS 12.1.3-h1",
            "PAN-OS 12.1.3",
            "PAN-OS 12.1.2",
            "PAN-OS 11.2.12",
            "PAN-OS 11.2.11",
            "PAN-OS 11.2.10-h10",
            "PAN-OS 11.2.10-h9",
            "PAN-OS 11.2.10-h8",
            "PAN-OS 11.2.10-h7",
            "PAN-OS 11.2.10-h6",
            "PAN-OS 11.2.10-h5",
            "PAN-OS 11.2.10-h4",
            "PAN-OS 11.2.10-h3",
            "PAN-OS 11.2.10-h2",
            "PAN-OS 11.2.10-h1",
            "PAN-OS 11.2.10",
            "PAN-OS 11.2.9",
            "PAN-OS 11.2.8",
            "PAN-OS 11.2.7-h17",
            "PAN-OS 11.2.7-h16",
            "PAN-OS 11.2.7-h15",
            "PAN-OS 11.2.7-h14",
            "PAN-OS 11.2.7-h13",
            "PAN-OS 11.2.7-h12",
            "PAN-OS 11.2.7-h11",
            "PAN-OS 11.2.7-h10",
            "PAN-OS 11.2.7-h8",
            "PAN-OS 11.2.7-h7",
            "PAN-OS 11.2.7-h4",
            "PAN-OS 11.2.7-h3",
            "PAN-OS 11.2.7-h2",
            "PAN-OS 11.2.7-h1",
            "PAN-OS 11.2.7",
            "PAN-OS 11.2.6",
            "PAN-OS 11.2.5",
            "PAN-OS 11.2.4-h18",
            "PAN-OS 11.2.4-h17",
            "PAN-OS 11.2.4-h15",
            "PAN-OS 11.2.4-h14",
            "PAN-OS 11.2.4-h12",
            "PAN-OS 11.2.4-h11",
            "PAN-OS 11.2.4-h10",
            "PAN-OS 11.2.4-h9",
            "PAN-OS 11.2.4-h8",
            "PAN-OS 11.2.4-h7",
            "PAN-OS 11.2.4-h6",
            "PAN-OS 11.2.4-h5",
            "PAN-OS 11.2.4-h4",
            "PAN-OS 11.2.4-h3",
            "PAN-OS 11.2.4-h2",
            "PAN-OS 11.2.4-h1",
            "PAN-OS 11.2.4",
            "PAN-OS 11.2.3-h5",
            "PAN-OS 11.2.3-h4",
            "PAN-OS 11.2.3-h3",
            "PAN-OS 11.2.3-h2",
            "PAN-OS 11.2.3-h1",
            "PAN-OS 11.2.3",
            "PAN-OS 11.2.2-h2",
            "PAN-OS 11.2.2-h1",
            "PAN-OS 11.2.1-h1",
            "PAN-OS 11.2.1",
            "PAN-OS 11.2.0-h1",
            "PAN-OS 11.2.0",
            "PAN-OS 11.1.15",
            "PAN-OS 11.1.14",
            "PAN-OS 11.1.13-h8",
            "PAN-OS 11.1.13-h7",
            "PAN-OS 11.1.13-h6",
            "PAN-OS 11.1.13-h5",
            "PAN-OS 11.1.13-h3",
            "PAN-OS 11.1.13-h2",
            "PAN-OS 11.1.13-h1",
            "PAN-OS 11.1.13",
            "PAN-OS 11.1.12",
            "PAN-OS 11.1.11",
            "PAN-OS 11.1.10-h28",
            "PAN-OS 11.1.10-h27",
            "PAN-OS 11.1.10-h26",
            "PAN-OS 11.1.10-h25",
            "PAN-OS 11.1.10-h21",
            "PAN-OS 11.1.10-h12",
            "PAN-OS 11.1.10-h10",
            "PAN-OS 11.1.10-h9",
            "PAN-OS 11.1.10-h7",
            "PAN-OS 11.1.10-h5",
            "PAN-OS 11.1.10-h4",
            "PAN-OS 11.1.10-h1",
            "PAN-OS 11.1.10",
            "PAN-OS 11.1.9",
            "PAN-OS 11.1.8",
            "PAN-OS 11.1.6-h34",
            "PAN-OS 11.1.6-h33",
            "PAN-OS 11.1.6-h32",
            "PAN-OS 11.1.6-h29",
            "PAN-OS 11.1.6-h25",
            "PAN-OS 11.1.6-h23",
            "PAN-OS 11.1.6-h22",
            "PAN-OS 11.1.6-h21",
            "PAN-OS 11.1.6-h20",
            "PAN-OS 11.1.6-h19",
            "PAN-OS 11.1.6-h18",
            "PAN-OS 11.1.6-h17",
            "PAN-OS 11.1.6-h14",
            "PAN-OS 11.1.6-h10",
            "PAN-OS 11.1.6-h7",
            "PAN-OS 11.1.6-h6",
            "PAN-OS 11.1.6-h4",
            "PAN-OS 11.1.6-h3",
            "PAN-OS 11.1.6-h2",
            "PAN-OS 11.1.6-h1",
            "PAN-OS 11.1.6",
            "PAN-OS 11.1.5-h1",
            "PAN-OS 11.1.5",
            "PAN-OS 11.1.4-h34",
            "PAN-OS 11.1.4-h33",
            "PAN-OS 11.1.4-h32",
            "PAN-OS 11.1.4-h27",
            "PAN-OS 11.1.4-h25",
            "PAN-OS 11.1.4-h18",
            "PAN-OS 11.1.4-h17",
            "PAN-OS 11.1.4-h15",
            "PAN-OS 11.1.4-h13",
            "PAN-OS 11.1.4-h12",
            "PAN-OS 11.1.4-h11",
            "PAN-OS 11.1.4-h10",
            "PAN-OS 11.1.4-h9",
            "PAN-OS 11.1.4-h8",
            "PAN-OS 11.1.4-h7",
            "PAN-OS 11.1.4-h6",
            "PAN-OS 11.1.4-h5",
            "PAN-OS 11.1.4-h4",
            "PAN-OS 11.1.4-h3",
            "PAN-OS 11.1.4-h2",
            "PAN-OS 11.1.4-h1",
            "PAN-OS 11.1.4",
            "PAN-OS 11.1.3-h13",
            "PAN-OS 11.1.3-h12",
            "PAN-OS 11.1.3-h11",
            "PAN-OS 11.1.3-h10",
            "PAN-OS 11.1.3-h9",
            "PAN-OS 11.1.3-h8",
            "PAN-OS 11.1.3-h7",
            "PAN-OS 11.1.3-h6",
            "PAN-OS 11.1.3-h5",
            "PAN-OS 11.1.3-h4",
            "PAN-OS 11.1.3-h3",
            "PAN-OS 11.1.3-h2",
            "PAN-OS 11.1.3-h1",
            "PAN-OS 11.1.3",
            "PAN-OS 11.1.2-h18",
            "PAN-OS 11.1.2-h17",
            "PAN-OS 11.1.2-h16",
            "PAN-OS 11.1.2-h15",
            "PAN-OS 11.1.2-h14",
            "PAN-OS 11.1.2-h13",
            "PAN-OS 11.1.2-h12",
            "PAN-OS 11.1.2-h11",
            "PAN-OS 11.1.2-h10",
            "PAN-OS 11.1.2-h9",
            "PAN-OS 11.1.2-h8",
            "PAN-OS 11.1.2-h7",
            "PAN-OS 11.1.2-h6",
            "PAN-OS 11.1.2-h5",
            "PAN-OS 11.1.2-h4",
            "PAN-OS 11.1.2-h3",
            "PAN-OS 11.1.2-h2",
            "PAN-OS 11.1.2-h1",
            "PAN-OS 11.1.2",
            "PAN-OS 11.1.1-h2",
            "PAN-OS 11.1.1-h1",
            "PAN-OS 11.1.1",
            "PAN-OS 11.1.0-h4",
            "PAN-OS 11.1.0-h3",
            "PAN-OS 11.1.0-h2",
            "PAN-OS 11.1.0-h1",
            "PAN-OS 11.1.0",
            "PAN-OS 10.2.18-h7",
            "PAN-OS 10.2.18-h6",
            "PAN-OS 10.2.18-h5",
            "PAN-OS 10.2.18-h1",
            "PAN-OS 10.2.18",
            "PAN-OS 10.2.17",
            "PAN-OS 10.2.16-h8",
            "PAN-OS 10.2.16-h7",
            "PAN-OS 10.2.16-h6",
            "PAN-OS 10.2.16-h4",
            "PAN-OS 10.2.16-h1",
            "PAN-OS 10.2.16",
            "PAN-OS 10.2.15",
            "PAN-OS 10.2.14-h1",
            "PAN-OS 10.2.14",
            "PAN-OS 10.2.13-h22",
            "PAN-OS 10.2.13-h21",
            "PAN-OS 10.2.13-h18",
            "PAN-OS 10.2.13-h16",
            "PAN-OS 10.2.13-h15",
            "PAN-OS 10.2.13-h10",
            "PAN-OS 10.2.13-h7",
            "PAN-OS 10.2.13-h5",
            "PAN-OS 10.2.13-h4",
            "PAN-OS 10.2.13-h3",
            "PAN-OS 10.2.13-h2",
            "PAN-OS 10.2.13-h1",
            "PAN-OS 10.2.13",
            "PAN-OS 10.2.12-h6",
            "PAN-OS 10.2.12-h5",
            "PAN-OS 10.2.12-h4",
            "PAN-OS 10.2.12-h3",
            "PAN-OS 10.2.12-h2",
            "PAN-OS 10.2.12-h1",
            "PAN-OS 10.2.12",
            "PAN-OS 10.2.11-h13",
            "PAN-OS 10.2.11-h12",
            "PAN-OS 10.2.11-h11",
            "PAN-OS 10.2.11-h10",
            "PAN-OS 10.2.11-h9",
            "PAN-OS 10.2.11-h8",
            "PAN-OS 10.2.11-h7",
            "PAN-OS 10.2.11-h6",
            "PAN-OS 10.2.11-h5",
            "PAN-OS 10.2.11-h4",
            "PAN-OS 10.2.11-h3",
            "PAN-OS 10.2.11-h2",
            "PAN-OS 10.2.11-h1",
            "PAN-OS 10.2.11",
            "PAN-OS 10.2.10-h37",
            "PAN-OS 10.2.10-h36",
            "PAN-OS 10.2.10-h31",
            "PAN-OS 10.2.10-h30",
            "PAN-OS 10.2.10-h27",
            "PAN-OS 10.2.10-h26",
            "PAN-OS 10.2.10-h23",
            "PAN-OS 10.2.10-h21",
            "PAN-OS 10.2.10-h18",
            "PAN-OS 10.2.10-h17",
            "PAN-OS 10.2.10-h14",
            "PAN-OS 10.2.10-h13",
            "PAN-OS 10.2.10-h12",
            "PAN-OS 10.2.10-h11",
            "PAN-OS 10.2.10-h10",
            "PAN-OS 10.2.10-h9",
            "PAN-OS 10.2.10-h8",
            "PAN-OS 10.2.10-h7",
            "PAN-OS 10.2.10-h6",
            "PAN-OS 10.2.10-h5",
            "PAN-OS 10.2.10-h4",
            "PAN-OS 10.2.10-h3",
            "PAN-OS 10.2.10-h2",
            "PAN-OS 10.2.10-h1",
            "PAN-OS 10.2.10",
            "PAN-OS 10.2.9-h21",
            "PAN-OS 10.2.9-h20",
            "PAN-OS 10.2.9-h19",
            "PAN-OS 10.2.9-h18",
            "PAN-OS 10.2.9-h17",
            "PAN-OS 10.2.9-h16",
            "PAN-OS 10.2.9-h15",
            "PAN-OS 10.2.9-h14",
            "PAN-OS 10.2.9-h13",
            "PAN-OS 10.2.9-h12",
            "PAN-OS 10.2.9-h11",
            "PAN-OS 10.2.9-h10",
            "PAN-OS 10.2.9-h9",
            "PAN-OS 10.2.9-h8",
            "PAN-OS 10.2.9-h7",
            "PAN-OS 10.2.9-h6",
            "PAN-OS 10.2.9-h5",
            "PAN-OS 10.2.9-h4",
            "PAN-OS 10.2.9-h3",
            "PAN-OS 10.2.9-h2",
            "PAN-OS 10.2.9-h1",
            "PAN-OS 10.2.9",
            "PAN-OS 10.2.8-h21",
            "PAN-OS 10.2.8-h20",
            "PAN-OS 10.2.8-h19",
            "PAN-OS 10.2.8-h18",
            "PAN-OS 10.2.8-h17",
            "PAN-OS 10.2.8-h16",
            "PAN-OS 10.2.8-h15",
            "PAN-OS 10.2.8-h14",
            "PAN-OS 10.2.8-h13",
            "PAN-OS 10.2.8-h12",
            "PAN-OS 10.2.8-h11",
            "PAN-OS 10.2.8-h10",
            "PAN-OS 10.2.8-h9",
            "PAN-OS 10.2.8-h8",
            "PAN-OS 10.2.8-h7",
            "PAN-OS 10.2.8-h6",
            "PAN-OS 10.2.8-h5",
            "PAN-OS 10.2.8-h4",
            "PAN-OS 10.2.8-h3",
            "PAN-OS 10.2.8-h2",
            "PAN-OS 10.2.8-h1",
            "PAN-OS 10.2.8",
            "PAN-OS 10.2.7-h35",
            "PAN-OS 10.2.7-h34",
            "PAN-OS 10.2.7-h32",
            "PAN-OS 10.2.7-h24",
            "PAN-OS 10.2.7-h23",
            "PAN-OS 10.2.7-h22",
            "PAN-OS 10.2.7-h21",
            "PAN-OS 10.2.7-h20",
            "PAN-OS 10.2.7-h19",
            "PAN-OS 10.2.7-h18",
            "PAN-OS 10.2.7-h17",
            "PAN-OS 10.2.7-h16",
            "PAN-OS 10.2.7-h15",
            "PAN-OS 10.2.7-h14",
            "PAN-OS 10.2.7-h13",
            "PAN-OS 10.2.7-h12",
            "PAN-OS 10.2.7-h11",
            "PAN-OS 10.2.7-h10",
            "PAN-OS 10.2.7-h9",
            "PAN-OS 10.2.7-h8",
            "PAN-OS 10.2.7-h7",
            "PAN-OS 10.2.7-h6",
            "PAN-OS 10.2.7-h5",
            "PAN-OS 10.2.7-h4",
            "PAN-OS 10.2.7-h3",
            "PAN-OS 10.2.7-h2",
            "PAN-OS 10.2.7-h1",
            "PAN-OS 10.2.7",
            "PAN-OS 10.2.6-h6",
            "PAN-OS 10.2.6-h5",
            "PAN-OS 10.2.6-h4",
            "PAN-OS 10.2.6-h3",
            "PAN-OS 10.2.6-h2",
            "PAN-OS 10.2.6-h1",
            "PAN-OS 10.2.6",
            "PAN-OS 10.2.5-h9",
            "PAN-OS 10.2.5-h8",
            "PAN-OS 10.2.5-h7",
            "PAN-OS 10.2.5-h6",
            "PAN-OS 10.2.5-h5",
            "PAN-OS 10.2.5-h4",
            "PAN-OS 10.2.5-h3",
            "PAN-OS 10.2.5-h2",
            "PAN-OS 10.2.5-h1",
            "PAN-OS 10.2.5",
            "PAN-OS 10.2.4-h32",
            "PAN-OS 10.2.4-h31",
            "PAN-OS 10.2.4-h30",
            "PAN-OS 10.2.4-h29",
            "PAN-OS 10.2.4-h28",
            "PAN-OS 10.2.4-h27",
            "PAN-OS 10.2.4-h26",
            "PAN-OS 10.2.4-h25",
            "PAN-OS 10.2.4-h24",
            "PAN-OS 10.2.4-h23",
            "PAN-OS 10.2.4-h22",
            "PAN-OS 10.2.4-h21",
            "PAN-OS 10.2.4-h20",
            "PAN-OS 10.2.4-h19",
            "PAN-OS 10.2.4-h18",
            "PAN-OS 10.2.4-h17",
            "PAN-OS 10.2.4-h16",
            "PAN-OS 10.2.4-h15",
            "PAN-OS 10.2.4-h14",
            "PAN-OS 10.2.4-h13",
            "PAN-OS 10.2.4-h12",
            "PAN-OS 10.2.4-h11",
            "PAN-OS 10.2.4-h10",
            "PAN-OS 10.2.4-h9",
            "PAN-OS 10.2.4-h8",
            "PAN-OS 10.2.4-h7",
            "PAN-OS 10.2.4-h6",
            "PAN-OS 10.2.4-h5",
            "PAN-OS 10.2.4-h4",
            "PAN-OS 10.2.4-h3",
            "PAN-OS 10.2.4-h2",
            "PAN-OS 10.2.4-h1",
            "PAN-OS 10.2.4",
            "PAN-OS 10.2.3-h14",
            "PAN-OS 10.2.3-h13",
            "PAN-OS 10.2.3-h12",
            "PAN-OS 10.2.3-h11",
            "PAN-OS 10.2.3-h10",
            "PAN-OS 10.2.3-h9",
            "PAN-OS 10.2.3-h8",
            "PAN-OS 10.2.3-h7",
            "PAN-OS 10.2.3-h6",
            "PAN-OS 10.2.3-h5",
            "PAN-OS 10.2.3-h4",
            "PAN-OS 10.2.3-h3",
            "PAN-OS 10.2.3-h2",
            "PAN-OS 10.2.3-h1",
            "PAN-OS 10.2.3",
            "PAN-OS 10.2.2-h6",
            "PAN-OS 10.2.2-h5",
            "PAN-OS 10.2.2-h4",
            "PAN-OS 10.2.2-h3",
            "PAN-OS 10.2.2-h2",
            "PAN-OS 10.2.2-h1",
            "PAN-OS 10.2.2",
            "PAN-OS 10.2.1-h3",
            "PAN-OS 10.2.1-h2",
            "PAN-OS 10.2.1-h1",
            "PAN-OS 10.2.1",
            "PAN-OS 10.2.0-h4",
            "PAN-OS 10.2.0-h3",
            "PAN-OS 10.2.0-h2",
            "PAN-OS 10.2.0-h1",
            "PAN-OS 10.2.0"
          ],
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "assignerShortName": "palo_alto",
        "cveId": "CVE-2026-0283",
        "datePublished": "2026-07-09T19:01:34.210Z",
        "dateReserved": "2025-11-03T20:44:41.929Z",
        "dateUpdated": "2026-07-09T19:25:07.889Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-0282 (GCVE-0-2026-0282)

    Vulnerability from nvd – Published: 2026-07-09 19:02 – Updated: 2026-07-09 19:24
    VLAI
    Title
    PAN-OS: File Deletion Vulnerability in Management Web Interface
    Summary
    A file deletion vulnerability in Palo Alto Networks PAN-OS® software enables an unauthenticated attacker with network access to the management web interface to delete files from a temporary directory. The security risk posed by this issue is minimized by restricting access to the management web interface to only trusted internal IP addresses according to our recommended best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 . This issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series). Cloud NGFW and Prisma® Access are not impacted by this vulnerability.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    References
    Impacted products
    Vendor Product Version
    Palo Alto Networks Cloud NGFW Unaffected: All (custom)
    Create a notification for this product.
    Palo Alto Networks PAN-OS Affected: 12.1.0 , < 12.1.8 (custom)
    Affected: 11.2.0 , < 11.2.13 (custom)
    Affected: 11.1.0 , < 11.1.16 (custom)
    Affected: 10.2.0 , < 10.2.18-h8 (custom)
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.7:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.15:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.14:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.17:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.15:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.14:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Palo Alto Networks Prisma Access Unaffected: All (custom)
    Create a notification for this product.
    Date Public
    2026-07-08 16:00
    Credits
    our internal security research teams
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-0282",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-09T19:24:34.179840Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-09T19:24:40.688Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Cloud NGFW",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "All",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.7:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.15:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.14:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.17:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.15:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.14:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "PAN-OS",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "12.1.8",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "12.1.8",
                  "status": "affected",
                  "version": "12.1.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "11.2.13",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "11.2.13",
                  "status": "affected",
                  "version": "11.2.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "11.1.16",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "11.1.16",
                  "status": "affected",
                  "version": "11.1.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "10.2.18-h8",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.16-h9",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.13-h23",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.10-h39",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.7-h36",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "10.2.18-h8",
                  "status": "affected",
                  "version": "10.2.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Prisma Access",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "All",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "configurations": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "No special configuration is required to be affected by this issue."
                }
              ],
              "value": "No special configuration is required to be affected by this issue."
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "12.1.8",
                      "versionStartIncluding": "12.1.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.13",
                      "versionStartIncluding": "11.2.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.16",
                      "versionStartIncluding": "11.1.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionStartIncluding": "10.2.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "our internal security research teams"
            }
          ],
          "datePublic": "2026-07-08T16:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A file deletion vulnerability in Palo Alto Networks PAN-OS\u00ae software enables an unauthenticated attacker with network access to the management web interface to delete files from a temporary directory.\u003cbr\u003e\u003cbr\u003eThe security risk posed by this issue is minimized by restricting access to the management web interface to only trusted internal IP addresses according to our recommended \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431\"\u003ebest practice deployment guidelines\u003c/a\u003e.\u003cbr\u003e\u003cbr\u003eThis issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series).\u003cbr\u003e\u003cbr\u003eCloud NGFW and Prisma\u00ae Access are not impacted by this vulnerability."
                }
              ],
              "value": "A file deletion vulnerability in Palo Alto Networks PAN-OS\u00ae software enables an unauthenticated attacker with network access to the management web interface to delete files from a temporary directory.\n\nThe security risk posed by this issue is minimized by restricting access to the management web interface to only trusted internal IP addresses according to our recommended  best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 .\n\nThis issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series).\n\nCloud NGFW and Prisma\u00ae Access are not impacted by this vulnerability."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
                }
              ],
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-165",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-165 File Manipulation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NO",
                "Recovery": "USER",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 2.7,
                "baseSeverity": "LOW",
                "exploitMaturity": "UNREPORTED",
                "privilegesRequired": "NONE",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "DIFFUSE",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "LOW",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "MODERATE"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "The risk is highest when you allow access to the management interface from external IP addresses on the internet."
                }
              ]
            },
            {
              "cvssV4_0": {
                "Automatable": "NO",
                "Recovery": "USER",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 1.2,
                "baseSeverity": "LOW",
                "exploitMaturity": "UNREPORTED",
                "privilegesRequired": "NONE",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "DIFFUSE",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "LOW",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "MODERATE"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "You can reduce the risk of exploitation by restricting management access to a jump box that is the only system allowed to access the management interface."
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-09T19:02:26.722Z",
            "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
            "shortName": "palo_alto"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://security.paloaltonetworks.com/CVE-2026-0282"
            }
          ],
          "solutions": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003ctable\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eVersion\u003cbr\u003e\u003c/th\u003e\u003cth\u003eMinor Version Range\u003cbr\u003e\u003c/th\u003e\u003cth\u003eSuggested Solution\u003cbr\u003e\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003eCloud NGFW All\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePAN-OS 12.1\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e12.1.0 through 12.1.7-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 12.1.8 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePAN-OS 11.2\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.2.0 through 11.2.12\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.2.13 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePAN-OS 11.1\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.0 through 11.1.15-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.16 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 10.2\u003c/td\u003e\u003ctd\u003e10.2.0 through 10.2*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.16 or 11.2.13 or 12.1.8 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eAll older\u003cbr\u003eunsupported\u003cbr\u003ePAN-OS versions\u003c/td\u003e\u003ctd\u003e\u0026nbsp;\u003c/td\u003e\u003ctd\u003eUpgrade to a supported fixed version.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePrisma Access All\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e"
                }
              ],
              "value": "Version\nMinor Version Range\nSuggested Solution\nCloud NGFW All\nNo action needed.\n                                PAN-OS 12.1\n\n                                12.1.0 through 12.1.7-h*\n                                Upgrade to 12.1.8 or later.\n                            \n                                PAN-OS 11.2\n\n                                11.2.0 through 11.2.12\n                                Upgrade to 11.2.13 or later.\n                            \n                                PAN-OS 11.1\n\n                                11.1.0 through 11.1.15-h*\n                                Upgrade to 11.1.16 or later.\n                            PAN-OS 10.210.2.0 through 10.2*Upgrade to 11.1.16 or 11.2.13 or 12.1.8 or later.All older\nunsupported\nPAN-OS versions\u00a0Upgrade to a supported fixed version.Prisma Access All\nNo action needed."
            }
          ],
          "source": {
            "discovery": "INTERNAL"
          },
          "timeline": [
            {
              "lang": "en",
              "time": "2026-07-08T16:00:00.000Z",
              "value": "Initial publication"
            }
          ],
          "title": "PAN-OS: File Deletion Vulnerability in Management Web Interface",
          "workarounds": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "The vast majority of firewalls already follow Palo Alto Networks\u0027 and industry best practices. However, if you have not already, we strongly recommend that you secure access to your management interface according to our \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431\"\u003ebest practice deployment guidelines\u003c/a\u003e. Specifically, you should restrict management interface access to only trusted internal IP addresses.\u003cbr\u003e\u003cbr\u003eReview information about how to secure management access to your Palo Alto Networks firewalls:\u003cul\u003e\u003cli\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431\"\u003ePalo Alto Networks LIVEcommunity article\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices\"\u003ePalo Alto Networks official and detailed technical documentation\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e"
                }
              ],
              "value": "The vast majority of firewalls already follow Palo Alto Networks\u0027 and industry best practices. However, if you have not already, we strongly recommend that you secure access to your management interface according to our  best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 . Specifically, you should restrict management interface access to only trusted internal IP addresses.\n\nReview information about how to secure management access to your Palo Alto Networks firewalls:  *   Palo Alto Networks LIVEcommunity article https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 \n  *   Palo Alto Networks official and detailed technical documentation https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices"
            }
          ],
          "x_affectedList": [
            "PAN-OS 12.1.7",
            "PAN-OS 12.1.6",
            "PAN-OS 12.1.5",
            "PAN-OS 12.1.4-h6",
            "PAN-OS 12.1.4-h5",
            "PAN-OS 12.1.4-h3",
            "PAN-OS 12.1.4-h2",
            "PAN-OS 12.1.4",
            "PAN-OS 12.1.3-h3",
            "PAN-OS 12.1.3-h1",
            "PAN-OS 12.1.3",
            "PAN-OS 12.1.2",
            "PAN-OS 11.2.12",
            "PAN-OS 11.2.11",
            "PAN-OS 11.2.10-h8",
            "PAN-OS 11.2.10-h7",
            "PAN-OS 11.2.10-h6",
            "PAN-OS 11.2.10-h5",
            "PAN-OS 11.2.10-h4",
            "PAN-OS 11.2.10-h3",
            "PAN-OS 11.2.10-h2",
            "PAN-OS 11.2.10-h1",
            "PAN-OS 11.2.10",
            "PAN-OS 11.2.9",
            "PAN-OS 11.2.8",
            "PAN-OS 11.2.7-h15",
            "PAN-OS 11.2.7-h14",
            "PAN-OS 11.2.7-h13",
            "PAN-OS 11.2.7-h12",
            "PAN-OS 11.2.7-h11",
            "PAN-OS 11.2.7-h10",
            "PAN-OS 11.2.7-h8",
            "PAN-OS 11.2.7-h7",
            "PAN-OS 11.2.7-h4",
            "PAN-OS 11.2.7-h3",
            "PAN-OS 11.2.7-h2",
            "PAN-OS 11.2.7-h1",
            "PAN-OS 11.2.7",
            "PAN-OS 11.2.6",
            "PAN-OS 11.2.5",
            "PAN-OS 11.2.4-h17",
            "PAN-OS 11.2.4-h15",
            "PAN-OS 11.2.4-h14",
            "PAN-OS 11.2.4-h12",
            "PAN-OS 11.2.4-h11",
            "PAN-OS 11.2.4-h10",
            "PAN-OS 11.2.4-h9",
            "PAN-OS 11.2.4-h8",
            "PAN-OS 11.2.4-h7",
            "PAN-OS 11.2.4-h6",
            "PAN-OS 11.2.4-h5",
            "PAN-OS 11.2.4-h4",
            "PAN-OS 11.2.4-h3",
            "PAN-OS 11.2.4-h2",
            "PAN-OS 11.2.4-h1",
            "PAN-OS 11.2.4",
            "PAN-OS 11.2.3-h5",
            "PAN-OS 11.2.3-h4",
            "PAN-OS 11.2.3-h3",
            "PAN-OS 11.2.3-h2",
            "PAN-OS 11.2.3-h1",
            "PAN-OS 11.2.3",
            "PAN-OS 11.2.2-h2",
            "PAN-OS 11.2.2-h1",
            "PAN-OS 11.2.1-h1",
            "PAN-OS 11.2.1",
            "PAN-OS 11.2.0-h1",
            "PAN-OS 11.2.0",
            "PAN-OS 11.1.15",
            "PAN-OS 11.1.14",
            "PAN-OS 11.1.13-h6",
            "PAN-OS 11.1.13-h5",
            "PAN-OS 11.1.13-h3",
            "PAN-OS 11.1.13-h2",
            "PAN-OS 11.1.13-h1",
            "PAN-OS 11.1.13",
            "PAN-OS 11.1.12",
            "PAN-OS 11.1.11",
            "PAN-OS 11.1.10-h26",
            "PAN-OS 11.1.10-h25",
            "PAN-OS 11.1.10-h21",
            "PAN-OS 11.1.10-h12",
            "PAN-OS 11.1.10-h10",
            "PAN-OS 11.1.10-h9",
            "PAN-OS 11.1.10-h7",
            "PAN-OS 11.1.10-h5",
            "PAN-OS 11.1.10-h4",
            "PAN-OS 11.1.10-h1",
            "PAN-OS 11.1.10",
            "PAN-OS 11.1.9",
            "PAN-OS 11.1.8",
            "PAN-OS 11.1.6-h32",
            "PAN-OS 11.1.6-h29",
            "PAN-OS 11.1.6-h25",
            "PAN-OS 11.1.6-h23",
            "PAN-OS 11.1.6-h22",
            "PAN-OS 11.1.6-h21",
            "PAN-OS 11.1.6-h20",
            "PAN-OS 11.1.6-h19",
            "PAN-OS 11.1.6-h18",
            "PAN-OS 11.1.6-h17",
            "PAN-OS 11.1.6-h14",
            "PAN-OS 11.1.6-h10",
            "PAN-OS 11.1.6-h7",
            "PAN-OS 11.1.6-h6",
            "PAN-OS 11.1.6-h4",
            "PAN-OS 11.1.6-h3",
            "PAN-OS 11.1.6-h2",
            "PAN-OS 11.1.6-h1",
            "PAN-OS 11.1.6",
            "PAN-OS 11.1.5-h1",
            "PAN-OS 11.1.5",
            "PAN-OS 11.1.4-h33",
            "PAN-OS 11.1.4-h32",
            "PAN-OS 11.1.4-h27",
            "PAN-OS 11.1.4-h25",
            "PAN-OS 11.1.4-h18",
            "PAN-OS 11.1.4-h17",
            "PAN-OS 11.1.4-h15",
            "PAN-OS 11.1.4-h13",
            "PAN-OS 11.1.4-h12",
            "PAN-OS 11.1.4-h11",
            "PAN-OS 11.1.4-h10",
            "PAN-OS 11.1.4-h9",
            "PAN-OS 11.1.4-h8",
            "PAN-OS 11.1.4-h7",
            "PAN-OS 11.1.4-h6",
            "PAN-OS 11.1.4-h5",
            "PAN-OS 11.1.4-h4",
            "PAN-OS 11.1.4-h3",
            "PAN-OS 11.1.4-h2",
            "PAN-OS 11.1.4-h1",
            "PAN-OS 11.1.4",
            "PAN-OS 11.1.3-h13",
            "PAN-OS 11.1.3-h12",
            "PAN-OS 11.1.3-h11",
            "PAN-OS 11.1.3-h10",
            "PAN-OS 11.1.3-h9",
            "PAN-OS 11.1.3-h8",
            "PAN-OS 11.1.3-h7",
            "PAN-OS 11.1.3-h6",
            "PAN-OS 11.1.3-h5",
            "PAN-OS 11.1.3-h4",
            "PAN-OS 11.1.3-h3",
            "PAN-OS 11.1.3-h2",
            "PAN-OS 11.1.3-h1",
            "PAN-OS 11.1.3",
            "PAN-OS 11.1.2-h18",
            "PAN-OS 11.1.2-h17",
            "PAN-OS 11.1.2-h16",
            "PAN-OS 11.1.2-h15",
            "PAN-OS 11.1.2-h14",
            "PAN-OS 11.1.2-h13",
            "PAN-OS 11.1.2-h12",
            "PAN-OS 11.1.2-h11",
            "PAN-OS 11.1.2-h10",
            "PAN-OS 11.1.2-h9",
            "PAN-OS 11.1.2-h8",
            "PAN-OS 11.1.2-h7",
            "PAN-OS 11.1.2-h6",
            "PAN-OS 11.1.2-h5",
            "PAN-OS 11.1.2-h4",
            "PAN-OS 11.1.2-h3",
            "PAN-OS 11.1.2-h2",
            "PAN-OS 11.1.2-h1",
            "PAN-OS 11.1.2",
            "PAN-OS 11.1.1-h2",
            "PAN-OS 11.1.1-h1",
            "PAN-OS 11.1.1",
            "PAN-OS 11.1.0-h4",
            "PAN-OS 11.1.0-h3",
            "PAN-OS 11.1.0-h2",
            "PAN-OS 11.1.0-h1",
            "PAN-OS 11.1.0",
            "PAN-OS 10.2.18-h6",
            "PAN-OS 10.2.18-h5",
            "PAN-OS 10.2.18-h1",
            "PAN-OS 10.2.18",
            "PAN-OS 10.2.17",
            "PAN-OS 10.2.16-h7",
            "PAN-OS 10.2.16-h6",
            "PAN-OS 10.2.16-h4",
            "PAN-OS 10.2.16-h1",
            "PAN-OS 10.2.16",
            "PAN-OS 10.2.15",
            "PAN-OS 10.2.14-h1",
            "PAN-OS 10.2.14",
            "PAN-OS 10.2.13-h21",
            "PAN-OS 10.2.13-h18",
            "PAN-OS 10.2.13-h16",
            "PAN-OS 10.2.13-h15",
            "PAN-OS 10.2.13-h10",
            "PAN-OS 10.2.13-h7",
            "PAN-OS 10.2.13-h5",
            "PAN-OS 10.2.13-h4",
            "PAN-OS 10.2.13-h3",
            "PAN-OS 10.2.13-h2",
            "PAN-OS 10.2.13-h1",
            "PAN-OS 10.2.13",
            "PAN-OS 10.2.12-h6",
            "PAN-OS 10.2.12-h5",
            "PAN-OS 10.2.12-h4",
            "PAN-OS 10.2.12-h3",
            "PAN-OS 10.2.12-h2",
            "PAN-OS 10.2.12-h1",
            "PAN-OS 10.2.12",
            "PAN-OS 10.2.11-h13",
            "PAN-OS 10.2.11-h12",
            "PAN-OS 10.2.11-h11",
            "PAN-OS 10.2.11-h10",
            "PAN-OS 10.2.11-h9",
            "PAN-OS 10.2.11-h8",
            "PAN-OS 10.2.11-h7",
            "PAN-OS 10.2.11-h6",
            "PAN-OS 10.2.11-h5",
            "PAN-OS 10.2.11-h4",
            "PAN-OS 10.2.11-h3",
            "PAN-OS 10.2.11-h2",
            "PAN-OS 10.2.11-h1",
            "PAN-OS 10.2.11",
            "PAN-OS 10.2.10-h36",
            "PAN-OS 10.2.10-h31",
            "PAN-OS 10.2.10-h30",
            "PAN-OS 10.2.10-h27",
            "PAN-OS 10.2.10-h26",
            "PAN-OS 10.2.10-h23",
            "PAN-OS 10.2.10-h21",
            "PAN-OS 10.2.10-h18",
            "PAN-OS 10.2.10-h17",
            "PAN-OS 10.2.10-h14",
            "PAN-OS 10.2.10-h13",
            "PAN-OS 10.2.10-h12",
            "PAN-OS 10.2.10-h11",
            "PAN-OS 10.2.10-h10",
            "PAN-OS 10.2.10-h9",
            "PAN-OS 10.2.10-h8",
            "PAN-OS 10.2.10-h7",
            "PAN-OS 10.2.10-h6",
            "PAN-OS 10.2.10-h5",
            "PAN-OS 10.2.10-h4",
            "PAN-OS 10.2.10-h3",
            "PAN-OS 10.2.10-h2",
            "PAN-OS 10.2.10-h1",
            "PAN-OS 10.2.10",
            "PAN-OS 10.2.9-h21",
            "PAN-OS 10.2.9-h20",
            "PAN-OS 10.2.9-h19",
            "PAN-OS 10.2.9-h18",
            "PAN-OS 10.2.9-h17",
            "PAN-OS 10.2.9-h16",
            "PAN-OS 10.2.9-h15",
            "PAN-OS 10.2.9-h14",
            "PAN-OS 10.2.9-h13",
            "PAN-OS 10.2.9-h12",
            "PAN-OS 10.2.9-h11",
            "PAN-OS 10.2.9-h10",
            "PAN-OS 10.2.9-h9",
            "PAN-OS 10.2.9-h8",
            "PAN-OS 10.2.9-h7",
            "PAN-OS 10.2.9-h6",
            "PAN-OS 10.2.9-h5",
            "PAN-OS 10.2.9-h4",
            "PAN-OS 10.2.9-h3",
            "PAN-OS 10.2.9-h2",
            "PAN-OS 10.2.9-h1",
            "PAN-OS 10.2.9",
            "PAN-OS 10.2.8-h21",
            "PAN-OS 10.2.8-h20",
            "PAN-OS 10.2.8-h19",
            "PAN-OS 10.2.8-h18",
            "PAN-OS 10.2.8-h17",
            "PAN-OS 10.2.8-h16",
            "PAN-OS 10.2.8-h15",
            "PAN-OS 10.2.8-h14",
            "PAN-OS 10.2.8-h13",
            "PAN-OS 10.2.8-h12",
            "PAN-OS 10.2.8-h11",
            "PAN-OS 10.2.8-h10",
            "PAN-OS 10.2.8-h9",
            "PAN-OS 10.2.8-h8",
            "PAN-OS 10.2.8-h7",
            "PAN-OS 10.2.8-h6",
            "PAN-OS 10.2.8-h5",
            "PAN-OS 10.2.8-h4",
            "PAN-OS 10.2.8-h3",
            "PAN-OS 10.2.8-h2",
            "PAN-OS 10.2.8-h1",
            "PAN-OS 10.2.8",
            "PAN-OS 10.2.7-h34",
            "PAN-OS 10.2.7-h32",
            "PAN-OS 10.2.7-h24",
            "PAN-OS 10.2.7-h23",
            "PAN-OS 10.2.7-h22",
            "PAN-OS 10.2.7-h21",
            "PAN-OS 10.2.7-h20",
            "PAN-OS 10.2.7-h19",
            "PAN-OS 10.2.7-h18",
            "PAN-OS 10.2.7-h17",
            "PAN-OS 10.2.7-h16",
            "PAN-OS 10.2.7-h15",
            "PAN-OS 10.2.7-h14",
            "PAN-OS 10.2.7-h13",
            "PAN-OS 10.2.7-h12",
            "PAN-OS 10.2.7-h11",
            "PAN-OS 10.2.7-h10",
            "PAN-OS 10.2.7-h9",
            "PAN-OS 10.2.7-h8",
            "PAN-OS 10.2.7-h7",
            "PAN-OS 10.2.7-h6",
            "PAN-OS 10.2.7-h5",
            "PAN-OS 10.2.7-h4",
            "PAN-OS 10.2.7-h3",
            "PAN-OS 10.2.7-h2",
            "PAN-OS 10.2.7-h1",
            "PAN-OS 10.2.7",
            "PAN-OS 10.2.6-h6",
            "PAN-OS 10.2.6-h5",
            "PAN-OS 10.2.6-h4",
            "PAN-OS 10.2.6-h3",
            "PAN-OS 10.2.6-h2",
            "PAN-OS 10.2.6-h1",
            "PAN-OS 10.2.6",
            "PAN-OS 10.2.5-h9",
            "PAN-OS 10.2.5-h8",
            "PAN-OS 10.2.5-h7",
            "PAN-OS 10.2.5-h6",
            "PAN-OS 10.2.5-h5",
            "PAN-OS 10.2.5-h4",
            "PAN-OS 10.2.5-h3",
            "PAN-OS 10.2.5-h2",
            "PAN-OS 10.2.5-h1",
            "PAN-OS 10.2.5",
            "PAN-OS 10.2.4-h32",
            "PAN-OS 10.2.4-h31",
            "PAN-OS 10.2.4-h30",
            "PAN-OS 10.2.4-h29",
            "PAN-OS 10.2.4-h28",
            "PAN-OS 10.2.4-h27",
            "PAN-OS 10.2.4-h26",
            "PAN-OS 10.2.4-h25",
            "PAN-OS 10.2.4-h24",
            "PAN-OS 10.2.4-h23",
            "PAN-OS 10.2.4-h22",
            "PAN-OS 10.2.4-h21",
            "PAN-OS 10.2.4-h20",
            "PAN-OS 10.2.4-h19",
            "PAN-OS 10.2.4-h18",
            "PAN-OS 10.2.4-h17",
            "PAN-OS 10.2.4-h16",
            "PAN-OS 10.2.4-h15",
            "PAN-OS 10.2.4-h14",
            "PAN-OS 10.2.4-h13",
            "PAN-OS 10.2.4-h12",
            "PAN-OS 10.2.4-h11",
            "PAN-OS 10.2.4-h10",
            "PAN-OS 10.2.4-h9",
            "PAN-OS 10.2.4-h8",
            "PAN-OS 10.2.4-h7",
            "PAN-OS 10.2.4-h6",
            "PAN-OS 10.2.4-h5",
            "PAN-OS 10.2.4-h4",
            "PAN-OS 10.2.4-h3",
            "PAN-OS 10.2.4-h2",
            "PAN-OS 10.2.4-h1",
            "PAN-OS 10.2.4",
            "PAN-OS 10.2.3-h14",
            "PAN-OS 10.2.3-h13",
            "PAN-OS 10.2.3-h12",
            "PAN-OS 10.2.3-h11",
            "PAN-OS 10.2.3-h10",
            "PAN-OS 10.2.3-h9",
            "PAN-OS 10.2.3-h8",
            "PAN-OS 10.2.3-h7",
            "PAN-OS 10.2.3-h6",
            "PAN-OS 10.2.3-h5",
            "PAN-OS 10.2.3-h4",
            "PAN-OS 10.2.3-h3",
            "PAN-OS 10.2.3-h2",
            "PAN-OS 10.2.3-h1",
            "PAN-OS 10.2.3",
            "PAN-OS 10.2.2-h6",
            "PAN-OS 10.2.2-h5",
            "PAN-OS 10.2.2-h4",
            "PAN-OS 10.2.2-h3",
            "PAN-OS 10.2.2-h2",
            "PAN-OS 10.2.2-h1",
            "PAN-OS 10.2.2",
            "PAN-OS 10.2.1-h3",
            "PAN-OS 10.2.1-h2",
            "PAN-OS 10.2.1-h1",
            "PAN-OS 10.2.1",
            "PAN-OS 10.2.0-h4",
            "PAN-OS 10.2.0-h3",
            "PAN-OS 10.2.0-h2",
            "PAN-OS 10.2.0-h1",
            "PAN-OS 10.2.0"
          ],
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "assignerShortName": "palo_alto",
        "cveId": "CVE-2026-0282",
        "datePublished": "2026-07-09T19:02:26.722Z",
        "dateReserved": "2025-11-03T20:44:41.184Z",
        "dateUpdated": "2026-07-09T19:24:40.688Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-0281 (GCVE-0-2026-0281)

    Vulnerability from nvd – Published: 2026-07-09 19:03 – Updated: 2026-07-09 19:24
    VLAI
    Title
    PAN-OS: Information Disclosure Vulnerability in Management Web Interface
    Summary
    An information disclosure vulnerability in Palo Alto Networks PAN-OS® software enables an unauthenticated attacker with network access to the management web interface to obtain web session tokens. This requires a legitimate user to first click on a malicious link provided by the attacker. The security risk posed by this issue is minimized by restricting access to the management web interface to only trusted internal IP addresses according to our recommended best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 . This issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series). Cloud NGFW and Prisma® Access are not impacted by this vulnerability.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-524 - Use of Cache Containing Sensitive Information
    Assigner
    References
    Impacted products
    Vendor Product Version
    Palo Alto Networks Cloud NGFW Unaffected: All (custom)
    Create a notification for this product.
    Palo Alto Networks PAN-OS Affected: 12.1.0 , < 12.1.8 (custom)
    Affected: 11.2.0 , < 11.2.13 (custom)
    Affected: 11.1.0 , < 11.1.16 (custom)
    Affected: 10.2.0 , < 10.2.18-h8 (custom)
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.7:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.15:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.14:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.17:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.15:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.14:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Palo Alto Networks Prisma Access Unaffected: All (custom)
    Create a notification for this product.
    Date Public
    2026-07-08 16:00
    Credits
    our internal security research teams
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-0281",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-09T19:24:10.424243Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-09T19:24:18.136Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Cloud NGFW",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "All",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.7:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.15:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.14:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.17:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.15:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.14:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "PAN-OS",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "12.1.8",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "12.1.8",
                  "status": "affected",
                  "version": "12.1.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "11.2.13",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "11.2.13",
                  "status": "affected",
                  "version": "11.2.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "11.1.16",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "11.1.16",
                  "status": "affected",
                  "version": "11.1.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "10.2.18-h8",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.16-h9",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.13-h23",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.10-h39",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.7-h36",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "10.2.18-h8",
                  "status": "affected",
                  "version": "10.2.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Prisma Access",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "All",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "configurations": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "No special configuration is required to be affected by this issue."
                }
              ],
              "value": "No special configuration is required to be affected by this issue."
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "12.1.8",
                      "versionStartIncluding": "12.1.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.13",
                      "versionStartIncluding": "11.2.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.16",
                      "versionStartIncluding": "11.1.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionStartIncluding": "10.2.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "our internal security research teams"
            }
          ],
          "datePublic": "2026-07-08T16:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An information disclosure vulnerability in Palo Alto Networks PAN-OS\u00ae software enables an unauthenticated attacker with network access to the management web interface to obtain web session tokens. This requires a legitimate user to first click on a malicious link provided by the attacker.\u003cbr\u003e\u003cbr\u003eThe security risk posed by this issue is minimized by restricting access to the management web interface to only trusted internal IP addresses according to our recommended \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431\"\u003ebest practice deployment guidelines\u003c/a\u003e.\u003cbr\u003e\u003cbr\u003eThis issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series).\u003cbr\u003e\u003cbr\u003eCloud NGFW and Prisma\u00ae Access are not impacted by this vulnerability."
                }
              ],
              "value": "An information disclosure vulnerability in Palo Alto Networks PAN-OS\u00ae software enables an unauthenticated attacker with network access to the management web interface to obtain web session tokens. This requires a legitimate user to first click on a malicious link provided by the attacker.\n\nThe security risk posed by this issue is minimized by restricting access to the management web interface to only trusted internal IP addresses according to our recommended  best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 .\n\nThis issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series).\n\nCloud NGFW and Prisma\u00ae Access are not impacted by this vulnerability."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
                }
              ],
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-141",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-141 Cache Poisoning"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NO",
                "Recovery": "AUTOMATIC",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "NETWORK",
                "baseScore": 2.1,
                "baseSeverity": "LOW",
                "exploitMaturity": "UNREPORTED",
                "privilegesRequired": "NONE",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "ACTIVE",
                "valueDensity": "DIFFUSE",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/AU:N/R:A/V:D/RE:M/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "MODERATE"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "The risk is highest when you allow access to the management interface from external IP addresses on the internet."
                }
              ]
            },
            {
              "cvssV4_0": {
                "Automatable": "NO",
                "Recovery": "AUTOMATIC",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "LOCAL",
                "baseScore": 1.7,
                "baseSeverity": "LOW",
                "exploitMaturity": "UNREPORTED",
                "privilegesRequired": "NONE",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "ACTIVE",
                "valueDensity": "DIFFUSE",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/AU:N/R:A/V:D/RE:M/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "MODERATE"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "You can reduce the risk of exploitation by restricting access to a jump box that is the only system allowed to access the management interface."
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-524",
                  "description": "CWE-524 Use of Cache Containing Sensitive Information",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-09T19:03:44.381Z",
            "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
            "shortName": "palo_alto"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://security.paloaltonetworks.com/CVE-2026-0281"
            }
          ],
          "solutions": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003ctable\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eVersion\u003c/th\u003e\u003cth\u003eMinor Version Range\u003c/th\u003e\u003cth\u003eSuggested Solution\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003eCloud NGFW\u003c/td\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 12.1\u003c/td\u003e\u003ctd\u003e12.1.2 through 12.1.7-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 12.1.8 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 11.2\u003c/td\u003e\u003ctd\u003e11.2.0 through 11.2.12\u003c/td\u003e\u003ctd\u003eUpgrade to 11.2.13 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 11.1\u003c/td\u003e\u003ctd\u003e11.1.0 through 11.1.15-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.16 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 10.2\u003c/td\u003e\u003ctd\u003e10.2.0 through 10.2*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.16, 11.2.13, 12.1.8 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eAll older\u003cbr\u003eunsupported\u003cbr\u003ePAN-OS versions\u003c/td\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003eUpgrade to a supported fixed version.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePrisma Access\u003c/td\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e"
                }
              ],
              "value": "VersionMinor Version RangeSuggested SolutionCloud NGFW\nNo action needed.PAN-OS 12.112.1.2 through 12.1.7-h*Upgrade to 12.1.8 or later.PAN-OS 11.211.2.0 through 11.2.12Upgrade to 11.2.13 or later.PAN-OS 11.111.1.0 through 11.1.15-h*Upgrade to 11.1.16 or later.PAN-OS 10.210.2.0 through 10.2*Upgrade to 11.1.16, 11.2.13, 12.1.8 or later.All older\nunsupported\nPAN-OS versions\nUpgrade to a supported fixed version.Prisma Access\nNo action needed."
            }
          ],
          "source": {
            "discovery": "INTERNAL"
          },
          "timeline": [
            {
              "lang": "en",
              "time": "2026-07-08T16:00:00.000Z",
              "value": "Initial publication."
            }
          ],
          "title": "PAN-OS: Information Disclosure Vulnerability in Management Web Interface",
          "workarounds": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "The vast majority of firewalls already follow Palo Alto Networks\u0027 and industry best practices. However, if you have not already, we strongly recommend that you secure access to your management interface according to our \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431\"\u003ebest practice deployment guidelines\u003c/a\u003e. Specifically, you should restrict management interface access to only trusted internal IP addresses.\u003cbr\u003e\u003cbr\u003eReview information about how to secure management access to your Palo Alto Networks firewalls:\u003cul\u003e\u003cli\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431\"\u003ePalo Alto Networks LIVEcommunity article\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices\"\u003ePalo Alto Networks official and detailed technical documentation\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e"
                }
              ],
              "value": "The vast majority of firewalls already follow Palo Alto Networks\u0027 and industry best practices. However, if you have not already, we strongly recommend that you secure access to your management interface according to our best practice deployment guidelines (https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431). Specifically, you should restrict management interface access to only trusted internal IP addresses.\n\nReview information about how to secure management access to your Palo Alto Networks firewalls:\n * Palo Alto Networks LIVEcommunity article (https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431)\n * Palo Alto Networks official and detailed technical documentation (https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices)"
            }
          ],
          "x_affectedList": [
            "PAN-OS 12.1.7",
            "PAN-OS 12.1.6",
            "PAN-OS 12.1.5",
            "PAN-OS 12.1.4-h6",
            "PAN-OS 12.1.4-h5",
            "PAN-OS 12.1.4-h3",
            "PAN-OS 12.1.4-h2",
            "PAN-OS 12.1.4",
            "PAN-OS 12.1.3-h3",
            "PAN-OS 12.1.3-h1",
            "PAN-OS 12.1.3",
            "PAN-OS 12.1.2",
            "PAN-OS 11.2.12",
            "PAN-OS 11.2.11",
            "PAN-OS 11.2.10-h8",
            "PAN-OS 11.2.10-h7",
            "PAN-OS 11.2.10-h6",
            "PAN-OS 11.2.10-h5",
            "PAN-OS 11.2.10-h4",
            "PAN-OS 11.2.10-h3",
            "PAN-OS 11.2.10-h2",
            "PAN-OS 11.2.10-h1",
            "PAN-OS 11.2.10",
            "PAN-OS 11.2.9",
            "PAN-OS 11.2.8",
            "PAN-OS 11.2.7-h15",
            "PAN-OS 11.2.7-h14",
            "PAN-OS 11.2.7-h13",
            "PAN-OS 11.2.7-h12",
            "PAN-OS 11.2.7-h11",
            "PAN-OS 11.2.7-h10",
            "PAN-OS 11.2.7-h8",
            "PAN-OS 11.2.7-h7",
            "PAN-OS 11.2.7-h4",
            "PAN-OS 11.2.7-h3",
            "PAN-OS 11.2.7-h2",
            "PAN-OS 11.2.7-h1",
            "PAN-OS 11.2.7",
            "PAN-OS 11.2.6",
            "PAN-OS 11.2.5",
            "PAN-OS 11.2.4-h17",
            "PAN-OS 11.2.4-h15",
            "PAN-OS 11.2.4-h14",
            "PAN-OS 11.2.4-h12",
            "PAN-OS 11.2.4-h11",
            "PAN-OS 11.2.4-h10",
            "PAN-OS 11.2.4-h9",
            "PAN-OS 11.2.4-h8",
            "PAN-OS 11.2.4-h7",
            "PAN-OS 11.2.4-h6",
            "PAN-OS 11.2.4-h5",
            "PAN-OS 11.2.4-h4",
            "PAN-OS 11.2.4-h3",
            "PAN-OS 11.2.4-h2",
            "PAN-OS 11.2.4-h1",
            "PAN-OS 11.2.4",
            "PAN-OS 11.2.3-h5",
            "PAN-OS 11.2.3-h4",
            "PAN-OS 11.2.3-h3",
            "PAN-OS 11.2.3-h2",
            "PAN-OS 11.2.3-h1",
            "PAN-OS 11.2.3",
            "PAN-OS 11.2.2-h2",
            "PAN-OS 11.2.2-h1",
            "PAN-OS 11.2.1-h1",
            "PAN-OS 11.2.1",
            "PAN-OS 11.2.0-h1",
            "PAN-OS 11.2.0",
            "PAN-OS 11.1.15",
            "PAN-OS 11.1.14",
            "PAN-OS 11.1.13-h6",
            "PAN-OS 11.1.13-h5",
            "PAN-OS 11.1.13-h3",
            "PAN-OS 11.1.13-h2",
            "PAN-OS 11.1.13-h1",
            "PAN-OS 11.1.13",
            "PAN-OS 11.1.12",
            "PAN-OS 11.1.11",
            "PAN-OS 11.1.10-h26",
            "PAN-OS 11.1.10-h25",
            "PAN-OS 11.1.10-h21",
            "PAN-OS 11.1.10-h12",
            "PAN-OS 11.1.10-h10",
            "PAN-OS 11.1.10-h9",
            "PAN-OS 11.1.10-h7",
            "PAN-OS 11.1.10-h5",
            "PAN-OS 11.1.10-h4",
            "PAN-OS 11.1.10-h1",
            "PAN-OS 11.1.10",
            "PAN-OS 11.1.9",
            "PAN-OS 11.1.8",
            "PAN-OS 11.1.6-h32",
            "PAN-OS 11.1.6-h29",
            "PAN-OS 11.1.6-h25",
            "PAN-OS 11.1.6-h23",
            "PAN-OS 11.1.6-h22",
            "PAN-OS 11.1.6-h21",
            "PAN-OS 11.1.6-h20",
            "PAN-OS 11.1.6-h19",
            "PAN-OS 11.1.6-h18",
            "PAN-OS 11.1.6-h17",
            "PAN-OS 11.1.6-h14",
            "PAN-OS 11.1.6-h10",
            "PAN-OS 11.1.6-h7",
            "PAN-OS 11.1.6-h6",
            "PAN-OS 11.1.6-h4",
            "PAN-OS 11.1.6-h3",
            "PAN-OS 11.1.6-h2",
            "PAN-OS 11.1.6-h1",
            "PAN-OS 11.1.6",
            "PAN-OS 11.1.5-h1",
            "PAN-OS 11.1.5",
            "PAN-OS 11.1.4-h33",
            "PAN-OS 11.1.4-h32",
            "PAN-OS 11.1.4-h27",
            "PAN-OS 11.1.4-h25",
            "PAN-OS 11.1.4-h18",
            "PAN-OS 11.1.4-h17",
            "PAN-OS 11.1.4-h15",
            "PAN-OS 11.1.4-h13",
            "PAN-OS 11.1.4-h12",
            "PAN-OS 11.1.4-h11",
            "PAN-OS 11.1.4-h10",
            "PAN-OS 11.1.4-h9",
            "PAN-OS 11.1.4-h8",
            "PAN-OS 11.1.4-h7",
            "PAN-OS 11.1.4-h6",
            "PAN-OS 11.1.4-h5",
            "PAN-OS 11.1.4-h4",
            "PAN-OS 11.1.4-h3",
            "PAN-OS 11.1.4-h2",
            "PAN-OS 11.1.4-h1",
            "PAN-OS 11.1.4",
            "PAN-OS 11.1.3-h13",
            "PAN-OS 11.1.3-h12",
            "PAN-OS 11.1.3-h11",
            "PAN-OS 11.1.3-h10",
            "PAN-OS 11.1.3-h9",
            "PAN-OS 11.1.3-h8",
            "PAN-OS 11.1.3-h7",
            "PAN-OS 11.1.3-h6",
            "PAN-OS 11.1.3-h5",
            "PAN-OS 11.1.3-h4",
            "PAN-OS 11.1.3-h3",
            "PAN-OS 11.1.3-h2",
            "PAN-OS 11.1.3-h1",
            "PAN-OS 11.1.3",
            "PAN-OS 11.1.2-h18",
            "PAN-OS 11.1.2-h17",
            "PAN-OS 11.1.2-h16",
            "PAN-OS 11.1.2-h15",
            "PAN-OS 11.1.2-h14",
            "PAN-OS 11.1.2-h13",
            "PAN-OS 11.1.2-h12",
            "PAN-OS 11.1.2-h11",
            "PAN-OS 11.1.2-h10",
            "PAN-OS 11.1.2-h9",
            "PAN-OS 11.1.2-h8",
            "PAN-OS 11.1.2-h7",
            "PAN-OS 11.1.2-h6",
            "PAN-OS 11.1.2-h5",
            "PAN-OS 11.1.2-h4",
            "PAN-OS 11.1.2-h3",
            "PAN-OS 11.1.2-h2",
            "PAN-OS 11.1.2-h1",
            "PAN-OS 11.1.2",
            "PAN-OS 11.1.1-h2",
            "PAN-OS 11.1.1-h1",
            "PAN-OS 11.1.1",
            "PAN-OS 11.1.0-h4",
            "PAN-OS 11.1.0-h3",
            "PAN-OS 11.1.0-h2",
            "PAN-OS 11.1.0-h1",
            "PAN-OS 11.1.0",
            "PAN-OS 10.2.18-h6",
            "PAN-OS 10.2.18-h5",
            "PAN-OS 10.2.18-h1",
            "PAN-OS 10.2.18",
            "PAN-OS 10.2.17",
            "PAN-OS 10.2.16-h7",
            "PAN-OS 10.2.16-h6",
            "PAN-OS 10.2.16-h4",
            "PAN-OS 10.2.16-h1",
            "PAN-OS 10.2.16",
            "PAN-OS 10.2.15",
            "PAN-OS 10.2.14-h1",
            "PAN-OS 10.2.14",
            "PAN-OS 10.2.13-h21",
            "PAN-OS 10.2.13-h18",
            "PAN-OS 10.2.13-h16",
            "PAN-OS 10.2.13-h15",
            "PAN-OS 10.2.13-h10",
            "PAN-OS 10.2.13-h7",
            "PAN-OS 10.2.13-h5",
            "PAN-OS 10.2.13-h4",
            "PAN-OS 10.2.13-h3",
            "PAN-OS 10.2.13-h2",
            "PAN-OS 10.2.13-h1",
            "PAN-OS 10.2.13",
            "PAN-OS 10.2.12-h6",
            "PAN-OS 10.2.12-h5",
            "PAN-OS 10.2.12-h4",
            "PAN-OS 10.2.12-h3",
            "PAN-OS 10.2.12-h2",
            "PAN-OS 10.2.12-h1",
            "PAN-OS 10.2.12",
            "PAN-OS 10.2.11-h13",
            "PAN-OS 10.2.11-h12",
            "PAN-OS 10.2.11-h11",
            "PAN-OS 10.2.11-h10",
            "PAN-OS 10.2.11-h9",
            "PAN-OS 10.2.11-h8",
            "PAN-OS 10.2.11-h7",
            "PAN-OS 10.2.11-h6",
            "PAN-OS 10.2.11-h5",
            "PAN-OS 10.2.11-h4",
            "PAN-OS 10.2.11-h3",
            "PAN-OS 10.2.11-h2",
            "PAN-OS 10.2.11-h1",
            "PAN-OS 10.2.11",
            "PAN-OS 10.2.10-h36",
            "PAN-OS 10.2.10-h31",
            "PAN-OS 10.2.10-h30",
            "PAN-OS 10.2.10-h27",
            "PAN-OS 10.2.10-h26",
            "PAN-OS 10.2.10-h23",
            "PAN-OS 10.2.10-h21",
            "PAN-OS 10.2.10-h18",
            "PAN-OS 10.2.10-h17",
            "PAN-OS 10.2.10-h14",
            "PAN-OS 10.2.10-h13",
            "PAN-OS 10.2.10-h12",
            "PAN-OS 10.2.10-h11",
            "PAN-OS 10.2.10-h10",
            "PAN-OS 10.2.10-h9",
            "PAN-OS 10.2.10-h8",
            "PAN-OS 10.2.10-h7",
            "PAN-OS 10.2.10-h6",
            "PAN-OS 10.2.10-h5",
            "PAN-OS 10.2.10-h4",
            "PAN-OS 10.2.10-h3",
            "PAN-OS 10.2.10-h2",
            "PAN-OS 10.2.10-h1",
            "PAN-OS 10.2.10",
            "PAN-OS 10.2.9-h21",
            "PAN-OS 10.2.9-h20",
            "PAN-OS 10.2.9-h19",
            "PAN-OS 10.2.9-h18",
            "PAN-OS 10.2.9-h17",
            "PAN-OS 10.2.9-h16",
            "PAN-OS 10.2.9-h15",
            "PAN-OS 10.2.9-h14",
            "PAN-OS 10.2.9-h13",
            "PAN-OS 10.2.9-h12",
            "PAN-OS 10.2.9-h11",
            "PAN-OS 10.2.9-h10",
            "PAN-OS 10.2.9-h9",
            "PAN-OS 10.2.9-h8",
            "PAN-OS 10.2.9-h7",
            "PAN-OS 10.2.9-h6",
            "PAN-OS 10.2.9-h5",
            "PAN-OS 10.2.9-h4",
            "PAN-OS 10.2.9-h3",
            "PAN-OS 10.2.9-h2",
            "PAN-OS 10.2.9-h1",
            "PAN-OS 10.2.9",
            "PAN-OS 10.2.8-h21",
            "PAN-OS 10.2.8-h20",
            "PAN-OS 10.2.8-h19",
            "PAN-OS 10.2.8-h18",
            "PAN-OS 10.2.8-h17",
            "PAN-OS 10.2.8-h16",
            "PAN-OS 10.2.8-h15",
            "PAN-OS 10.2.8-h14",
            "PAN-OS 10.2.8-h13",
            "PAN-OS 10.2.8-h12",
            "PAN-OS 10.2.8-h11",
            "PAN-OS 10.2.8-h10",
            "PAN-OS 10.2.8-h9",
            "PAN-OS 10.2.8-h8",
            "PAN-OS 10.2.8-h7",
            "PAN-OS 10.2.8-h6",
            "PAN-OS 10.2.8-h5",
            "PAN-OS 10.2.8-h4",
            "PAN-OS 10.2.8-h3",
            "PAN-OS 10.2.8-h2",
            "PAN-OS 10.2.8-h1",
            "PAN-OS 10.2.8",
            "PAN-OS 10.2.7-h34",
            "PAN-OS 10.2.7-h32",
            "PAN-OS 10.2.7-h24",
            "PAN-OS 10.2.7-h23",
            "PAN-OS 10.2.7-h22",
            "PAN-OS 10.2.7-h21",
            "PAN-OS 10.2.7-h20",
            "PAN-OS 10.2.7-h19",
            "PAN-OS 10.2.7-h18",
            "PAN-OS 10.2.7-h17",
            "PAN-OS 10.2.7-h16",
            "PAN-OS 10.2.7-h15",
            "PAN-OS 10.2.7-h14",
            "PAN-OS 10.2.7-h13",
            "PAN-OS 10.2.7-h12",
            "PAN-OS 10.2.7-h11",
            "PAN-OS 10.2.7-h10",
            "PAN-OS 10.2.7-h9",
            "PAN-OS 10.2.7-h8",
            "PAN-OS 10.2.7-h7",
            "PAN-OS 10.2.7-h6",
            "PAN-OS 10.2.7-h5",
            "PAN-OS 10.2.7-h4",
            "PAN-OS 10.2.7-h3",
            "PAN-OS 10.2.7-h2",
            "PAN-OS 10.2.7-h1",
            "PAN-OS 10.2.7",
            "PAN-OS 10.2.6-h6",
            "PAN-OS 10.2.6-h5",
            "PAN-OS 10.2.6-h4",
            "PAN-OS 10.2.6-h3",
            "PAN-OS 10.2.6-h2",
            "PAN-OS 10.2.6-h1",
            "PAN-OS 10.2.6",
            "PAN-OS 10.2.5-h9",
            "PAN-OS 10.2.5-h8",
            "PAN-OS 10.2.5-h7",
            "PAN-OS 10.2.5-h6",
            "PAN-OS 10.2.5-h5",
            "PAN-OS 10.2.5-h4",
            "PAN-OS 10.2.5-h3",
            "PAN-OS 10.2.5-h2",
            "PAN-OS 10.2.5-h1",
            "PAN-OS 10.2.5",
            "PAN-OS 10.2.4-h32",
            "PAN-OS 10.2.4-h31",
            "PAN-OS 10.2.4-h30",
            "PAN-OS 10.2.4-h29",
            "PAN-OS 10.2.4-h28",
            "PAN-OS 10.2.4-h27",
            "PAN-OS 10.2.4-h26",
            "PAN-OS 10.2.4-h25",
            "PAN-OS 10.2.4-h24",
            "PAN-OS 10.2.4-h23",
            "PAN-OS 10.2.4-h22",
            "PAN-OS 10.2.4-h21",
            "PAN-OS 10.2.4-h20",
            "PAN-OS 10.2.4-h19",
            "PAN-OS 10.2.4-h18",
            "PAN-OS 10.2.4-h17",
            "PAN-OS 10.2.4-h16",
            "PAN-OS 10.2.4-h15",
            "PAN-OS 10.2.4-h14",
            "PAN-OS 10.2.4-h13",
            "PAN-OS 10.2.4-h12",
            "PAN-OS 10.2.4-h11",
            "PAN-OS 10.2.4-h10",
            "PAN-OS 10.2.4-h9",
            "PAN-OS 10.2.4-h8",
            "PAN-OS 10.2.4-h7",
            "PAN-OS 10.2.4-h6",
            "PAN-OS 10.2.4-h5",
            "PAN-OS 10.2.4-h4",
            "PAN-OS 10.2.4-h3",
            "PAN-OS 10.2.4-h2",
            "PAN-OS 10.2.4-h1",
            "PAN-OS 10.2.4",
            "PAN-OS 10.2.3-h14",
            "PAN-OS 10.2.3-h13",
            "PAN-OS 10.2.3-h12",
            "PAN-OS 10.2.3-h11",
            "PAN-OS 10.2.3-h10",
            "PAN-OS 10.2.3-h9",
            "PAN-OS 10.2.3-h8",
            "PAN-OS 10.2.3-h7",
            "PAN-OS 10.2.3-h6",
            "PAN-OS 10.2.3-h5",
            "PAN-OS 10.2.3-h4",
            "PAN-OS 10.2.3-h3",
            "PAN-OS 10.2.3-h2",
            "PAN-OS 10.2.3-h1",
            "PAN-OS 10.2.3",
            "PAN-OS 10.2.2-h6",
            "PAN-OS 10.2.2-h5",
            "PAN-OS 10.2.2-h4",
            "PAN-OS 10.2.2-h3",
            "PAN-OS 10.2.2-h2",
            "PAN-OS 10.2.2-h1",
            "PAN-OS 10.2.2",
            "PAN-OS 10.2.1-h3",
            "PAN-OS 10.2.1-h2",
            "PAN-OS 10.2.1-h1",
            "PAN-OS 10.2.1",
            "PAN-OS 10.2.0-h4",
            "PAN-OS 10.2.0-h3",
            "PAN-OS 10.2.0-h2",
            "PAN-OS 10.2.0-h1",
            "PAN-OS 10.2.0"
          ],
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "assignerShortName": "palo_alto",
        "cveId": "CVE-2026-0281",
        "datePublished": "2026-07-09T19:03:44.381Z",
        "dateReserved": "2025-11-03T20:44:40.071Z",
        "dateUpdated": "2026-07-09T19:24:18.136Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-0280 (GCVE-0-2026-0280)

    Vulnerability from nvd – Published: 2026-07-09 19:05 – Updated: 2026-07-09 19:23
    VLAI
    Title
    PAN-OS: IPv6 Firewall Policy Bypass
    Summary
    An IPv6 packet processing vulnerability in the dataplane of Palo Alto Networks PAN-OS® software enables an unauthenticated attacker to bypass firewall security policy enforcement, allowing network traffic that should be blocked to reach protected services. Cloud NGFW and Panorama are not impacted by this vulnerability.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-131 - Incorrect Calculation of Buffer Size
    Assigner
    References
    Impacted products
    Vendor Product Version
    Palo Alto Networks Cloud NGFW Unaffected: All (custom)
    Create a notification for this product.
    Palo Alto Networks PAN-OS Affected: 12.1.0 , < 12.1.8 (custom)
    Affected: 11.2.0 , < 11.2.13 (custom)
    Affected: 11.1.0 , < 11.1.16 (custom)
    Affected: 10.2.0 , < 10.2.18-h8 (custom)
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.7:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.15:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.14:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h26:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h25:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h32:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h29:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h25:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h23:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h22:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h20:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h19:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h33:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h32:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h27:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h25:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.17:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.15:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.14:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h16:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h36:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h31:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h30:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h27:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h26:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h23:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h34:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h32:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h24:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h23:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h22:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h20:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h19:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h16:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Palo Alto Networks Panorama Unaffected: All (custom)
    Create a notification for this product.
    Palo Alto Networks Prisma Access Affected: 11.2.0 , < 11.2.7-h18 (custom)
    Affected: 10.2.0 , < 10.2.10-h39 (custom)
    Create a notification for this product.
    Date Public
    2026-07-08 16:00
    Credits
    Curious of TRAPA Security
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-0280",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-09T19:23:50.545835Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-09T19:23:56.125Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Cloud NGFW",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "All",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.7:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.15:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.14:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h26:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h25:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h32:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h29:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h25:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h23:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h22:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h20:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h19:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h33:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h32:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h27:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h25:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.17:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.15:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.14:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h16:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h36:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h31:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h30:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h27:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h26:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h23:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h34:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h32:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h24:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h23:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h22:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h20:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h19:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h16:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "PAN-OS",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "12.1.8",
                      "status": "unaffected"
                    },
                    {
                      "at": "12.1.7-h2",
                      "status": "unaffected"
                    },
                    {
                      "at": "12.1.4-h8",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "12.1.8",
                  "status": "affected",
                  "version": "12.1.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "11.2.13",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.2.10-h11",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.2.7-h18",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.2.4-h20",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "11.2.13",
                  "status": "affected",
                  "version": "11.2.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "11.1.16",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.13-h9",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.10-h30",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.7-h8",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.6-h35",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.4-h35",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "11.1.16",
                  "status": "affected",
                  "version": "11.1.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "10.2.18-h8",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.16-h9",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.13-h23",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.10-h39",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.7-h36",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "10.2.18-h8",
                  "status": "affected",
                  "version": "10.2.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Panorama",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "All",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Prisma Access",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "11.2.7-h18",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "11.2.7-h18",
                  "status": "affected",
                  "version": "11.2.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "10.2.10-h39",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "10.2.10-h39",
                  "status": "affected",
                  "version": "10.2.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "configurations": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "This issue applies to PAN-OS firewalls with IPv6 enabled on one or more interfaces.\u003cbr\u003e\u003cbr\u003eYou can verify IPv6 is enabled by checking:\u003cbr\u003e\u2003Network -\u0026gt; Interfaces -\u0026gt; [Interface with Layer3 type] -\u0026gt; IPv6 \u0026gt; Enable IPv6 on the interface"
                }
              ],
              "value": "This issue applies to PAN-OS firewalls with IPv6 enabled on one or more interfaces.\n\nYou can verify IPv6 is enabled by checking:\n\u2003Network -\u003e Interfaces -\u003e [Interface with Layer3 type] -\u003e IPv6 \u003e Enable IPv6 on the interface"
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "12.1.8",
                      "versionStartIncluding": "12.1.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "12.1.7-h2",
                      "versionStartIncluding": "12.1.7",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "12.1.4-h8",
                      "versionStartIncluding": "12.1.4",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.13",
                      "versionStartIncluding": "11.2.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.10-h11",
                      "versionStartIncluding": "11.2.10",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.7-h18",
                      "versionStartIncluding": "11.2.7",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.4-h20",
                      "versionStartIncluding": "11.2.4",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.16",
                      "versionStartIncluding": "11.1.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.13-h9",
                      "versionStartIncluding": "11.1.13",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.10-h30",
                      "versionStartIncluding": "11.1.10",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.7-h8",
                      "versionStartIncluding": "11.1.7",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.6-h35",
                      "versionStartIncluding": "11.1.6",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.4-h35",
                      "versionStartIncluding": "11.1.4",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.18-h8",
                      "versionStartIncluding": "10.2.18",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.16-h9",
                      "versionStartIncluding": "10.2.16",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.13-h23",
                      "versionStartIncluding": "10.2.13",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.10-h39",
                      "versionStartIncluding": "10.2.10",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.7-h36",
                      "versionStartIncluding": "10.2.7",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:prisma_access:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.7-h18",
                      "versionStartIncluding": "11.2.7",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:prisma_access:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.10-h39",
                      "versionStartIncluding": "10.2.10",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Curious of TRAPA Security"
            }
          ],
          "datePublic": "2026-07-08T16:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An IPv6 packet processing vulnerability in the dataplane of Palo Alto Networks PAN-OS\u00ae software enables an unauthenticated attacker to bypass firewall security policy enforcement, allowing network traffic that should be blocked to reach protected services.\u003cbr\u003e\u003cbr\u003eCloud NGFW and Panorama are not impacted by this vulnerability."
                }
              ],
              "value": "An IPv6 packet processing vulnerability in the dataplane of Palo Alto Networks PAN-OS\u00ae software enables an unauthenticated attacker to bypass firewall security policy enforcement, allowing network traffic that should be blocked to reach protected services.\n\nCloud NGFW and Panorama are not impacted by this vulnerability."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
                }
              ],
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-153",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-153 Input Data Manipulation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "YES",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "NETWORK",
                "baseScore": 1.7,
                "baseSeverity": "LOW",
                "exploitMaturity": "UNREPORTED",
                "privilegesRequired": "NONE",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "LOW",
                "subIntegrityImpact": "LOW",
                "userInteraction": "NONE",
                "valueDensity": "DIFFUSE",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/AU:Y/V:D/RE:M/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "MODERATE"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-131",
                  "description": "CWE-131 Incorrect Calculation of Buffer Size",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-09T19:05:24.367Z",
            "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
            "shortName": "palo_alto"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://security.paloaltonetworks.com/CVE-2026-0280"
            }
          ],
          "solutions": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003ctable\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eVersion\u003cbr\u003e\u003c/th\u003e\u003cth\u003eMinor Version\u003cbr\u003e\u003c/th\u003e\u003cth\u003eSuggested Solution\u003cbr\u003e\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003eCloud NGFW\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePAN-OS 12.1\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e12.1.5 through 12.1.7\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 12.1.7-h2 or 12.1.8 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e12.1.2 through 12.1.4\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 12.1.4-h8 or 12.1.8 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePAN-OS 11.2\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.2.11 through 11.2.12\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.2.13 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.2.8 through 11.2.10\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.2.10-h11 or 11.2.13 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.2.5 through 11.2.7\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.2.7-h18 or 11.2.13 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.2.0 through 11.2.4\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.2.4-h20 or 11.2.13 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePAN-OS 11.1\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.14 through 11.1.15\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.16 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.11 through 11.1.13\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.13-h9 or 11.1.16 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.8 through 11.1.10\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.10-h30 or 11.1.16 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.7 through 11.1.7\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.7-h8 or 11.1.16 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.5 through 11.1.6\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.6-h35 or 11.1.16 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.0 through 11.1.4\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.4-h35 or 11.1.16 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePAN-OS 10.2\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e10.2.17 through 10.2.18\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 10.2.18-h8 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e10.2.14 through 10.2.16\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 10.2.16-h9 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e10.2.11 through 10.2.13\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 10.2.13-h23 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e10.2.8 through 10.2.10\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 10.2.10-h39 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e10.2.0 through 10.2.7\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 10.2.7-h36 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eAll older\u003cbr\u003eunsupported\u003cbr\u003ePAN-OS versions\u003c/td\u003e\u003ctd\u003e\u0026nbsp;\u003c/td\u003e\u003ctd\u003eUpgrade to a supported fixed version.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePrisma Access 11.2\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.2.0 through 11.2.7\u003c/td\u003e\u003ctd\u003eUpgrade to 11.2.7-h18 or later.*\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePrisma Access 10.2\u003c/td\u003e\u003ctd\u003e10.2.0 through 10.2.10\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.10-h39 or later.*\u003cbr\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003cbr\u003e* See the note under Product Status for information regarding Prisma Access upgrades."
                }
              ],
              "value": "Version\nMinor Version\nSuggested Solution\nCloud NGFW\nNo action needed.\n                                PAN-OS 12.1\n\n                                12.1.5 through 12.1.7-h*\n                                Upgrade to 12.1.7-h2 or 12.1.8 or later.\n                            \n                                \n                                12.1.2 through 12.1.4-h*\n                                Upgrade to 12.1.4-h8 or 12.1.8 or later.\n                            \n                                PAN-OS 11.2\n\n                                11.2.11 through 11.2.12\n                                Upgrade to 11.2.13 or later.\n                            \n                                \n                                11.2.8 through 11.2.10-h*\n                                Upgrade to 11.2.10-h11 or 11.2.13 or later.\n                            \n                                \n                                11.2.5 through 11.2.7-h*\n                                Upgrade to 11.2.7-h18 or 11.2.13 or later.\n                            \n                                \n                                11.2.0 through 11.2.4-h*\n                                Upgrade to 11.2.4-h20 or 11.2.13 or later.\n                            \n                                PAN-OS 11.1\n\n                                11.1.14 through 11.1.15\n                                Upgrade to 11.1.16 or later.\n                            \n                                \n                                11.1.11 through 11.1.13-h*\n                                Upgrade to 11.1.13-h9 or 11.1.16 or later.\n                            \n                                \n                                11.1.8 through 11.1.10-h*\n                                Upgrade to 11.1.10-h30 or 11.1.16 or later.\n                            \n                                \n                                11.1.7 through 11.1.7-h*\n                                Upgrade to 11.1.7-h8 or 11.1.16 or later.\n                            \n                                \n                                11.1.5 through 11.1.6-h*\n                                Upgrade to 11.1.6-h35 or 11.1.16 or later.\n                            \n                                \n                                11.1.0 through 11.1.4-h*\n                                Upgrade to 11.1.4-h35 or 11.1.16 or later.\n                            \n                                PAN-OS 10.2\n\n                                10.2.17 through 10.2.18-h*\n                                Upgrade to 10.2.18-h8 or later.\n                            \n                                \n                                10.2.14 through 10.2.16-h*\n                                Upgrade to 10.2.16-h9 or later.\n                            \n                                \n                                10.2.11 through 10.2.13-h*\n                                Upgrade to 10.2.13-h23 or later.\n                            \n                                \n                                10.2.8 through 10.2.10-h*\n                                Upgrade to 10.2.10-h39 or later.\n                            \n                                \n                                10.2.0 through 10.2.7-h*\n                                Upgrade to 10.2.7-h36 or later.\n                            All older\nunsupported\nPAN-OS versions\u00a0Upgrade to a supported fixed version.Prisma Access 11.2\n11.2.0 through 11.2.7Upgrade to 11.2.7-h18 or later.*Prisma Access 10.210.2.0 through 10.2.10Upgrade to 10.2.10-h39 or later.*\n\n* See the note under Product Status for information regarding Prisma Access upgrades."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "timeline": [
            {
              "lang": "en",
              "time": "2026-07-08T16:00:00.000Z",
              "value": "Initial Publication"
            }
          ],
          "title": "PAN-OS: IPv6 Firewall Policy Bypass",
          "workarounds": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eThe only way to completely address this vulnerability is to upgrade to a fixed version. However, if operationally feasible for your environment, risk can be mitigated by enabling the default \"Non SYN TCP Reject\" setting via the following command:\u2003\u003c/p\u003e\u2003set deviceconfig setting session tcp-reject-non-syn yes"
                }
              ],
              "value": "The only way to completely address this vulnerability is to upgrade to a fixed version. However, if operationally feasible for your environment, risk can be mitigated by enabling the default \"Non SYN TCP Reject\" setting via the following command:\u2003\n\n\u2003set deviceconfig setting session tcp-reject-non-syn yes"
            }
          ],
          "x_affectedList": [
            "PAN-OS 12.1.7",
            "PAN-OS 12.1.6",
            "PAN-OS 12.1.5",
            "PAN-OS 12.1.4-h6",
            "PAN-OS 12.1.4-h5",
            "PAN-OS 12.1.4-h3",
            "PAN-OS 12.1.4-h2",
            "PAN-OS 12.1.4",
            "PAN-OS 12.1.3-h3",
            "PAN-OS 12.1.3-h1",
            "PAN-OS 12.1.3",
            "PAN-OS 12.1.2",
            "PAN-OS 11.2.12",
            "PAN-OS 11.2.11",
            "PAN-OS 11.2.10-h8",
            "PAN-OS 11.2.10-h7",
            "PAN-OS 11.2.10-h6",
            "PAN-OS 11.2.10-h5",
            "PAN-OS 11.2.10-h4",
            "PAN-OS 11.2.10-h3",
            "PAN-OS 11.2.10-h2",
            "PAN-OS 11.2.10-h1",
            "PAN-OS 11.2.10",
            "PAN-OS 11.2.9",
            "PAN-OS 11.2.8",
            "PAN-OS 11.2.7-h15",
            "PAN-OS 11.2.7-h14",
            "PAN-OS 11.2.7-h13",
            "PAN-OS 11.2.7-h12",
            "PAN-OS 11.2.7-h11",
            "PAN-OS 11.2.7-h10",
            "PAN-OS 11.2.7-h8",
            "PAN-OS 11.2.7-h7",
            "PAN-OS 11.2.7-h4",
            "PAN-OS 11.2.7-h3",
            "PAN-OS 11.2.7-h2",
            "PAN-OS 11.2.7-h1",
            "PAN-OS 11.2.7",
            "PAN-OS 11.2.6",
            "PAN-OS 11.2.5",
            "PAN-OS 11.2.4-h17",
            "PAN-OS 11.2.4-h15",
            "PAN-OS 11.2.4-h14",
            "PAN-OS 11.2.4-h12",
            "PAN-OS 11.2.4-h11",
            "PAN-OS 11.2.4-h10",
            "PAN-OS 11.2.4-h9",
            "PAN-OS 11.2.4-h8",
            "PAN-OS 11.2.4-h7",
            "PAN-OS 11.2.4-h6",
            "PAN-OS 11.2.4-h5",
            "PAN-OS 11.2.4-h4",
            "PAN-OS 11.2.4-h3",
            "PAN-OS 11.2.4-h2",
            "PAN-OS 11.2.4-h1",
            "PAN-OS 11.2.4",
            "PAN-OS 11.2.3-h5",
            "PAN-OS 11.2.3-h4",
            "PAN-OS 11.2.3-h3",
            "PAN-OS 11.2.3-h2",
            "PAN-OS 11.2.3-h1",
            "PAN-OS 11.2.3",
            "PAN-OS 11.2.2-h2",
            "PAN-OS 11.2.2-h1",
            "PAN-OS 11.2.1-h1",
            "PAN-OS 11.2.1",
            "PAN-OS 11.2.0-h1",
            "PAN-OS 11.2.0",
            "PAN-OS 11.1.15",
            "PAN-OS 11.1.14",
            "PAN-OS 11.1.13-h6",
            "PAN-OS 11.1.13-h5",
            "PAN-OS 11.1.13-h3",
            "PAN-OS 11.1.13-h2",
            "PAN-OS 11.1.13-h1",
            "PAN-OS 11.1.13",
            "PAN-OS 11.1.12",
            "PAN-OS 11.1.11",
            "PAN-OS 11.1.10-h26",
            "PAN-OS 11.1.10-h25",
            "PAN-OS 11.1.10-h21",
            "PAN-OS 11.1.10-h12",
            "PAN-OS 11.1.10-h10",
            "PAN-OS 11.1.10-h9",
            "PAN-OS 11.1.10-h7",
            "PAN-OS 11.1.10-h5",
            "PAN-OS 11.1.10-h4",
            "PAN-OS 11.1.10-h1",
            "PAN-OS 11.1.10",
            "PAN-OS 11.1.9",
            "PAN-OS 11.1.8",
            "PAN-OS 11.1.6-h32",
            "PAN-OS 11.1.6-h29",
            "PAN-OS 11.1.6-h25",
            "PAN-OS 11.1.6-h23",
            "PAN-OS 11.1.6-h22",
            "PAN-OS 11.1.6-h21",
            "PAN-OS 11.1.6-h20",
            "PAN-OS 11.1.6-h19",
            "PAN-OS 11.1.6-h18",
            "PAN-OS 11.1.6-h17",
            "PAN-OS 11.1.6-h14",
            "PAN-OS 11.1.6-h10",
            "PAN-OS 11.1.6-h7",
            "PAN-OS 11.1.6-h6",
            "PAN-OS 11.1.6-h4",
            "PAN-OS 11.1.6-h3",
            "PAN-OS 11.1.6-h2",
            "PAN-OS 11.1.6-h1",
            "PAN-OS 11.1.6",
            "PAN-OS 11.1.5-h1",
            "PAN-OS 11.1.5",
            "PAN-OS 11.1.4-h33",
            "PAN-OS 11.1.4-h32",
            "PAN-OS 11.1.4-h27",
            "PAN-OS 11.1.4-h25",
            "PAN-OS 11.1.4-h18",
            "PAN-OS 11.1.4-h17",
            "PAN-OS 11.1.4-h15",
            "PAN-OS 11.1.4-h13",
            "PAN-OS 11.1.4-h12",
            "PAN-OS 11.1.4-h11",
            "PAN-OS 11.1.4-h10",
            "PAN-OS 11.1.4-h9",
            "PAN-OS 11.1.4-h8",
            "PAN-OS 11.1.4-h7",
            "PAN-OS 11.1.4-h6",
            "PAN-OS 11.1.4-h5",
            "PAN-OS 11.1.4-h4",
            "PAN-OS 11.1.4-h3",
            "PAN-OS 11.1.4-h2",
            "PAN-OS 11.1.4-h1",
            "PAN-OS 11.1.4",
            "PAN-OS 11.1.3-h13",
            "PAN-OS 11.1.3-h12",
            "PAN-OS 11.1.3-h11",
            "PAN-OS 11.1.3-h10",
            "PAN-OS 11.1.3-h9",
            "PAN-OS 11.1.3-h8",
            "PAN-OS 11.1.3-h7",
            "PAN-OS 11.1.3-h6",
            "PAN-OS 11.1.3-h5",
            "PAN-OS 11.1.3-h4",
            "PAN-OS 11.1.3-h3",
            "PAN-OS 11.1.3-h2",
            "PAN-OS 11.1.3-h1",
            "PAN-OS 11.1.3",
            "PAN-OS 11.1.2-h18",
            "PAN-OS 11.1.2-h17",
            "PAN-OS 11.1.2-h16",
            "PAN-OS 11.1.2-h15",
            "PAN-OS 11.1.2-h14",
            "PAN-OS 11.1.2-h13",
            "PAN-OS 11.1.2-h12",
            "PAN-OS 11.1.2-h11",
            "PAN-OS 11.1.2-h10",
            "PAN-OS 11.1.2-h9",
            "PAN-OS 11.1.2-h8",
            "PAN-OS 11.1.2-h7",
            "PAN-OS 11.1.2-h6",
            "PAN-OS 11.1.2-h5",
            "PAN-OS 11.1.2-h4",
            "PAN-OS 11.1.2-h3",
            "PAN-OS 11.1.2-h2",
            "PAN-OS 11.1.2-h1",
            "PAN-OS 11.1.2",
            "PAN-OS 11.1.1-h2",
            "PAN-OS 11.1.1-h1",
            "PAN-OS 11.1.1",
            "PAN-OS 11.1.0-h4",
            "PAN-OS 11.1.0-h3",
            "PAN-OS 11.1.0-h2",
            "PAN-OS 11.1.0-h1",
            "PAN-OS 11.1.0",
            "PAN-OS 10.2.18-h6",
            "PAN-OS 10.2.18-h5",
            "PAN-OS 10.2.18-h1",
            "PAN-OS 10.2.18",
            "PAN-OS 10.2.17",
            "PAN-OS 10.2.16-h7",
            "PAN-OS 10.2.16-h6",
            "PAN-OS 10.2.16-h4",
            "PAN-OS 10.2.16-h1",
            "PAN-OS 10.2.16",
            "PAN-OS 10.2.15",
            "PAN-OS 10.2.14-h1",
            "PAN-OS 10.2.14",
            "PAN-OS 10.2.13-h21",
            "PAN-OS 10.2.13-h18",
            "PAN-OS 10.2.13-h16",
            "PAN-OS 10.2.13-h15",
            "PAN-OS 10.2.13-h10",
            "PAN-OS 10.2.13-h7",
            "PAN-OS 10.2.13-h5",
            "PAN-OS 10.2.13-h4",
            "PAN-OS 10.2.13-h3",
            "PAN-OS 10.2.13-h2",
            "PAN-OS 10.2.13-h1",
            "PAN-OS 10.2.13",
            "PAN-OS 10.2.12-h6",
            "PAN-OS 10.2.12-h5",
            "PAN-OS 10.2.12-h4",
            "PAN-OS 10.2.12-h3",
            "PAN-OS 10.2.12-h2",
            "PAN-OS 10.2.12-h1",
            "PAN-OS 10.2.12",
            "PAN-OS 10.2.11-h13",
            "PAN-OS 10.2.11-h12",
            "PAN-OS 10.2.11-h11",
            "PAN-OS 10.2.11-h10",
            "PAN-OS 10.2.11-h9",
            "PAN-OS 10.2.11-h8",
            "PAN-OS 10.2.11-h7",
            "PAN-OS 10.2.11-h6",
            "PAN-OS 10.2.11-h5",
            "PAN-OS 10.2.11-h4",
            "PAN-OS 10.2.11-h3",
            "PAN-OS 10.2.11-h2",
            "PAN-OS 10.2.11-h1",
            "PAN-OS 10.2.11",
            "PAN-OS 10.2.10-h36",
            "PAN-OS 10.2.10-h31",
            "PAN-OS 10.2.10-h30",
            "PAN-OS 10.2.10-h27",
            "PAN-OS 10.2.10-h26",
            "PAN-OS 10.2.10-h23",
            "PAN-OS 10.2.10-h21",
            "PAN-OS 10.2.10-h18",
            "PAN-OS 10.2.10-h17",
            "PAN-OS 10.2.10-h14",
            "PAN-OS 10.2.10-h13",
            "PAN-OS 10.2.10-h12",
            "PAN-OS 10.2.10-h11",
            "PAN-OS 10.2.10-h10",
            "PAN-OS 10.2.10-h9",
            "PAN-OS 10.2.10-h8",
            "PAN-OS 10.2.10-h7",
            "PAN-OS 10.2.10-h6",
            "PAN-OS 10.2.10-h5",
            "PAN-OS 10.2.10-h4",
            "PAN-OS 10.2.10-h3",
            "PAN-OS 10.2.10-h2",
            "PAN-OS 10.2.10-h1",
            "PAN-OS 10.2.10",
            "PAN-OS 10.2.9-h21",
            "PAN-OS 10.2.9-h20",
            "PAN-OS 10.2.9-h19",
            "PAN-OS 10.2.9-h18",
            "PAN-OS 10.2.9-h17",
            "PAN-OS 10.2.9-h16",
            "PAN-OS 10.2.9-h15",
            "PAN-OS 10.2.9-h14",
            "PAN-OS 10.2.9-h13",
            "PAN-OS 10.2.9-h12",
            "PAN-OS 10.2.9-h11",
            "PAN-OS 10.2.9-h10",
            "PAN-OS 10.2.9-h9",
            "PAN-OS 10.2.9-h8",
            "PAN-OS 10.2.9-h7",
            "PAN-OS 10.2.9-h6",
            "PAN-OS 10.2.9-h5",
            "PAN-OS 10.2.9-h4",
            "PAN-OS 10.2.9-h3",
            "PAN-OS 10.2.9-h2",
            "PAN-OS 10.2.9-h1",
            "PAN-OS 10.2.9",
            "PAN-OS 10.2.8-h21",
            "PAN-OS 10.2.8-h20",
            "PAN-OS 10.2.8-h19",
            "PAN-OS 10.2.8-h18",
            "PAN-OS 10.2.8-h17",
            "PAN-OS 10.2.8-h16",
            "PAN-OS 10.2.8-h15",
            "PAN-OS 10.2.8-h14",
            "PAN-OS 10.2.8-h13",
            "PAN-OS 10.2.8-h12",
            "PAN-OS 10.2.8-h11",
            "PAN-OS 10.2.8-h10",
            "PAN-OS 10.2.8-h9",
            "PAN-OS 10.2.8-h8",
            "PAN-OS 10.2.8-h7",
            "PAN-OS 10.2.8-h6",
            "PAN-OS 10.2.8-h5",
            "PAN-OS 10.2.8-h4",
            "PAN-OS 10.2.8-h3",
            "PAN-OS 10.2.8-h2",
            "PAN-OS 10.2.8-h1",
            "PAN-OS 10.2.8",
            "PAN-OS 10.2.7-h34",
            "PAN-OS 10.2.7-h32",
            "PAN-OS 10.2.7-h24",
            "PAN-OS 10.2.7-h23",
            "PAN-OS 10.2.7-h22",
            "PAN-OS 10.2.7-h21",
            "PAN-OS 10.2.7-h20",
            "PAN-OS 10.2.7-h19",
            "PAN-OS 10.2.7-h18",
            "PAN-OS 10.2.7-h17",
            "PAN-OS 10.2.7-h16",
            "PAN-OS 10.2.7-h15",
            "PAN-OS 10.2.7-h14",
            "PAN-OS 10.2.7-h13",
            "PAN-OS 10.2.7-h12",
            "PAN-OS 10.2.7-h11",
            "PAN-OS 10.2.7-h10",
            "PAN-OS 10.2.7-h9",
            "PAN-OS 10.2.7-h8",
            "PAN-OS 10.2.7-h7",
            "PAN-OS 10.2.7-h6",
            "PAN-OS 10.2.7-h5",
            "PAN-OS 10.2.7-h4",
            "PAN-OS 10.2.7-h3",
            "PAN-OS 10.2.7-h2",
            "PAN-OS 10.2.7-h1",
            "PAN-OS 10.2.7",
            "PAN-OS 10.2.6-h6",
            "PAN-OS 10.2.6-h5",
            "PAN-OS 10.2.6-h4",
            "PAN-OS 10.2.6-h3",
            "PAN-OS 10.2.6-h2",
            "PAN-OS 10.2.6-h1",
            "PAN-OS 10.2.6",
            "PAN-OS 10.2.5-h9",
            "PAN-OS 10.2.5-h8",
            "PAN-OS 10.2.5-h7",
            "PAN-OS 10.2.5-h6",
            "PAN-OS 10.2.5-h5",
            "PAN-OS 10.2.5-h4",
            "PAN-OS 10.2.5-h3",
            "PAN-OS 10.2.5-h2",
            "PAN-OS 10.2.5-h1",
            "PAN-OS 10.2.5",
            "PAN-OS 10.2.4-h32",
            "PAN-OS 10.2.4-h31",
            "PAN-OS 10.2.4-h30",
            "PAN-OS 10.2.4-h29",
            "PAN-OS 10.2.4-h28",
            "PAN-OS 10.2.4-h27",
            "PAN-OS 10.2.4-h26",
            "PAN-OS 10.2.4-h25",
            "PAN-OS 10.2.4-h24",
            "PAN-OS 10.2.4-h23",
            "PAN-OS 10.2.4-h22",
            "PAN-OS 10.2.4-h21",
            "PAN-OS 10.2.4-h20",
            "PAN-OS 10.2.4-h19",
            "PAN-OS 10.2.4-h18",
            "PAN-OS 10.2.4-h17",
            "PAN-OS 10.2.4-h16",
            "PAN-OS 10.2.4-h15",
            "PAN-OS 10.2.4-h14",
            "PAN-OS 10.2.4-h13",
            "PAN-OS 10.2.4-h12",
            "PAN-OS 10.2.4-h11",
            "PAN-OS 10.2.4-h10",
            "PAN-OS 10.2.4-h9",
            "PAN-OS 10.2.4-h8",
            "PAN-OS 10.2.4-h7",
            "PAN-OS 10.2.4-h6",
            "PAN-OS 10.2.4-h5",
            "PAN-OS 10.2.4-h4",
            "PAN-OS 10.2.4-h3",
            "PAN-OS 10.2.4-h2",
            "PAN-OS 10.2.4-h1",
            "PAN-OS 10.2.4",
            "PAN-OS 10.2.3-h14",
            "PAN-OS 10.2.3-h13",
            "PAN-OS 10.2.3-h12",
            "PAN-OS 10.2.3-h11",
            "PAN-OS 10.2.3-h10",
            "PAN-OS 10.2.3-h9",
            "PAN-OS 10.2.3-h8",
            "PAN-OS 10.2.3-h7",
            "PAN-OS 10.2.3-h6",
            "PAN-OS 10.2.3-h5",
            "PAN-OS 10.2.3-h4",
            "PAN-OS 10.2.3-h3",
            "PAN-OS 10.2.3-h2",
            "PAN-OS 10.2.3-h1",
            "PAN-OS 10.2.3",
            "PAN-OS 10.2.2-h6",
            "PAN-OS 10.2.2-h5",
            "PAN-OS 10.2.2-h4",
            "PAN-OS 10.2.2-h3",
            "PAN-OS 10.2.2-h2",
            "PAN-OS 10.2.2-h1",
            "PAN-OS 10.2.2",
            "PAN-OS 10.2.1-h3",
            "PAN-OS 10.2.1-h2",
            "PAN-OS 10.2.1-h1",
            "PAN-OS 10.2.1",
            "PAN-OS 10.2.0-h4",
            "PAN-OS 10.2.0-h3",
            "PAN-OS 10.2.0-h2",
            "PAN-OS 10.2.0-h1",
            "PAN-OS 10.2.0"
          ],
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "assignerShortName": "palo_alto",
        "cveId": "CVE-2026-0280",
        "datePublished": "2026-07-09T19:05:24.367Z",
        "dateReserved": "2025-11-03T20:44:39.119Z",
        "dateUpdated": "2026-07-09T19:23:56.125Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-0279 (GCVE-0-2026-0279)

    Vulnerability from nvd – Published: 2026-07-09 19:08 – Updated: 2026-07-09 19:23
    VLAI
    Title
    PAN-OS: Multiple Cross-Site Scripting (XSS) Vulnerabilities
    Summary
    Multiple cross site scripting vulnerabilities in the User-ID™ Authentication Portal (aka Captive Portal) service, GlobalProtect™ gateway/portal features and Clientless VPN of Palo Alto Networks PAN-OS® software enables a malicious unauthenticated user to store or execute malicious JavaScript payload. The security risk posed by this issue is minimized when the management interface and access to the User-ID™ Authentication Portal is restricted to only trusted internal IP addresses according to our recommended best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 . This issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series). Cloud NGFW is not affected by this vulnerability.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    References
    Impacted products
    Vendor Product Version
    Palo Alto Networks Cloud NGFW Unaffected: All (custom)
    Create a notification for this product.
    Palo Alto Networks PAN-OS Affected: 12.1.0 , < 12.1.8 (custom)
    Affected: 11.2.0 , < 11.2.13 (custom)
    Affected: 11.1.0 , < 11.1.16 (custom)
    Affected: 10.2.0 , < 10.2.18-h8 (custom)
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.7:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h16:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.15:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.14:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.17:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.15:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.14:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h37:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h36:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h31:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h30:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h27:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h26:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h23:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Palo Alto Networks Prisma Access Affected: 12.1.0 , < 12.1.8 (custom)
    Affected: 11.2.0 (custom)
    Affected: 10.2.0 (custom)
    Create a notification for this product.
    Date Public
    2026-07-08 16:00
    Credits
    our internal security research teams
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-0279",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-09T19:23:35.978278Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-09T19:23:42.200Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Cloud NGFW",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "All",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.7:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h16:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.15:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.14:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.17:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.15:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.14:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h37:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h36:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h31:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h30:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h27:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h26:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h23:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "affected",
              "product": "PAN-OS",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "12.1.8",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "12.1.8",
                  "status": "affected",
                  "version": "12.1.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "11.2.13",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "11.2.13",
                  "status": "affected",
                  "version": "11.2.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "11.1.16",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "11.1.16",
                  "status": "affected",
                  "version": "11.1.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "10.2.18-h8",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.16-h9",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.13-h23",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.10-h39",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.7-h36",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "10.2.18-h8",
                  "status": "affected",
                  "version": "10.2.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "Prisma Access",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "12.1.8",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "12.1.8",
                  "status": "affected",
                  "version": "12.1.0",
                  "versionType": "custom"
                },
                {
                  "status": "affected",
                  "version": "11.2.0",
                  "versionType": "custom"
                },
                {
                  "status": "affected",
                  "version": "10.2.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "configurations": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "No special configuration is required to be affected by this issue."
                }
              ],
              "value": "No special configuration is required to be affected by this issue."
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "12.1.8",
                      "versionStartIncluding": "12.1.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.13",
                      "versionStartIncluding": "11.2.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.16",
                      "versionStartIncluding": "11.1.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionStartIncluding": "10.2.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:prisma_access:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "12.1.8",
                      "versionStartIncluding": "12.1.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:prisma_access:*:*:*:*:*:*:*:*",
                      "versionStartIncluding": "11.2.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:prisma_access:*:*:*:*:*:*:*:*",
                      "versionStartIncluding": "10.2.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "our internal security research teams"
            }
          ],
          "datePublic": "2026-07-08T16:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Multiple cross site scripting vulnerabilities in the User-ID\u2122 Authentication Portal (aka Captive Portal) service, GlobalProtect\u2122 gateway/portal features and Clientless VPN of Palo Alto Networks PAN-OS\u00ae software enables a malicious unauthenticated user to store or execute malicious JavaScript payload.\u003cbr\u003e\u003cp\u003e\u003cspan\u003eThe security risk posed by this issue is minimized when the management interface and access to the User-ID\u2122 Authentication Portal is restricted to only trusted internal IP addresses according to our recommended\u003c/span\u003e \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431\"\u003e\u003cspan\u003ebest practice deployment guidelines\u003c/span\u003e\u003c/a\u003e\u003cspan\u003e.\u003cbr\u003e\u003cbr\u003e\u003c/span\u003e\u003cspan\u003eThis issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series).\u003c/span\u003e\u003cb\u003e\u003cspan\u003e\u003cbr\u003e\u003c/span\u003e\u003cspan\u003e\u003cbr\u003e\u003c/span\u003e\u003c/b\u003e\u003cspan\u003eCloud NGFW is not affected by this vulnerability.\u003c/span\u003e\u003cbr\u003e\u003c/p\u003e"
                }
              ],
              "value": "Multiple cross site scripting vulnerabilities in the User-ID\u2122 Authentication Portal (aka Captive Portal) service, GlobalProtect\u2122 gateway/portal features and Clientless VPN of Palo Alto Networks PAN-OS\u00ae software enables a malicious unauthenticated user to store or execute malicious JavaScript payload.\n\n\nThe security risk posed by this issue is minimized when the management interface and access to the User-ID\u2122 Authentication Portal is restricted to only trusted internal IP addresses according to our recommended  best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 .\n\nThis issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series).\n\nCloud NGFW is not affected by this vulnerability."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
                }
              ],
              "value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-63",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-63 Cross-Site Scripting (XSS)"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NO",
                "Recovery": "USER",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 1.3,
                "baseSeverity": "LOW",
                "exploitMaturity": "UNREPORTED",
                "privilegesRequired": "NONE",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "PASSIVE",
                "valueDensity": "DIFFUSE",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "LOW",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "MODERATE"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "The risk is highest when you allow access to the management interface from external IP addresses on the internet."
                }
              ]
            },
            {
              "cvssV4_0": {
                "Automatable": "NO",
                "Recovery": "USER",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "ADJACENT",
                "baseScore": 1.2,
                "baseSeverity": "LOW",
                "exploitMaturity": "UNREPORTED",
                "privilegesRequired": "NONE",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "PASSIVE",
                "valueDensity": "DIFFUSE",
                "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "LOW",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "MODERATE"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "You can reduce the risk of exploitation by restricting access to a jump box that is the only system allowed to access the management interface."
                }
              ]
            },
            {
              "cvssV4_0": {
                "Automatable": "NO",
                "Recovery": "USER",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "ADJACENT",
                "baseScore": 0.4,
                "baseSeverity": "LOW",
                "exploitMaturity": "UNREPORTED",
                "privilegesRequired": "LOW",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "PASSIVE",
                "valueDensity": "DIFFUSE",
                "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "LOW",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "MODERATE"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "The risk of exploitation is lower for Prisma Access as it requires an authenticated user and the external network access to the management interface is restricted."
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-09T19:08:41.656Z",
            "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
            "shortName": "palo_alto"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://security.paloaltonetworks.com/CVE-2026-0279"
            }
          ],
          "solutions": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003ctable\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eVersion\u003cbr\u003e\u003c/th\u003e\u003cth\u003eMinor Version\u003cbr\u003e\u003c/th\u003e\u003cth\u003eSuggested Solution\u003cbr\u003e\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003eCloud NGFW\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 12.1\u003c/td\u003e\u003ctd\u003e12.1.2 through 12.1.7-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 12.1.8\u0026nbsp; or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 11.2\u003c/td\u003e\u003ctd\u003e11.2.0 through 11.2.12\u003c/td\u003e\u003ctd\u003eUpgrade to 11.2.13 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 11.1\u003c/td\u003e\u003ctd\u003e11.1.0 through 11.1.15-h*\u003cbr\u003e\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.16\u0026nbsp; or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 10.2\u003c/td\u003e\u003ctd\u003e10.2.0 through 10.2*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.16, 11.2.13, 12.1.8  or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eAll older\u003cbr\u003eunsupported\u003cbr\u003ePAN-OS versions\u003c/td\u003e\u003ctd\u003e\u0026nbsp;\u003c/td\u003e\u003ctd\u003eUpgrade to a supported fixed version.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u0026nbsp;Prisma Access 12.1\u003c/td\u003e\u003ctd\u003e12.1.2 through 12.1.7-h*\u003c/td\u003e\u003ctd\u003e\u0026nbsp;Upgrade to 12.1.8  or later.*\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePrisma Access 11.2\u003c/td\u003e\u003ctd\u003e11.2.0 through 11.2*\u003c/td\u003e\u003ctd\u003eUpgrade to 12.1.8 or later.*\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePrisma Access 10.2\u003c/td\u003e\u003ctd\u003e10.2.0 through 10.2*\u003c/td\u003e\u003ctd\u003eUpgrade to 12.1.8 or later.*\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003cbr\u003e* See the note under Product Status for information regarding Prisma Access upgrades."
                }
              ],
              "value": "Version\nMinor Version\nSuggested Solution\nCloud NGFW\nNo action needed.PAN-OS 12.112.1.2 through 12.1.7-h*Upgrade to 12.1.8\u00a0 or later.PAN-OS 11.211.2.0 through 11.2.12Upgrade to 11.2.13 or later.PAN-OS 11.111.1.0 through 11.1.15-h*\nUpgrade to 11.1.16\u00a0 or later.PAN-OS 10.210.2.0 through 10.2*Upgrade to 11.1.16, 11.2.13, 12.1.8  or later.All older\nunsupported\nPAN-OS versions\u00a0Upgrade to a supported fixed version.\u00a0Prisma Access 12.112.1.2 through 12.1.7-h*\u00a0Upgrade to 12.1.8  or later.*Prisma Access 11.211.2.0 through 11.2*Upgrade to 12.1.8 or later.*Prisma Access 10.210.2.0 through 10.2*Upgrade to 12.1.8 or later.*\n* See the note under Product Status for information regarding Prisma Access upgrades."
            }
          ],
          "source": {
            "discovery": "INTERNAL"
          },
          "timeline": [
            {
              "lang": "en",
              "time": "2026-07-08T20:30:00.000Z",
              "value": "Updated the Unaffected version for Prisma Access."
            },
            {
              "lang": "en",
              "time": "2026-07-08T16:00:00.000Z",
              "value": "Initial publication"
            }
          ],
          "title": "PAN-OS: Multiple Cross-Site Scripting (XSS) Vulnerabilities",
          "workarounds": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eThe vast majority of firewalls already follow Palo Alto Networks\u0027 and industry best practices. However, if you have not already, we strongly recommend that you secure access to your management interface according to our \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431\"\u003ebest practice deployment guidelines\u003c/a\u003e.\u0026nbsp;Specifically, you should restrict management interface access to only trusted internal IP addresses.\u003c/p\u003e\u003cp\u003eReview information about how to secure management access to your Palo Alto Networks firewalls:\u003c/p\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431\"\u003e\u003c/a\u003e\u003cul\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431\"\u003e\u003c/a\u003e\u003cli\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431\"\u003e\u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431\"\u003ePalo Alto Networks LIVEcommunity article\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices\"\u003ePalo Alto Networks official and detailed technical documentation\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e"
                }
              ],
              "value": "The vast majority of firewalls already follow Palo Alto Networks\u0027 and industry best practices. However, if you have not already, we strongly recommend that you secure access to your management interface according to our  best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 .\u00a0Specifically, you should restrict management interface access to only trusted internal IP addresses.\n\n\n\nReview information about how to secure management access to your Palo Alto Networks firewalls:\n\n  https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431   https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431   *    https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431  Palo Alto Networks LIVEcommunity article https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 \n  *   Palo Alto Networks official and detailed technical documentation https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices"
            }
          ],
          "x_affectedList": [
            "PAN-OS 12.1.7",
            "PAN-OS 12.1.6",
            "PAN-OS 12.1.5",
            "PAN-OS 12.1.4-h6",
            "PAN-OS 12.1.4-h5",
            "PAN-OS 12.1.4-h3",
            "PAN-OS 12.1.4-h2",
            "PAN-OS 12.1.4",
            "PAN-OS 12.1.3-h3",
            "PAN-OS 12.1.3-h1",
            "PAN-OS 12.1.3",
            "PAN-OS 12.1.2",
            "PAN-OS 11.2.12",
            "PAN-OS 11.2.11",
            "PAN-OS 11.2.10-h8",
            "PAN-OS 11.2.10-h7",
            "PAN-OS 11.2.10-h6",
            "PAN-OS 11.2.10-h5",
            "PAN-OS 11.2.10-h4",
            "PAN-OS 11.2.10-h3",
            "PAN-OS 11.2.10-h2",
            "PAN-OS 11.2.10-h1",
            "PAN-OS 11.2.10",
            "PAN-OS 11.2.9",
            "PAN-OS 11.2.8",
            "PAN-OS 11.2.7-h15",
            "PAN-OS 11.2.7-h14",
            "PAN-OS 11.2.7-h13",
            "PAN-OS 11.2.7-h12",
            "PAN-OS 11.2.7-h11",
            "PAN-OS 11.2.7-h10",
            "PAN-OS 11.2.7-h8",
            "PAN-OS 11.2.7-h7",
            "PAN-OS 11.2.7-h4",
            "PAN-OS 11.2.7-h3",
            "PAN-OS 11.2.7-h2",
            "PAN-OS 11.2.7-h1",
            "PAN-OS 11.2.7",
            "PAN-OS 11.2.6",
            "PAN-OS 11.2.5",
            "PAN-OS 11.2.4-h17",
            "PAN-OS 11.2.4-h15",
            "PAN-OS 11.2.4-h14",
            "PAN-OS 11.2.4-h12",
            "PAN-OS 11.2.4-h11",
            "PAN-OS 11.2.4-h10",
            "PAN-OS 11.2.4-h9",
            "PAN-OS 11.2.4-h8",
            "PAN-OS 11.2.4-h7",
            "PAN-OS 11.2.4-h6",
            "PAN-OS 11.2.4-h5",
            "PAN-OS 11.2.4-h4",
            "PAN-OS 11.2.4-h3",
            "PAN-OS 11.2.4-h2",
            "PAN-OS 11.2.4-h1",
            "PAN-OS 11.2.4",
            "PAN-OS 11.2.3-h5",
            "PAN-OS 11.2.3-h4",
            "PAN-OS 11.2.3-h3",
            "PAN-OS 11.2.3-h2",
            "PAN-OS 11.2.3-h1",
            "PAN-OS 11.2.3",
            "PAN-OS 11.2.2-h2",
            "PAN-OS 11.2.2-h1",
            "PAN-OS 11.2.1-h1",
            "PAN-OS 11.2.1",
            "PAN-OS 11.2.0-h1",
            "PAN-OS 11.2.0",
            "PAN-OS 11.1.15",
            "PAN-OS 11.1.14",
            "PAN-OS 11.1.13-h6",
            "PAN-OS 11.1.13-h5",
            "PAN-OS 11.1.13-h3",
            "PAN-OS 11.1.13-h2",
            "PAN-OS 11.1.13-h1",
            "PAN-OS 11.1.13",
            "PAN-OS 11.1.12",
            "PAN-OS 11.1.11",
            "PAN-OS 11.1.10-h26",
            "PAN-OS 11.1.10-h25",
            "PAN-OS 11.1.10-h21",
            "PAN-OS 11.1.10-h12",
            "PAN-OS 11.1.10-h10",
            "PAN-OS 11.1.10-h9",
            "PAN-OS 11.1.10-h7",
            "PAN-OS 11.1.10-h5",
            "PAN-OS 11.1.10-h4",
            "PAN-OS 11.1.10-h1",
            "PAN-OS 11.1.10",
            "PAN-OS 11.1.9",
            "PAN-OS 11.1.8",
            "PAN-OS 11.1.6-h32",
            "PAN-OS 11.1.6-h29",
            "PAN-OS 11.1.6-h25",
            "PAN-OS 11.1.6-h23",
            "PAN-OS 11.1.6-h22",
            "PAN-OS 11.1.6-h21",
            "PAN-OS 11.1.6-h20",
            "PAN-OS 11.1.6-h19",
            "PAN-OS 11.1.6-h18",
            "PAN-OS 11.1.6-h17",
            "PAN-OS 11.1.6-h14",
            "PAN-OS 11.1.6-h10",
            "PAN-OS 11.1.6-h7",
            "PAN-OS 11.1.6-h6",
            "PAN-OS 11.1.6-h4",
            "PAN-OS 11.1.6-h3",
            "PAN-OS 11.1.6-h2",
            "PAN-OS 11.1.6-h1",
            "PAN-OS 11.1.6",
            "PAN-OS 11.1.5-h1",
            "PAN-OS 11.1.5",
            "PAN-OS 11.1.4-h33",
            "PAN-OS 11.1.4-h32",
            "PAN-OS 11.1.4-h27",
            "PAN-OS 11.1.4-h25",
            "PAN-OS 11.1.4-h18",
            "PAN-OS 11.1.4-h17",
            "PAN-OS 11.1.4-h15",
            "PAN-OS 11.1.4-h13",
            "PAN-OS 11.1.4-h12",
            "PAN-OS 11.1.4-h11",
            "PAN-OS 11.1.4-h10",
            "PAN-OS 11.1.4-h9",
            "PAN-OS 11.1.4-h8",
            "PAN-OS 11.1.4-h7",
            "PAN-OS 11.1.4-h6",
            "PAN-OS 11.1.4-h5",
            "PAN-OS 11.1.4-h4",
            "PAN-OS 11.1.4-h3",
            "PAN-OS 11.1.4-h2",
            "PAN-OS 11.1.4-h1",
            "PAN-OS 11.1.4",
            "PAN-OS 11.1.3-h13",
            "PAN-OS 11.1.3-h12",
            "PAN-OS 11.1.3-h11",
            "PAN-OS 11.1.3-h10",
            "PAN-OS 11.1.3-h9",
            "PAN-OS 11.1.3-h8",
            "PAN-OS 11.1.3-h7",
            "PAN-OS 11.1.3-h6",
            "PAN-OS 11.1.3-h5",
            "PAN-OS 11.1.3-h4",
            "PAN-OS 11.1.3-h3",
            "PAN-OS 11.1.3-h2",
            "PAN-OS 11.1.3-h1",
            "PAN-OS 11.1.3",
            "PAN-OS 11.1.2-h18",
            "PAN-OS 11.1.2-h17",
            "PAN-OS 11.1.2-h16",
            "PAN-OS 11.1.2-h15",
            "PAN-OS 11.1.2-h14",
            "PAN-OS 11.1.2-h13",
            "PAN-OS 11.1.2-h12",
            "PAN-OS 11.1.2-h11",
            "PAN-OS 11.1.2-h10",
            "PAN-OS 11.1.2-h9",
            "PAN-OS 11.1.2-h8",
            "PAN-OS 11.1.2-h7",
            "PAN-OS 11.1.2-h6",
            "PAN-OS 11.1.2-h5",
            "PAN-OS 11.1.2-h4",
            "PAN-OS 11.1.2-h3",
            "PAN-OS 11.1.2-h2",
            "PAN-OS 11.1.2-h1",
            "PAN-OS 11.1.2",
            "PAN-OS 11.1.1-h2",
            "PAN-OS 11.1.1-h1",
            "PAN-OS 11.1.1",
            "PAN-OS 11.1.0-h4",
            "PAN-OS 11.1.0-h3",
            "PAN-OS 11.1.0-h2",
            "PAN-OS 11.1.0-h1",
            "PAN-OS 11.1.0",
            "PAN-OS 10.2.18-h6",
            "PAN-OS 10.2.18-h5",
            "PAN-OS 10.2.18-h1",
            "PAN-OS 10.2.18",
            "PAN-OS 10.2.17",
            "PAN-OS 10.2.16-h7",
            "PAN-OS 10.2.16-h6",
            "PAN-OS 10.2.16-h4",
            "PAN-OS 10.2.16-h1",
            "PAN-OS 10.2.16",
            "PAN-OS 10.2.15",
            "PAN-OS 10.2.14-h1",
            "PAN-OS 10.2.14",
            "PAN-OS 10.2.13-h21",
            "PAN-OS 10.2.13-h18",
            "PAN-OS 10.2.13-h16",
            "PAN-OS 10.2.13-h15",
            "PAN-OS 10.2.13-h10",
            "PAN-OS 10.2.13-h7",
            "PAN-OS 10.2.13-h5",
            "PAN-OS 10.2.13-h4",
            "PAN-OS 10.2.13-h3",
            "PAN-OS 10.2.13-h2",
            "PAN-OS 10.2.13-h1",
            "PAN-OS 10.2.13",
            "PAN-OS 10.2.12-h6",
            "PAN-OS 10.2.12-h5",
            "PAN-OS 10.2.12-h4",
            "PAN-OS 10.2.12-h3",
            "PAN-OS 10.2.12-h2",
            "PAN-OS 10.2.12-h1",
            "PAN-OS 10.2.12",
            "PAN-OS 10.2.11-h13",
            "PAN-OS 10.2.11-h12",
            "PAN-OS 10.2.11-h11",
            "PAN-OS 10.2.11-h10",
            "PAN-OS 10.2.11-h9",
            "PAN-OS 10.2.11-h8",
            "PAN-OS 10.2.11-h7",
            "PAN-OS 10.2.11-h6",
            "PAN-OS 10.2.11-h5",
            "PAN-OS 10.2.11-h4",
            "PAN-OS 10.2.11-h3",
            "PAN-OS 10.2.11-h2",
            "PAN-OS 10.2.11-h1",
            "PAN-OS 10.2.11",
            "PAN-OS 10.2.10-h36",
            "PAN-OS 10.2.10-h31",
            "PAN-OS 10.2.10-h30",
            "PAN-OS 10.2.10-h27",
            "PAN-OS 10.2.10-h26",
            "PAN-OS 10.2.10-h23",
            "PAN-OS 10.2.10-h21",
            "PAN-OS 10.2.10-h18",
            "PAN-OS 10.2.10-h17",
            "PAN-OS 10.2.10-h14",
            "PAN-OS 10.2.10-h13",
            "PAN-OS 10.2.10-h12",
            "PAN-OS 10.2.10-h11",
            "PAN-OS 10.2.10-h10",
            "PAN-OS 10.2.10-h9",
            "PAN-OS 10.2.10-h8",
            "PAN-OS 10.2.10-h7",
            "PAN-OS 10.2.10-h6",
            "PAN-OS 10.2.10-h5",
            "PAN-OS 10.2.10-h4",
            "PAN-OS 10.2.10-h3",
            "PAN-OS 10.2.10-h2",
            "PAN-OS 10.2.10-h1",
            "PAN-OS 10.2.10",
            "PAN-OS 10.2.9-h21",
            "PAN-OS 10.2.9-h20",
            "PAN-OS 10.2.9-h19",
            "PAN-OS 10.2.9-h18",
            "PAN-OS 10.2.9-h17",
            "PAN-OS 10.2.9-h16",
            "PAN-OS 10.2.9-h15",
            "PAN-OS 10.2.9-h14",
            "PAN-OS 10.2.9-h13",
            "PAN-OS 10.2.9-h12",
            "PAN-OS 10.2.9-h11",
            "PAN-OS 10.2.9-h10",
            "PAN-OS 10.2.9-h9",
            "PAN-OS 10.2.9-h8",
            "PAN-OS 10.2.9-h7",
            "PAN-OS 10.2.9-h6",
            "PAN-OS 10.2.9-h5",
            "PAN-OS 10.2.9-h4",
            "PAN-OS 10.2.9-h3",
            "PAN-OS 10.2.9-h2",
            "PAN-OS 10.2.9-h1",
            "PAN-OS 10.2.9",
            "PAN-OS 10.2.8-h21",
            "PAN-OS 10.2.8-h20",
            "PAN-OS 10.2.8-h19",
            "PAN-OS 10.2.8-h18",
            "PAN-OS 10.2.8-h17",
            "PAN-OS 10.2.8-h16",
            "PAN-OS 10.2.8-h15",
            "PAN-OS 10.2.8-h14",
            "PAN-OS 10.2.8-h13",
            "PAN-OS 10.2.8-h12",
            "PAN-OS 10.2.8-h11",
            "PAN-OS 10.2.8-h10",
            "PAN-OS 10.2.8-h9",
            "PAN-OS 10.2.8-h8",
            "PAN-OS 10.2.8-h7",
            "PAN-OS 10.2.8-h6",
            "PAN-OS 10.2.8-h5",
            "PAN-OS 10.2.8-h4",
            "PAN-OS 10.2.8-h3",
            "PAN-OS 10.2.8-h2",
            "PAN-OS 10.2.8-h1",
            "PAN-OS 10.2.8",
            "PAN-OS 10.2.7-h34",
            "PAN-OS 10.2.7-h32",
            "PAN-OS 10.2.7-h24",
            "PAN-OS 10.2.7-h23",
            "PAN-OS 10.2.7-h22",
            "PAN-OS 10.2.7-h21",
            "PAN-OS 10.2.7-h20",
            "PAN-OS 10.2.7-h19",
            "PAN-OS 10.2.7-h18",
            "PAN-OS 10.2.7-h17",
            "PAN-OS 10.2.7-h16",
            "PAN-OS 10.2.7-h15",
            "PAN-OS 10.2.7-h14",
            "PAN-OS 10.2.7-h13",
            "PAN-OS 10.2.7-h12",
            "PAN-OS 10.2.7-h11",
            "PAN-OS 10.2.7-h10",
            "PAN-OS 10.2.7-h9",
            "PAN-OS 10.2.7-h8",
            "PAN-OS 10.2.7-h7",
            "PAN-OS 10.2.7-h6",
            "PAN-OS 10.2.7-h5",
            "PAN-OS 10.2.7-h4",
            "PAN-OS 10.2.7-h3",
            "PAN-OS 10.2.7-h2",
            "PAN-OS 10.2.7-h1",
            "PAN-OS 10.2.7",
            "PAN-OS 10.2.6-h6",
            "PAN-OS 10.2.6-h5",
            "PAN-OS 10.2.6-h4",
            "PAN-OS 10.2.6-h3",
            "PAN-OS 10.2.6-h2",
            "PAN-OS 10.2.6-h1",
            "PAN-OS 10.2.6",
            "PAN-OS 10.2.5-h9",
            "PAN-OS 10.2.5-h8",
            "PAN-OS 10.2.5-h7",
            "PAN-OS 10.2.5-h6",
            "PAN-OS 10.2.5-h5",
            "PAN-OS 10.2.5-h4",
            "PAN-OS 10.2.5-h3",
            "PAN-OS 10.2.5-h2",
            "PAN-OS 10.2.5-h1",
            "PAN-OS 10.2.5",
            "PAN-OS 10.2.4-h32",
            "PAN-OS 10.2.4-h31",
            "PAN-OS 10.2.4-h30",
            "PAN-OS 10.2.4-h29",
            "PAN-OS 10.2.4-h28",
            "PAN-OS 10.2.4-h27",
            "PAN-OS 10.2.4-h26",
            "PAN-OS 10.2.4-h25",
            "PAN-OS 10.2.4-h24",
            "PAN-OS 10.2.4-h23",
            "PAN-OS 10.2.4-h22",
            "PAN-OS 10.2.4-h21",
            "PAN-OS 10.2.4-h20",
            "PAN-OS 10.2.4-h19",
            "PAN-OS 10.2.4-h18",
            "PAN-OS 10.2.4-h17",
            "PAN-OS 10.2.4-h16",
            "PAN-OS 10.2.4-h15",
            "PAN-OS 10.2.4-h14",
            "PAN-OS 10.2.4-h13",
            "PAN-OS 10.2.4-h12",
            "PAN-OS 10.2.4-h11",
            "PAN-OS 10.2.4-h10",
            "PAN-OS 10.2.4-h9",
            "PAN-OS 10.2.4-h8",
            "PAN-OS 10.2.4-h7",
            "PAN-OS 10.2.4-h6",
            "PAN-OS 10.2.4-h5",
            "PAN-OS 10.2.4-h4",
            "PAN-OS 10.2.4-h3",
            "PAN-OS 10.2.4-h2",
            "PAN-OS 10.2.4-h1",
            "PAN-OS 10.2.4",
            "PAN-OS 10.2.3-h14",
            "PAN-OS 10.2.3-h13",
            "PAN-OS 10.2.3-h12",
            "PAN-OS 10.2.3-h11",
            "PAN-OS 10.2.3-h10",
            "PAN-OS 10.2.3-h9",
            "PAN-OS 10.2.3-h8",
            "PAN-OS 10.2.3-h7",
            "PAN-OS 10.2.3-h6",
            "PAN-OS 10.2.3-h5",
            "PAN-OS 10.2.3-h4",
            "PAN-OS 10.2.3-h3",
            "PAN-OS 10.2.3-h2",
            "PAN-OS 10.2.3-h1",
            "PAN-OS 10.2.3",
            "PAN-OS 10.2.2-h6",
            "PAN-OS 10.2.2-h5",
            "PAN-OS 10.2.2-h4",
            "PAN-OS 10.2.2-h3",
            "PAN-OS 10.2.2-h2",
            "PAN-OS 10.2.2-h1",
            "PAN-OS 10.2.2",
            "PAN-OS 10.2.1-h3",
            "PAN-OS 10.2.1-h2",
            "PAN-OS 10.2.1-h1",
            "PAN-OS 10.2.1",
            "PAN-OS 10.2.0-h4",
            "PAN-OS 10.2.0-h3",
            "PAN-OS 10.2.0-h2",
            "PAN-OS 10.2.0-h1",
            "PAN-OS 10.2.0"
          ],
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "assignerShortName": "palo_alto",
        "cveId": "CVE-2026-0279",
        "datePublished": "2026-07-09T19:08:41.656Z",
        "dateReserved": "2025-11-03T20:44:38.280Z",
        "dateUpdated": "2026-07-09T19:23:42.200Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-0288 (GCVE-0-2026-0288)

    Vulnerability from nvd – Published: 2026-07-08 20:14 – Updated: 2026-07-09 18:48
    VLAI
    Title
    PAN-OS: Buffer Overflow Vulnerabilities in User-ID Terminal Server Agent
    Summary
    Multiple buffer overflow vulnerabilities in the User-ID Terminal Server Agent (TSA) component of Palo Alto Networks PAN-OS software allow an unauthenticated attacker with network access to cause a denial of service (DoS) condition or potentially execute arbitrary code by sending specially crafted network traffic. The security risk posed by this issue is minimized when the User-ID Terminal Server Agent connectivity is restricted to only trusted internal IP addresses according to our recommended best practice deployment guidelines https://docs.paloaltonetworks.com/ngfw/help/10-2/user-identification/device-user-identification-terminal-services-agents#:~:text=To%20minimize%20security%20risk%2C%20restrict%20TS%20Agent%20connectivity%20to%20trusted%20internal%20IP%20addresses%20only. . Panorama is not impacted by this vulnerability.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Palo Alto Networks Cloud NGFW Unaffected: All (custom)
    Create a notification for this product.
    Palo Alto Networks PAN-OS Affected: 12.1.0 , < 12.1.8 (custom)
    Affected: 11.2.0 , < 11.2.13 (custom)
    Affected: 11.1.0 , < 11.1.16 (custom)
    Affected: 10.2.0 , < 10.2.7-h36 (custom)
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.7:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.7:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h16:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.15:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.14:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h28:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h27:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h26:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h25:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h34:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h33:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h32:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h29:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h25:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h23:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h22:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h20:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h19:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h34:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h33:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h32:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h27:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h25:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.17:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.15:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.14:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h22:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h16:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h37:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h36:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h31:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h30:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h27:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h26:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h23:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h35:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h34:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h32:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h24:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h23:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h22:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h20:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h19:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h16:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Palo Alto Networks Prisma Access Affected: 11.2.0 , < 11.2.7-h18 (custom)
    Affected: 10.2.0 , < 10.2.10-h39 (custom)
    Create a notification for this product.
    Date Public
    2026-07-08 16:00
    Credits
    Liang Zhu
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-0288",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-09T03:55:51.922548Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-09T13:54:42.864Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "platforms": [
                "AWS",
                "Azure"
              ],
              "product": "Cloud NGFW",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "All",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.7:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.7:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h16:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.15:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.14:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h28:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h27:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h26:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h25:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h34:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h33:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h32:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h29:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h25:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h23:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h22:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h20:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h19:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h34:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h33:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h32:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h27:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h25:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.17:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.15:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.14:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h22:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h16:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h37:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h36:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h31:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h30:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h27:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h26:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h23:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h35:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h34:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h32:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h24:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h23:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h22:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h20:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h19:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h16:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "PAN-OS",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "12.1.8",
                      "status": "unaffected"
                    },
                    {
                      "at": "12.1.7-h2",
                      "status": "unaffected"
                    },
                    {
                      "at": "12.1.4-h8",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "12.1.8",
                  "status": "affected",
                  "version": "12.1.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "11.2.13",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.2.10-h12",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.2.7-h18",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.2.4-h20",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "11.2.13",
                  "status": "affected",
                  "version": "11.2.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "11.1.16",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.13-h9",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.10-h30",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.7-h8",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.6-h35",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.4-h35",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "11.1.16",
                  "status": "affected",
                  "version": "11.1.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "10.2.18-h8",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.16-h9",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.13-h23",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.10-h39",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.7-h36",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "10.2.7-h36",
                  "status": "affected",
                  "version": "10.2.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Prisma Access",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "11.2.7-h18",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "11.2.7-h18",
                  "status": "affected",
                  "version": "11.2.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "10.2.10-h39",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "10.2.10-h39",
                  "status": "affected",
                  "version": "10.2.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "configurations": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003e\u003cspan\u003eThis issue only affects PAN-OS devices with at least one Terminal Server Agent (TSA) entry configured\u003c/span\u003e\u003cb\u003e\u003cspan\u003e\u003cbr\u003e\u003c/span\u003e\u003cspan\u003e\u003cbr\u003e\u003c/span\u003e\u003c/b\u003e\u003cspan\u003eTo check if a PAN-OS device has a Terminal Server Agent configured, navigate to:\u003c/span\u003e\u003cb\u003e\u003cspan\u003e\u003cbr\u003e\u003c/span\u003e\u003cspan\u003e\u003cbr\u003e\u003c/span\u003e\u003c/b\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/ngfw/help/12-1/user-identification/device-user-identification-terminal-services-agents\"\u003e\u003cspan\u003eDevice \u0026gt; User Identification \u0026gt; Terminal Server Agents\u003c/span\u003e\u003c/a\u003e\u003cbr\u003e\u003c/p\u003e"
                }
              ],
              "value": "This issue only affects PAN-OS devices with at least one Terminal Server Agent (TSA) entry configured\n\nTo check if a PAN-OS device has a Terminal Server Agent configured, navigate to:\n\n Device \u003e User Identification \u003e Terminal Server Agents https://docs.paloaltonetworks.com/ngfw/help/12-1/user-identification/device-user-identification-terminal-services-agents"
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "12.1.8",
                      "versionStartIncluding": "12.1.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "12.1.7-h2",
                      "versionStartIncluding": "12.1.7",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "12.1.4-h8",
                      "versionStartIncluding": "12.1.4",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.13",
                      "versionStartIncluding": "11.2.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.10-h12",
                      "versionStartIncluding": "11.2.10",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.7-h18",
                      "versionStartIncluding": "11.2.7",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.4-h20",
                      "versionStartIncluding": "11.2.4",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.16",
                      "versionStartIncluding": "11.1.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.13-h9",
                      "versionStartIncluding": "11.1.13",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.10-h30",
                      "versionStartIncluding": "11.1.10",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.7-h8",
                      "versionStartIncluding": "11.1.7",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.6-h35",
                      "versionStartIncluding": "11.1.6",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.4-h35",
                      "versionStartIncluding": "11.1.4",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.18-h8",
                      "versionStartIncluding": "10.2.18",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.16-h9",
                      "versionStartIncluding": "10.2.16",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.13-h23",
                      "versionStartIncluding": "10.2.13",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.10-h39",
                      "versionStartIncluding": "10.2.10",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.7-h36",
                      "versionStartIncluding": "10.2.7",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:prisma_access:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.7-h18",
                      "versionStartIncluding": "11.2.7",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:prisma_access:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.10-h39",
                      "versionStartIncluding": "10.2.10",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Liang Zhu"
            }
          ],
          "datePublic": "2026-07-08T16:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eMultiple buffer overflow vulnerabilities in the User-ID Terminal Server Agent (TSA) component of Palo Alto Networks PAN-OS software allow an unauthenticated attacker with network access to cause a denial of service (DoS) condition or potentially execute arbitrary code by sending specially crafted network traffic.\u003cb\u003e\u003cbr\u003e\u003cbr\u003e\u003c/b\u003eThe security risk posed by this issue is minimized when the User-ID Terminal Server Agent connectivity is restricted to only trusted internal IP addresses according to our recommended\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/ngfw/help/10-2/user-identification/device-user-identification-terminal-services-agents#:~:text=To%20minimize%20security%20risk%2C%20restrict%20TS%20Agent%20connectivity%20to%20trusted%20internal%20IP%20addresses%20only.\"\u003e best practice deployment guidelines\u003c/a\u003e.\u003cb\u003e\u003cbr\u003e\u003cbr\u003e\u003c/b\u003e\u003cspan\u003ePanorama is not impacted by this vulnerability.\u003c/span\u003e\u003cbr\u003e\u003c/p\u003e"
                }
              ],
              "value": "Multiple buffer overflow vulnerabilities in the User-ID Terminal Server Agent (TSA) component of Palo Alto Networks PAN-OS software allow an unauthenticated attacker with network access to cause a denial of service (DoS) condition or potentially execute arbitrary code by sending specially crafted network traffic.\n\nThe security risk posed by this issue is minimized when the User-ID Terminal Server Agent connectivity is restricted to only trusted internal IP addresses according to our recommended  best practice deployment guidelines https://docs.paloaltonetworks.com/ngfw/help/10-2/user-identification/device-user-identification-terminal-services-agents#:~:text=To%20minimize%20security%20risk%2C%20restrict%20TS%20Agent%20connectivity%20to%20trusted%20internal%20IP%20addresses%20only. .\n\nPanorama is not impacted by this vulnerability."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
                }
              ],
              "value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-100",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-100 Overflow Buffers"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NO",
                "Recovery": "USER",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "NETWORK",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "exploitMaturity": "UNREPORTED",
                "privilegesRequired": "NONE",
                "providerUrgency": "RED",
                "subAvailabilityImpact": "LOW",
                "subConfidentialityImpact": "LOW",
                "subIntegrityImpact": "LOW",
                "userInteraction": "NONE",
                "valueDensity": "DIFFUSE",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/E:U/AU:N/R:U/V:D/RE:M/U:Red",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "MODERATE"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "The risk is highest when you configure the User-ID Terminal Server Agent (TSA) IP and port access from the Internet or any untrusted network."
                }
              ]
            },
            {
              "cvssV4_0": {
                "Automatable": "NO",
                "Recovery": "USER",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "ADJACENT",
                "baseScore": 5.2,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "UNREPORTED",
                "privilegesRequired": "NONE",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "LOW",
                "subConfidentialityImpact": "LOW",
                "subIntegrityImpact": "LOW",
                "userInteraction": "NONE",
                "valueDensity": "DIFFUSE",
                "vectorString": "CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/E:U/AU:N/R:U/V:D/RE:M/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "MODERATE"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "You can reduce the risk of exploitation by restricting User-ID Terminal Server Agent (TSA) IP and port access to only trusted internal IP addresses and preventing its exposure to the internet."
                }
              ]
            },
            {
              "cvssV4_0": {
                "Automatable": "NO",
                "Recovery": "USER",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "ADJACENT",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "UNREPORTED",
                "privilegesRequired": "LOW",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "LOW",
                "subConfidentialityImpact": "LOW",
                "subIntegrityImpact": "LOW",
                "userInteraction": "NONE",
                "valueDensity": "DIFFUSE",
                "vectorString": "CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/E:U/AU:N/R:U/V:D/RE:M/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "MODERATE"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "The risk of exploitation is lower for Prisma Access as it requires an authenticated user and the external network access to the User-ID Terminal Server Agent (TSA) IP and port is restricted."
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787 Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-09T18:48:32.880Z",
            "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
            "shortName": "palo_alto"
          },
          "references": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2026-PAN-323400",
              "url": "https://security.paloaltonetworks.com/"
            }
          ],
          "solutions": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003ctable\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eVersion\u003cbr\u003e\u003c/th\u003e\u003cth\u003eMinor Version\u003cbr\u003e\u003c/th\u003e\u003cth\u003eSuggested Solution\u003cbr\u003e\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003eCloud NGFW\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePAN-OS 12.1\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e12.1.5 through 12.1.7-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 12.1.7-h2 or 12.1.8 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e12.1.2 through 12.1.4-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 12.1.4-h8 or 12.1.8 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePAN-OS 11.2\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.2.0 through 11.2.12\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.2.13 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.2.0 through 11.2.10-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.2.10-h12 or 11.2.13 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.2.0 through 11.2.7-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.2.7-h18 or 11.2.13 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.2.0 through 11.2.4-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.2.4-h20 or 11.2.13 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePAN-OS 11.1\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.0 through 11.1.15\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.16 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.0 through 11.1.13-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.13-h9 or 11.1.16 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.0 through 11.1.10-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.10-h30 or 11.1.16 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.0 through 11.1.7-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.7-h8 or 11.1.16 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.0 through 11.1.6-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.6-h35 or 11.1.16 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.0 through 11.1.4-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.4-h35 or 11.1.16 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePAN-OS 10.2\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e10.2.0 through 10.2.18-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 10.2.18-h8 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u0026nbsp;\u003c/td\u003e\u003ctd\u003e10.2.0 through 10.2.16-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.16-h9 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e10.2.0 through 10.2.13-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 10.2.13-h23 or later.\u003cbr\u003e\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e10.2.0 through 10.2.10-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 10.2.10-h39 or later.\u003cbr\u003e\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e10.2.0 through 10.2.7-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 10.2.7-h36 or later.\u003cbr\u003e\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eAll older\u003cbr\u003eunsupported\u003cbr\u003ePAN-OS versions\u003c/td\u003e\u003ctd\u003e\u0026nbsp;\u003c/td\u003e\u003ctd\u003eUpgrade to a supported fixed version.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePrisma Access 11.2\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.2.0 through 11.2.7\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.2.7-h18 or later.*\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePrisma Access 10.2\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e10.2.0 through 10.2.10\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 10.2.10-h39 or later.*\u003cbr\u003e\u003c/td\u003e\n                            \u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003cbr\u003e* See the note under Product Status for information regarding Prisma Access upgrades."
                }
              ],
              "value": "Version\nMinor Version\nSuggested Solution\nCloud NGFWNo action needed.\n                                PAN-OS 12.1\n\n                                12.1.5 through 12.1.7-h*\n                                Upgrade to 12.1.7-h2 or 12.1.8 or later.\n                            \n                                \n                                12.1.2 through 12.1.4-h*\n                                Upgrade to 12.1.4-h8 or 12.1.8 or later.\n                            \n                                PAN-OS 11.2\n\n                                11.2.0 through 11.2.12\n                                Upgrade to 11.2.13 or later.\n                            \n                                \n                                11.2.0 through 11.2.10-h*\n                                Upgrade to 11.2.10-h12 or 11.2.13 or later.\n                            \n                                \n                                11.2.0 through 11.2.7-h*\n                                Upgrade to 11.2.7-h18 or 11.2.13 or later.\n                            \n                                \n                                11.2.0 through 11.2.4-h*\n                                Upgrade to 11.2.4-h20 or 11.2.13 or later.\n                            \n                                PAN-OS 11.1\n\n                                11.1.0 through 11.1.15\n                                Upgrade to 11.1.16 or later.\n                            \n                                \n                                11.1.0 through 11.1.13-h*\n                                Upgrade to 11.1.13-h9 or 11.1.16 or later.\n                            \n                                \n                                11.1.0 through 11.1.10-h*\n                                Upgrade to 11.1.10-h30 or 11.1.16 or later.\n                            \n                                \n                                11.1.0 through 11.1.7-h*\n                                Upgrade to 11.1.7-h8 or 11.1.16 or later.\n                            \n                                \n                                11.1.0 through 11.1.6-h*\n                                Upgrade to 11.1.6-h35 or 11.1.16 or later.\n                            \n                                \n                                11.1.0 through 11.1.4-h*\n                                Upgrade to 11.1.4-h35 or 11.1.16 or later.\n                            \n                                PAN-OS 10.2\n\n                                10.2.0 through 10.2.18-h*\n                                Upgrade to 10.2.18-h8 or later.\n                            \u00a010.2.0 through 10.2.16-h*Upgrade to 10.2.16-h9 or later.\n                                \n                                10.2.0 through 10.2.13-h*\n                                Upgrade to 10.2.13-h23 or later.\n\n                            \n                                \n                                10.2.0 through 10.2.10-h*\n                                Upgrade to 10.2.10-h39 or later.\n\n                            \n                                \n                                10.2.0 through 10.2.7-h*\n                                Upgrade to 10.2.7-h36 or later.\n\n                            All older\nunsupported\nPAN-OS versions\u00a0Upgrade to a supported fixed version.\n                                Prisma Access 11.2\n\n                                11.2.0 through 11.2.7\n                                Upgrade to 11.2.7-h18 or later.*\n                            \n                                Prisma Access 10.2\n\n                                10.2.0 through 10.2.10\n                                Upgrade to 10.2.10-h39 or later.*\n\n                            \n* See the note under Product Status for information regarding Prisma Access upgrades."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "timeline": [
            {
              "lang": "en",
              "time": "2026-07-08T16:00:00.000Z",
              "value": "Initial publication"
            }
          ],
          "title": "PAN-OS: Buffer Overflow Vulnerabilities in User-ID Terminal Server Agent",
          "workarounds": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eThe vast majority of firewalls already follow Palo Alto Networks\u0027 and industry best practices. However, if you have not already, we strongly recommend that you restrict your User-ID Terminal Server Agent connectivity to only trusted internal IP addresses according to our\u0026nbsp;\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/ngfw/help/10-2/user-identification/device-user-identification-terminal-services-agents#:~:text=To%20minimize%20security%20risk%2C%20restrict%20TS%20Agent%20connectivity%20to%20trusted%20internal%20IP%20addresses%20only.\"\u003ebest practice deployment guidelines\u003c/a\u003e\u003cbr\u003e\u003c/p\u003e"
                }
              ],
              "value": "The vast majority of firewalls already follow Palo Alto Networks\u0027 and industry best practices. However, if you have not already, we strongly recommend that you restrict your User-ID Terminal Server Agent connectivity to only trusted internal IP addresses according to our\u00a0 best practice deployment guidelines https://docs.paloaltonetworks.com/ngfw/help/10-2/user-identification/device-user-identification-terminal-services-agents#:~:text=To%20minimize%20security%20risk%2C%20restrict%20TS%20Agent%20connectivity%20to%20trusted%20internal%20IP%20addresses%20only."
            }
          ],
          "x_affectedList": [
            "PAN-OS 12.1.7",
            "PAN-OS 12.1.6",
            "PAN-OS 12.1.5",
            "PAN-OS 12.1.4-h6",
            "PAN-OS 12.1.4-h5",
            "PAN-OS 12.1.4-h3",
            "PAN-OS 12.1.4-h2",
            "PAN-OS 12.1.4",
            "PAN-OS 12.1.3-h3",
            "PAN-OS 12.1.3-h1",
            "PAN-OS 12.1.3",
            "PAN-OS 12.1.2",
            "PAN-OS 11.2.12",
            "PAN-OS 11.2.11",
            "PAN-OS 11.2.10-h8",
            "PAN-OS 11.2.10-h7",
            "PAN-OS 11.2.10-h6",
            "PAN-OS 11.2.10-h5",
            "PAN-OS 11.2.10-h4",
            "PAN-OS 11.2.10-h3",
            "PAN-OS 11.2.10-h2",
            "PAN-OS 11.2.10-h1",
            "PAN-OS 11.2.10",
            "PAN-OS 11.2.9",
            "PAN-OS 11.2.8",
            "PAN-OS 11.2.7-h15",
            "PAN-OS 11.2.7-h14",
            "PAN-OS 11.2.7-h13",
            "PAN-OS 11.2.7-h12",
            "PAN-OS 11.2.7-h11",
            "PAN-OS 11.2.7-h10",
            "PAN-OS 11.2.7-h8",
            "PAN-OS 11.2.7-h7",
            "PAN-OS 11.2.7-h4",
            "PAN-OS 11.2.7-h3",
            "PAN-OS 11.2.7-h2",
            "PAN-OS 11.2.7-h1",
            "PAN-OS 11.2.7",
            "PAN-OS 11.2.6",
            "PAN-OS 11.2.5",
            "PAN-OS 11.2.4-h17",
            "PAN-OS 11.2.4-h15",
            "PAN-OS 11.2.4-h14",
            "PAN-OS 11.2.4-h12",
            "PAN-OS 11.2.4-h11",
            "PAN-OS 11.2.4-h10",
            "PAN-OS 11.2.4-h9",
            "PAN-OS 11.2.4-h8",
            "PAN-OS 11.2.4-h7",
            "PAN-OS 11.2.4-h6",
            "PAN-OS 11.2.4-h5",
            "PAN-OS 11.2.4-h4",
            "PAN-OS 11.2.4-h3",
            "PAN-OS 11.2.4-h2",
            "PAN-OS 11.2.4-h1",
            "PAN-OS 11.2.4",
            "PAN-OS 11.2.3-h5",
            "PAN-OS 11.2.3-h4",
            "PAN-OS 11.2.3-h3",
            "PAN-OS 11.2.3-h2",
            "PAN-OS 11.2.3-h1",
            "PAN-OS 11.2.3",
            "PAN-OS 11.2.2-h2",
            "PAN-OS 11.2.2-h1",
            "PAN-OS 11.2.1-h1",
            "PAN-OS 11.2.1",
            "PAN-OS 11.2.0-h1",
            "PAN-OS 11.2.0",
            "PAN-OS 11.1.15",
            "PAN-OS 11.1.14",
            "PAN-OS 11.1.13-h6",
            "PAN-OS 11.1.13-h5",
            "PAN-OS 11.1.13-h3",
            "PAN-OS 11.1.13-h2",
            "PAN-OS 11.1.13-h1",
            "PAN-OS 11.1.13",
            "PAN-OS 11.1.12",
            "PAN-OS 11.1.11",
            "PAN-OS 11.1.10-h26",
            "PAN-OS 11.1.10-h25",
            "PAN-OS 11.1.10-h21",
            "PAN-OS 11.1.10-h12",
            "PAN-OS 11.1.10-h10",
            "PAN-OS 11.1.10-h9",
            "PAN-OS 11.1.10-h7",
            "PAN-OS 11.1.10-h5",
            "PAN-OS 11.1.10-h4",
            "PAN-OS 11.1.10-h1",
            "PAN-OS 11.1.10",
            "PAN-OS 11.1.9",
            "PAN-OS 11.1.8",
            "PAN-OS 11.1.6-h32",
            "PAN-OS 11.1.6-h29",
            "PAN-OS 11.1.6-h25",
            "PAN-OS 11.1.6-h23",
            "PAN-OS 11.1.6-h22",
            "PAN-OS 11.1.6-h21",
            "PAN-OS 11.1.6-h20",
            "PAN-OS 11.1.6-h19",
            "PAN-OS 11.1.6-h18",
            "PAN-OS 11.1.6-h17",
            "PAN-OS 11.1.6-h14",
            "PAN-OS 11.1.6-h10",
            "PAN-OS 11.1.6-h7",
            "PAN-OS 11.1.6-h6",
            "PAN-OS 11.1.6-h4",
            "PAN-OS 11.1.6-h3",
            "PAN-OS 11.1.6-h2",
            "PAN-OS 11.1.6-h1",
            "PAN-OS 11.1.6",
            "PAN-OS 11.1.5-h1",
            "PAN-OS 11.1.5",
            "PAN-OS 11.1.4-h33",
            "PAN-OS 11.1.4-h32",
            "PAN-OS 11.1.4-h27",
            "PAN-OS 11.1.4-h25",
            "PAN-OS 11.1.4-h18",
            "PAN-OS 11.1.4-h17",
            "PAN-OS 11.1.4-h15",
            "PAN-OS 11.1.4-h13",
            "PAN-OS 11.1.4-h12",
            "PAN-OS 11.1.4-h11",
            "PAN-OS 11.1.4-h10",
            "PAN-OS 11.1.4-h9",
            "PAN-OS 11.1.4-h8",
            "PAN-OS 11.1.4-h7",
            "PAN-OS 11.1.4-h6",
            "PAN-OS 11.1.4-h5",
            "PAN-OS 11.1.4-h4",
            "PAN-OS 11.1.4-h3",
            "PAN-OS 11.1.4-h2",
            "PAN-OS 11.1.4-h1",
            "PAN-OS 11.1.4",
            "PAN-OS 11.1.3-h13",
            "PAN-OS 11.1.3-h12",
            "PAN-OS 11.1.3-h11",
            "PAN-OS 11.1.3-h10",
            "PAN-OS 11.1.3-h9",
            "PAN-OS 11.1.3-h8",
            "PAN-OS 11.1.3-h7",
            "PAN-OS 11.1.3-h6",
            "PAN-OS 11.1.3-h5",
            "PAN-OS 11.1.3-h4",
            "PAN-OS 11.1.3-h3",
            "PAN-OS 11.1.3-h2",
            "PAN-OS 11.1.3-h1",
            "PAN-OS 11.1.3",
            "PAN-OS 11.1.2-h18",
            "PAN-OS 11.1.2-h17",
            "PAN-OS 11.1.2-h16",
            "PAN-OS 11.1.2-h15",
            "PAN-OS 11.1.2-h14",
            "PAN-OS 11.1.2-h13",
            "PAN-OS 11.1.2-h12",
            "PAN-OS 11.1.2-h11",
            "PAN-OS 11.1.2-h10",
            "PAN-OS 11.1.2-h9",
            "PAN-OS 11.1.2-h8",
            "PAN-OS 11.1.2-h7",
            "PAN-OS 11.1.2-h6",
            "PAN-OS 11.1.2-h5",
            "PAN-OS 11.1.2-h4",
            "PAN-OS 11.1.2-h3",
            "PAN-OS 11.1.2-h2",
            "PAN-OS 11.1.2-h1",
            "PAN-OS 11.1.2",
            "PAN-OS 11.1.1-h2",
            "PAN-OS 11.1.1-h1",
            "PAN-OS 11.1.1",
            "PAN-OS 11.1.0-h4",
            "PAN-OS 11.1.0-h3",
            "PAN-OS 11.1.0-h2",
            "PAN-OS 11.1.0-h1",
            "PAN-OS 11.1.0",
            "PAN-OS 10.2.18-h6",
            "PAN-OS 10.2.18-h5",
            "PAN-OS 10.2.18-h1",
            "PAN-OS 10.2.18",
            "PAN-OS 10.2.17",
            "PAN-OS 10.2.16-h7",
            "PAN-OS 10.2.16-h6",
            "PAN-OS 10.2.16-h4",
            "PAN-OS 10.2.16-h1",
            "PAN-OS 10.2.16",
            "PAN-OS 10.2.15",
            "PAN-OS 10.2.14-h1",
            "PAN-OS 10.2.14",
            "PAN-OS 10.2.13-h21",
            "PAN-OS 10.2.13-h18",
            "PAN-OS 10.2.13-h16",
            "PAN-OS 10.2.13-h15",
            "PAN-OS 10.2.13-h10",
            "PAN-OS 10.2.13-h7",
            "PAN-OS 10.2.13-h5",
            "PAN-OS 10.2.13-h4",
            "PAN-OS 10.2.13-h3",
            "PAN-OS 10.2.13-h2",
            "PAN-OS 10.2.13-h1",
            "PAN-OS 10.2.13",
            "PAN-OS 10.2.12-h6",
            "PAN-OS 10.2.12-h5",
            "PAN-OS 10.2.12-h4",
            "PAN-OS 10.2.12-h3",
            "PAN-OS 10.2.12-h2",
            "PAN-OS 10.2.12-h1",
            "PAN-OS 10.2.12",
            "PAN-OS 10.2.11-h13",
            "PAN-OS 10.2.11-h12",
            "PAN-OS 10.2.11-h11",
            "PAN-OS 10.2.11-h10",
            "PAN-OS 10.2.11-h9",
            "PAN-OS 10.2.11-h8",
            "PAN-OS 10.2.11-h7",
            "PAN-OS 10.2.11-h6",
            "PAN-OS 10.2.11-h5",
            "PAN-OS 10.2.11-h4",
            "PAN-OS 10.2.11-h3",
            "PAN-OS 10.2.11-h2",
            "PAN-OS 10.2.11-h1",
            "PAN-OS 10.2.11",
            "PAN-OS 10.2.10-h36",
            "PAN-OS 10.2.10-h31",
            "PAN-OS 10.2.10-h30",
            "PAN-OS 10.2.10-h27",
            "PAN-OS 10.2.10-h26",
            "PAN-OS 10.2.10-h23",
            "PAN-OS 10.2.10-h21",
            "PAN-OS 10.2.10-h18",
            "PAN-OS 10.2.10-h17",
            "PAN-OS 10.2.10-h14",
            "PAN-OS 10.2.10-h13",
            "PAN-OS 10.2.10-h12",
            "PAN-OS 10.2.10-h11",
            "PAN-OS 10.2.10-h10",
            "PAN-OS 10.2.10-h9",
            "PAN-OS 10.2.10-h8",
            "PAN-OS 10.2.10-h7",
            "PAN-OS 10.2.10-h6",
            "PAN-OS 10.2.10-h5",
            "PAN-OS 10.2.10-h4",
            "PAN-OS 10.2.10-h3",
            "PAN-OS 10.2.10-h2",
            "PAN-OS 10.2.10-h1",
            "PAN-OS 10.2.10",
            "PAN-OS 10.2.9-h21",
            "PAN-OS 10.2.9-h20",
            "PAN-OS 10.2.9-h19",
            "PAN-OS 10.2.9-h18",
            "PAN-OS 10.2.9-h17",
            "PAN-OS 10.2.9-h16",
            "PAN-OS 10.2.9-h15",
            "PAN-OS 10.2.9-h14",
            "PAN-OS 10.2.9-h13",
            "PAN-OS 10.2.9-h12",
            "PAN-OS 10.2.9-h11",
            "PAN-OS 10.2.9-h10",
            "PAN-OS 10.2.9-h9",
            "PAN-OS 10.2.9-h8",
            "PAN-OS 10.2.9-h7",
            "PAN-OS 10.2.9-h6",
            "PAN-OS 10.2.9-h5",
            "PAN-OS 10.2.9-h4",
            "PAN-OS 10.2.9-h3",
            "PAN-OS 10.2.9-h2",
            "PAN-OS 10.2.9-h1",
            "PAN-OS 10.2.9",
            "PAN-OS 10.2.8-h21",
            "PAN-OS 10.2.8-h20",
            "PAN-OS 10.2.8-h19",
            "PAN-OS 10.2.8-h18",
            "PAN-OS 10.2.8-h17",
            "PAN-OS 10.2.8-h16",
            "PAN-OS 10.2.8-h15",
            "PAN-OS 10.2.8-h14",
            "PAN-OS 10.2.8-h13",
            "PAN-OS 10.2.8-h12",
            "PAN-OS 10.2.8-h11",
            "PAN-OS 10.2.8-h10",
            "PAN-OS 10.2.8-h9",
            "PAN-OS 10.2.8-h8",
            "PAN-OS 10.2.8-h7",
            "PAN-OS 10.2.8-h6",
            "PAN-OS 10.2.8-h5",
            "PAN-OS 10.2.8-h4",
            "PAN-OS 10.2.8-h3",
            "PAN-OS 10.2.8-h2",
            "PAN-OS 10.2.8-h1",
            "PAN-OS 10.2.8",
            "PAN-OS 10.2.7-h34",
            "PAN-OS 10.2.7-h32",
            "PAN-OS 10.2.7-h24",
            "PAN-OS 10.2.7-h23",
            "PAN-OS 10.2.7-h22",
            "PAN-OS 10.2.7-h21",
            "PAN-OS 10.2.7-h20",
            "PAN-OS 10.2.7-h19",
            "PAN-OS 10.2.7-h18",
            "PAN-OS 10.2.7-h17",
            "PAN-OS 10.2.7-h16",
            "PAN-OS 10.2.7-h15",
            "PAN-OS 10.2.7-h14",
            "PAN-OS 10.2.7-h13",
            "PAN-OS 10.2.7-h12",
            "PAN-OS 10.2.7-h11",
            "PAN-OS 10.2.7-h10",
            "PAN-OS 10.2.7-h9",
            "PAN-OS 10.2.7-h8",
            "PAN-OS 10.2.7-h7",
            "PAN-OS 10.2.7-h6",
            "PAN-OS 10.2.7-h5",
            "PAN-OS 10.2.7-h4",
            "PAN-OS 10.2.7-h3",
            "PAN-OS 10.2.7-h2",
            "PAN-OS 10.2.7-h1",
            "PAN-OS 10.2.7",
            "PAN-OS 10.2.6-h6",
            "PAN-OS 10.2.6-h5",
            "PAN-OS 10.2.6-h4",
            "PAN-OS 10.2.6-h3",
            "PAN-OS 10.2.6-h2",
            "PAN-OS 10.2.6-h1",
            "PAN-OS 10.2.6",
            "PAN-OS 10.2.5-h9",
            "PAN-OS 10.2.5-h8",
            "PAN-OS 10.2.5-h7",
            "PAN-OS 10.2.5-h6",
            "PAN-OS 10.2.5-h5",
            "PAN-OS 10.2.5-h4",
            "PAN-OS 10.2.5-h3",
            "PAN-OS 10.2.5-h2",
            "PAN-OS 10.2.5-h1",
            "PAN-OS 10.2.5",
            "PAN-OS 10.2.4-h32",
            "PAN-OS 10.2.4-h31",
            "PAN-OS 10.2.4-h30",
            "PAN-OS 10.2.4-h29",
            "PAN-OS 10.2.4-h28",
            "PAN-OS 10.2.4-h27",
            "PAN-OS 10.2.4-h26",
            "PAN-OS 10.2.4-h25",
            "PAN-OS 10.2.4-h24",
            "PAN-OS 10.2.4-h23",
            "PAN-OS 10.2.4-h22",
            "PAN-OS 10.2.4-h21",
            "PAN-OS 10.2.4-h20",
            "PAN-OS 10.2.4-h19",
            "PAN-OS 10.2.4-h18",
            "PAN-OS 10.2.4-h17",
            "PAN-OS 10.2.4-h16",
            "PAN-OS 10.2.4-h15",
            "PAN-OS 10.2.4-h14",
            "PAN-OS 10.2.4-h13",
            "PAN-OS 10.2.4-h12",
            "PAN-OS 10.2.4-h11",
            "PAN-OS 10.2.4-h10",
            "PAN-OS 10.2.4-h9",
            "PAN-OS 10.2.4-h8",
            "PAN-OS 10.2.4-h7",
            "PAN-OS 10.2.4-h6",
            "PAN-OS 10.2.4-h5",
            "PAN-OS 10.2.4-h4",
            "PAN-OS 10.2.4-h3",
            "PAN-OS 10.2.4-h2",
            "PAN-OS 10.2.4-h1",
            "PAN-OS 10.2.4",
            "PAN-OS 10.2.3-h14",
            "PAN-OS 10.2.3-h13",
            "PAN-OS 10.2.3-h12",
            "PAN-OS 10.2.3-h11",
            "PAN-OS 10.2.3-h10",
            "PAN-OS 10.2.3-h9",
            "PAN-OS 10.2.3-h8",
            "PAN-OS 10.2.3-h7",
            "PAN-OS 10.2.3-h6",
            "PAN-OS 10.2.3-h5",
            "PAN-OS 10.2.3-h4",
            "PAN-OS 10.2.3-h3",
            "PAN-OS 10.2.3-h2",
            "PAN-OS 10.2.3-h1",
            "PAN-OS 10.2.3",
            "PAN-OS 10.2.2-h6",
            "PAN-OS 10.2.2-h5",
            "PAN-OS 10.2.2-h4",
            "PAN-OS 10.2.2-h3",
            "PAN-OS 10.2.2-h2",
            "PAN-OS 10.2.2-h1",
            "PAN-OS 10.2.2",
            "PAN-OS 10.2.1-h3",
            "PAN-OS 10.2.1-h2",
            "PAN-OS 10.2.1-h1",
            "PAN-OS 10.2.1",
            "PAN-OS 10.2.0-h4",
            "PAN-OS 10.2.0-h3",
            "PAN-OS 10.2.0-h2",
            "PAN-OS 10.2.0-h1",
            "PAN-OS 10.2.0"
          ],
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "assignerShortName": "palo_alto",
        "cveId": "CVE-2026-0288",
        "datePublished": "2026-07-08T20:14:32.405Z",
        "dateReserved": "2025-11-03T20:44:46.432Z",
        "dateUpdated": "2026-07-09T18:48:32.880Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-0273 (GCVE-0-2026-0273)

    Vulnerability from nvd – Published: 2026-06-10 21:01 – Updated: 2026-06-11 10:17
    VLAI
    Title
    PAN-OS: Authenticated Admin Command Injection Vulnerability via CLI or Web UI
    Summary
    A command injection vulnerability in Palo Alto Networks PAN-OS® software enables an authenticated administrator to bypass system restrictions and run arbitrary commands as a root user. To be able to exploit this issue, the user must have access to the PAN-OS CLI or Web UI. The security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of administrators and by restricting access to the management web interface to only trusted internal IP addresses according to our recommended best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 . This issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series). Cloud NGFW and Prisma® Access are not affected by this vulnerability.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    References
    Impacted products
    Vendor Product Version
    Palo Alto Networks Cloud NGFW Unaffected: All (custom)
    Create a notification for this product.
    Palo Alto Networks PAN-OS Affected: 12.1.0 , < 12.1.4-h7 (custom)
    Affected: 11.2.0 , < 11.2.4-h18 (custom)
    Affected: 11.1.0 , < 11.1.4-h34 (custom)
    Affected: 10.2.0 , < 10.2.7-h35 (custom)
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.14:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h26:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h25:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h32:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h29:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h25:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h23:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h22:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h20:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h19:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h33:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h32:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h27:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h25:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.17:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.15:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.14:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h16:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h36:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h31:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h30:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h27:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h26:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h23:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h34:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h32:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h24:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h23:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h22:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h20:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h19:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h16:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Palo Alto Networks Prisma Access Unaffected: All (custom)
    Create a notification for this product.
    Date Public
    2026-06-10 16:00
    Credits
    Visa Inc. (external reporter), Rotem Bar (internal reporter), and Deep Product Security Research Team (internal reporter)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-0273",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-11T03:55:36.838015Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-11T10:17:28.325Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Cloud NGFW",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "All",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.14:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h26:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h25:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h32:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h29:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h25:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h23:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h22:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h20:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h19:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h33:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h32:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h27:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h25:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.17:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.15:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.14:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h16:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h36:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h31:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h30:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h27:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h26:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h23:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h34:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h32:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h24:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h23:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h22:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h20:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h19:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h16:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "PAN-OS",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "12.1.4-h7",
                      "status": "unaffected"
                    },
                    {
                      "at": "12.1.7",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "12.1.4-h7",
                  "status": "affected",
                  "version": "12.1.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "11.2.4-h18",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.2.7-h16",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.2.10-h9",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.2.12",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "11.2.4-h18",
                  "status": "affected",
                  "version": "11.2.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "11.1.4-h34",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.6-h33",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.7-h7",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.10-h27",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.13-h7",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.15",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "11.1.4-h34",
                  "status": "affected",
                  "version": "11.1.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "10.2.7-h35",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.10-h37",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.13-h22",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.16-h8",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.18-h7",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "10.2.7-h35",
                  "status": "affected",
                  "version": "10.2.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Prisma Access",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "All",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "configurations": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "No special configuration is required to be affected by this issue."
                }
              ],
              "value": "No special configuration is required to be affected by this issue."
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "12.1.4-h7",
                      "versionStartIncluding": "12.1.4",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "12.1.7",
                      "versionStartIncluding": "12.1.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.4-h18",
                      "versionStartIncluding": "11.2.4",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.7-h16",
                      "versionStartIncluding": "11.2.7",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.10-h9",
                      "versionStartIncluding": "11.2.10",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.12",
                      "versionStartIncluding": "11.2.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.4-h34",
                      "versionStartIncluding": "11.1.4",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.6-h33",
                      "versionStartIncluding": "11.1.6",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.7-h7",
                      "versionStartIncluding": "11.1.7",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.10-h27",
                      "versionStartIncluding": "11.1.10",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.13-h7",
                      "versionStartIncluding": "11.1.13",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.15",
                      "versionStartIncluding": "11.1.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.7-h35",
                      "versionStartIncluding": "10.2.7",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.10-h37",
                      "versionStartIncluding": "10.2.10",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.13-h22",
                      "versionStartIncluding": "10.2.13",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.16-h8",
                      "versionStartIncluding": "10.2.16",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.18-h7",
                      "versionStartIncluding": "10.2.18",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Visa Inc. (external reporter), Rotem Bar (internal reporter), and Deep Product Security Research Team (internal reporter)"
            }
          ],
          "datePublic": "2026-06-10T16:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A command injection vulnerability in Palo Alto Networks PAN-OS\u00ae software enables an authenticated administrator to bypass system restrictions and run arbitrary commands as a root user. To be able to exploit this issue, the user must have access to the PAN-OS CLI or Web UI.\u003cbr\u003e\u003cbr\u003eThe security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of administrators and by restricting access to the management web interface to only trusted internal IP addresses according to our recommended \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431\"\u003ebest practice deployment guidelines\u003c/a\u003e.\u003cbr\u003e\u003cbr\u003eThis issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series).\u003cbr\u003e\u003cbr\u003eCloud NGFW and Prisma\u00ae Access are not affected by this vulnerability."
                }
              ],
              "value": "A command injection vulnerability in Palo Alto Networks PAN-OS\u00ae software enables an authenticated administrator to bypass system restrictions and run arbitrary commands as a root user. To be able to exploit this issue, the user must have access to the PAN-OS CLI or Web UI.\n\nThe security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of administrators and by restricting access to the management web interface to only trusted internal IP addresses according to our recommended  best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 .\n\nThis issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series).\n\nCloud NGFW and Prisma\u00ae Access are not affected by this vulnerability."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
                }
              ],
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-248",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-248 Command Injection"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NO",
                "Recovery": "USER",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 6.1,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "UNREPORTED",
                "privilegesRequired": "HIGH",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "DIFFUSE",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "MODERATE"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "The risk is highest when you allow access to the management interface from external IP addresses on the internet. Our recommendation is to remediate as soon as possible."
                }
              ]
            },
            {
              "cvssV4_0": {
                "Automatable": "NO",
                "Recovery": "USER",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 5.7,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "UNREPORTED",
                "privilegesRequired": "HIGH",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "DIFFUSE",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "MODERATE"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "You can reduce the risk of exploitation by restricting access to a jump box that is the only system allowed to access the management interface. This will ensure that attacks can succeed only if they obtain privileged access through those specified IP addresses."
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-10T21:01:45.198Z",
            "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
            "shortName": "palo_alto"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://security.paloaltonetworks.com/CVE-2026-0273"
            }
          ],
          "solutions": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003ctable class=\"tbl\"\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eVersion\u003c/th\u003e\u003cth\u003eMinor Version Range\u003c/th\u003e\u003cth\u003eSuggested Solution\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003eCloud NGFW\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 12.1\u003c/td\u003e\u003ctd\u003e12.1.5 through 12.1.6\u003cbr\u003e\u003c/td\u003e\u003ctd\u003eUpgrade to 12.1.7 or later.\u003cbr\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u0026nbsp;\u003c/td\u003e\u003ctd\u003e\u003cspan\u003e12.1.2 through 12.1.4-h*\u003c/span\u003e\u003c/td\u003e\u003ctd\u003e\u003cspan\u003eUpgrade to 12.1.4-h7 or 12.1.7 or later.\u003c/span\u003e\u003cbr\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cspan\u003ePAN-OS 11.2\u003c/span\u003e\u003c/td\u003e\u003ctd\u003e11.2.11 or later\u003c/td\u003e\u003ctd\u003eUpgrade to 11.2.12 or later.\u003cbr\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.2.8 through 11.2.10-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.2.10-h9 or 11.2.12 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.2.5 through 11.2.7-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.2.7-h16 or 11.2.12 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.2.0 through 11.2.4-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.2.4-h18 or 11.2.12 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cspan\u003ePAN-OS 11.1\u003c/span\u003e\u003c/td\u003e\u003ctd\u003e11.1.14 or later\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.15 or later.\u003cbr\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.1.11 through 11.1.13-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.13-h7 or 11.1.15 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u0026nbsp;\u003c/td\u003e\u003ctd\u003e11.1.8 through 11.1.10-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.10-h27 or 11.1.15 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.1.7 through 11.1.7-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.7-h7 or 11.1.15 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.1.5 through 11.1.6-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.6-h33 or 11.1.15 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.1.0 through 11.1.4-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.4-h34 or 11.1.15 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 10.2\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e10.2.17 or later\u003cbr\u003e\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.18-h7 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e10.2.14 through 10.2.16-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.16-h8 or 10.2.18-h7 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e10.2.11 through 10.2.13-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.13-h22 or 10.2.18-h7 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e10.2.8 through 10.2.10-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.10-h37 or 10.2.18-h7 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e10.2.0 through 10.2.7-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.7-h35 or 10.2.18-h7 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eAll other older\u003cbr\u003eunsupported\u003cbr\u003ePAN-OS versions\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eUpgrade to a supported fixed version.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePrisma Access\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e"
                }
              ],
              "value": "VERSION           MINOR VERSION RANGE          SUGGESTED SOLUTION\nCloud NGFW                                     No action needed.\nPAN-OS 12.1       12.1.5 through 12.1.6        Upgrade to 12.1.7 or later.\n\u00a0                 12.1.2 through 12.1.4-h*     Upgrade to 12.1.4-h7 or 12.1.7 or later.\nPAN-OS 11.2       11.2.11 or later             Upgrade to 11.2.12 or later.\n                  11.2.8 through 11.2.10-h*    Upgrade to 11.2.10-h9 or 11.2.12 or later.\n                  11.2.5 through 11.2.7-h*     Upgrade to 11.2.7-h16 or 11.2.12 or later.\n                  11.2.0 through 11.2.4-h*     Upgrade to 11.2.4-h18 or 11.2.12 or later.\nPAN-OS 11.1       11.1.14 or later             Upgrade to 11.1.15 or later.\n                  11.1.11 through 11.1.13-h*   Upgrade to 11.1.13-h7 or 11.1.15 or later.\n\u00a0                 11.1.8 through 11.1.10-h*    Upgrade to 11.1.10-h27 or 11.1.15 or later.\n                  11.1.7 through 11.1.7-h*     Upgrade to 11.1.7-h7 or 11.1.15 or later.\n                  11.1.5 through 11.1.6-h*     Upgrade to 11.1.6-h33 or 11.1.15 or later.\n                  11.1.0 through 11.1.4-h*     Upgrade to 11.1.4-h34 or 11.1.15 or later.\nPAN-OS 10.2       10.2.17 or later             Upgrade to 10.2.18-h7 or later.\n                  10.2.14 through 10.2.16-h*   Upgrade to 10.2.16-h8 or 10.2.18-h7 or later.\n                  10.2.11 through 10.2.13-h*   Upgrade to 10.2.13-h22 or 10.2.18-h7 or later.\n                  10.2.8 through 10.2.10-h*    Upgrade to 10.2.10-h37 or 10.2.18-h7 or later.\n                  10.2.0 through 10.2.7-h*     Upgrade to 10.2.7-h35 or 10.2.18-h7 or later.\nAll other older                                Upgrade to a supported fixed version.\nunsupported\nPAN-OS versions\nPrisma Access                                  No action needed."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "timeline": [
            {
              "lang": "en",
              "time": "2026-06-10T16:00:00.000Z",
              "value": "Initial Publication"
            }
          ],
          "title": "PAN-OS: Authenticated Admin Command Injection Vulnerability via CLI or Web UI",
          "workarounds": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003e\u003cspan\u003eThe vast majority of firewalls already follow Palo Alto Networks\u0027 and industry best practices. However, if you have not done so already, we strongly recommend that you secure access to your management interface according to our \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/community-blogs/critical-recommendations-for-deployment-guides-how-to-secure-the/ba-p/464431\"\u003e\u003cspan\u003ebest practice deployment guidelines\u003c/span\u003e\u003c/a\u003e\u003cspan\u003e. Specifically, you should restrict management interface access to only trusted internal IP addresses.\u003c/span\u003e\u003cb\u003e\u003cspan\u003e\u003cbr\u003e\u003c/span\u003e\u003cspan\u003e\u003cbr\u003e\u003c/span\u003e\u003c/b\u003e\u003cspan\u003eReview information about how to secure management access to your Palo Alto Networks firewalls:\u003c/span\u003e\u003cb\u003e\u003cspan\u003e\u003cbr\u003e\u003c/span\u003e\u003cspan\u003e\u003cbr\u003e\u003c/span\u003e\u003c/b\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431\"\u003e\u003cspan\u003ePalo Alto Networks LIVEcommunity article\u003c/span\u003e\u003c/a\u003e\u003cb\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431\"\u003e\u003cspan\u003e\u003cbr\u003e\u003c/span\u003e\u003cspan\u003e\u003cbr\u003e\u003c/span\u003e\u003c/a\u003e\u003c/b\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices\"\u003e\u003cspan\u003ePalo Alto Networks official and detailed technical documentation\u003c/span\u003e\u003c/a\u003e\u003cbr\u003e\u003c/p\u003e"
                }
              ],
              "value": "The vast majority of firewalls already follow Palo Alto Networks\u0027 and industry best practices. However, if you have not done so already, we strongly recommend that you secure access to your management interface according to our best practice deployment guidelines (https://live.paloaltonetworks.com/t5/community-blogs/critical-recommendations-for-deployment-guides-how-to-secure-the/ba-p/464431). Specifically, you should restrict management interface access to only trusted internal IP addresses.\n\nReview information about how to secure management access to your Palo Alto Networks firewalls:\n\nPalo Alto Networks LIVEcommunity article (https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431)\n\nhttps://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431Palo Alto Networks official and detailed technical documentation (https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices)"
            }
          ],
          "x_affectedList": [
            "PAN-OS 12.1.6",
            "PAN-OS 12.1.5",
            "PAN-OS 12.1.4-h6",
            "PAN-OS 12.1.4-h5",
            "PAN-OS 12.1.4-h3",
            "PAN-OS 12.1.4-h2",
            "PAN-OS 12.1.4",
            "PAN-OS 12.1.3-h3",
            "PAN-OS 12.1.3-h1",
            "PAN-OS 12.1.3",
            "PAN-OS 12.1.2",
            "PAN-OS 11.2.11",
            "PAN-OS 11.2.10-h8",
            "PAN-OS 11.2.10-h7",
            "PAN-OS 11.2.10-h6",
            "PAN-OS 11.2.10-h5",
            "PAN-OS 11.2.10-h4",
            "PAN-OS 11.2.10-h3",
            "PAN-OS 11.2.10-h2",
            "PAN-OS 11.2.10-h1",
            "PAN-OS 11.2.10",
            "PAN-OS 11.2.9",
            "PAN-OS 11.2.8",
            "PAN-OS 11.2.7-h15",
            "PAN-OS 11.2.7-h14",
            "PAN-OS 11.2.7-h13",
            "PAN-OS 11.2.7-h12",
            "PAN-OS 11.2.7-h11",
            "PAN-OS 11.2.7-h10",
            "PAN-OS 11.2.7-h8",
            "PAN-OS 11.2.7-h7",
            "PAN-OS 11.2.7-h4",
            "PAN-OS 11.2.7-h3",
            "PAN-OS 11.2.7-h2",
            "PAN-OS 11.2.7-h1",
            "PAN-OS 11.2.7",
            "PAN-OS 11.2.6",
            "PAN-OS 11.2.5",
            "PAN-OS 11.2.4-h17",
            "PAN-OS 11.2.4-h15",
            "PAN-OS 11.2.4-h14",
            "PAN-OS 11.2.4-h12",
            "PAN-OS 11.2.4-h11",
            "PAN-OS 11.2.4-h10",
            "PAN-OS 11.2.4-h9",
            "PAN-OS 11.2.4-h8",
            "PAN-OS 11.2.4-h7",
            "PAN-OS 11.2.4-h6",
            "PAN-OS 11.2.4-h5",
            "PAN-OS 11.2.4-h4",
            "PAN-OS 11.2.4-h3",
            "PAN-OS 11.2.4-h2",
            "PAN-OS 11.2.4-h1",
            "PAN-OS 11.2.4",
            "PAN-OS 11.2.3-h5",
            "PAN-OS 11.2.3-h4",
            "PAN-OS 11.2.3-h3",
            "PAN-OS 11.2.3-h2",
            "PAN-OS 11.2.3-h1",
            "PAN-OS 11.2.3",
            "PAN-OS 11.2.2-h2",
            "PAN-OS 11.2.2-h1",
            "PAN-OS 11.2.1-h1",
            "PAN-OS 11.2.1",
            "PAN-OS 11.2.0-h1",
            "PAN-OS 11.2.0",
            "PAN-OS 11.1.14",
            "PAN-OS 11.1.13-h6",
            "PAN-OS 11.1.13-h5",
            "PAN-OS 11.1.13-h3",
            "PAN-OS 11.1.13-h2",
            "PAN-OS 11.1.13-h1",
            "PAN-OS 11.1.13",
            "PAN-OS 11.1.12",
            "PAN-OS 11.1.11",
            "PAN-OS 11.1.10-h26",
            "PAN-OS 11.1.10-h25",
            "PAN-OS 11.1.10-h21",
            "PAN-OS 11.1.10-h12",
            "PAN-OS 11.1.10-h10",
            "PAN-OS 11.1.10-h9",
            "PAN-OS 11.1.10-h7",
            "PAN-OS 11.1.10-h5",
            "PAN-OS 11.1.10-h4",
            "PAN-OS 11.1.10-h1",
            "PAN-OS 11.1.10",
            "PAN-OS 11.1.9",
            "PAN-OS 11.1.8",
            "PAN-OS 11.1.6-h32",
            "PAN-OS 11.1.6-h29",
            "PAN-OS 11.1.6-h25",
            "PAN-OS 11.1.6-h23",
            "PAN-OS 11.1.6-h22",
            "PAN-OS 11.1.6-h21",
            "PAN-OS 11.1.6-h20",
            "PAN-OS 11.1.6-h19",
            "PAN-OS 11.1.6-h18",
            "PAN-OS 11.1.6-h17",
            "PAN-OS 11.1.6-h14",
            "PAN-OS 11.1.6-h10",
            "PAN-OS 11.1.6-h7",
            "PAN-OS 11.1.6-h6",
            "PAN-OS 11.1.6-h4",
            "PAN-OS 11.1.6-h3",
            "PAN-OS 11.1.6-h2",
            "PAN-OS 11.1.6-h1",
            "PAN-OS 11.1.6",
            "PAN-OS 11.1.5-h1",
            "PAN-OS 11.1.5",
            "PAN-OS 11.1.4-h33",
            "PAN-OS 11.1.4-h32",
            "PAN-OS 11.1.4-h27",
            "PAN-OS 11.1.4-h25",
            "PAN-OS 11.1.4-h18",
            "PAN-OS 11.1.4-h17",
            "PAN-OS 11.1.4-h15",
            "PAN-OS 11.1.4-h13",
            "PAN-OS 11.1.4-h12",
            "PAN-OS 11.1.4-h11",
            "PAN-OS 11.1.4-h10",
            "PAN-OS 11.1.4-h9",
            "PAN-OS 11.1.4-h8",
            "PAN-OS 11.1.4-h7",
            "PAN-OS 11.1.4-h6",
            "PAN-OS 11.1.4-h5",
            "PAN-OS 11.1.4-h4",
            "PAN-OS 11.1.4-h3",
            "PAN-OS 11.1.4-h2",
            "PAN-OS 11.1.4-h1",
            "PAN-OS 11.1.4",
            "PAN-OS 11.1.3-h13",
            "PAN-OS 11.1.3-h12",
            "PAN-OS 11.1.3-h11",
            "PAN-OS 11.1.3-h10",
            "PAN-OS 11.1.3-h9",
            "PAN-OS 11.1.3-h8",
            "PAN-OS 11.1.3-h7",
            "PAN-OS 11.1.3-h6",
            "PAN-OS 11.1.3-h5",
            "PAN-OS 11.1.3-h4",
            "PAN-OS 11.1.3-h3",
            "PAN-OS 11.1.3-h2",
            "PAN-OS 11.1.3-h1",
            "PAN-OS 11.1.3",
            "PAN-OS 11.1.2-h18",
            "PAN-OS 11.1.2-h17",
            "PAN-OS 11.1.2-h16",
            "PAN-OS 11.1.2-h15",
            "PAN-OS 11.1.2-h14",
            "PAN-OS 11.1.2-h13",
            "PAN-OS 11.1.2-h12",
            "PAN-OS 11.1.2-h11",
            "PAN-OS 11.1.2-h10",
            "PAN-OS 11.1.2-h9",
            "PAN-OS 11.1.2-h8",
            "PAN-OS 11.1.2-h7",
            "PAN-OS 11.1.2-h6",
            "PAN-OS 11.1.2-h5",
            "PAN-OS 11.1.2-h4",
            "PAN-OS 11.1.2-h3",
            "PAN-OS 11.1.2-h2",
            "PAN-OS 11.1.2-h1",
            "PAN-OS 11.1.2",
            "PAN-OS 11.1.1-h2",
            "PAN-OS 11.1.1-h1",
            "PAN-OS 11.1.1",
            "PAN-OS 11.1.0-h4",
            "PAN-OS 11.1.0-h3",
            "PAN-OS 11.1.0-h2",
            "PAN-OS 11.1.0-h1",
            "PAN-OS 11.1.0",
            "PAN-OS 10.2.18-h6",
            "PAN-OS 10.2.18-h5",
            "PAN-OS 10.2.18-h1",
            "PAN-OS 10.2.18",
            "PAN-OS 10.2.17",
            "PAN-OS 10.2.16-h7",
            "PAN-OS 10.2.16-h6",
            "PAN-OS 10.2.16-h4",
            "PAN-OS 10.2.16-h1",
            "PAN-OS 10.2.16",
            "PAN-OS 10.2.15",
            "PAN-OS 10.2.14-h1",
            "PAN-OS 10.2.14",
            "PAN-OS 10.2.13-h21",
            "PAN-OS 10.2.13-h18",
            "PAN-OS 10.2.13-h16",
            "PAN-OS 10.2.13-h15",
            "PAN-OS 10.2.13-h10",
            "PAN-OS 10.2.13-h7",
            "PAN-OS 10.2.13-h5",
            "PAN-OS 10.2.13-h4",
            "PAN-OS 10.2.13-h3",
            "PAN-OS 10.2.13-h2",
            "PAN-OS 10.2.13-h1",
            "PAN-OS 10.2.13",
            "PAN-OS 10.2.12-h6",
            "PAN-OS 10.2.12-h5",
            "PAN-OS 10.2.12-h4",
            "PAN-OS 10.2.12-h3",
            "PAN-OS 10.2.12-h2",
            "PAN-OS 10.2.12-h1",
            "PAN-OS 10.2.12",
            "PAN-OS 10.2.11-h13",
            "PAN-OS 10.2.11-h12",
            "PAN-OS 10.2.11-h11",
            "PAN-OS 10.2.11-h10",
            "PAN-OS 10.2.11-h9",
            "PAN-OS 10.2.11-h8",
            "PAN-OS 10.2.11-h7",
            "PAN-OS 10.2.11-h6",
            "PAN-OS 10.2.11-h5",
            "PAN-OS 10.2.11-h4",
            "PAN-OS 10.2.11-h3",
            "PAN-OS 10.2.11-h2",
            "PAN-OS 10.2.11-h1",
            "PAN-OS 10.2.11",
            "PAN-OS 10.2.10-h36",
            "PAN-OS 10.2.10-h31",
            "PAN-OS 10.2.10-h30",
            "PAN-OS 10.2.10-h27",
            "PAN-OS 10.2.10-h26",
            "PAN-OS 10.2.10-h23",
            "PAN-OS 10.2.10-h21",
            "PAN-OS 10.2.10-h18",
            "PAN-OS 10.2.10-h17",
            "PAN-OS 10.2.10-h14",
            "PAN-OS 10.2.10-h13",
            "PAN-OS 10.2.10-h12",
            "PAN-OS 10.2.10-h11",
            "PAN-OS 10.2.10-h10",
            "PAN-OS 10.2.10-h9",
            "PAN-OS 10.2.10-h8",
            "PAN-OS 10.2.10-h7",
            "PAN-OS 10.2.10-h6",
            "PAN-OS 10.2.10-h5",
            "PAN-OS 10.2.10-h4",
            "PAN-OS 10.2.10-h3",
            "PAN-OS 10.2.10-h2",
            "PAN-OS 10.2.10-h1",
            "PAN-OS 10.2.10",
            "PAN-OS 10.2.9-h21",
            "PAN-OS 10.2.9-h20",
            "PAN-OS 10.2.9-h19",
            "PAN-OS 10.2.9-h18",
            "PAN-OS 10.2.9-h17",
            "PAN-OS 10.2.9-h16",
            "PAN-OS 10.2.9-h15",
            "PAN-OS 10.2.9-h14",
            "PAN-OS 10.2.9-h13",
            "PAN-OS 10.2.9-h12",
            "PAN-OS 10.2.9-h11",
            "PAN-OS 10.2.9-h10",
            "PAN-OS 10.2.9-h9",
            "PAN-OS 10.2.9-h8",
            "PAN-OS 10.2.9-h7",
            "PAN-OS 10.2.9-h6",
            "PAN-OS 10.2.9-h5",
            "PAN-OS 10.2.9-h4",
            "PAN-OS 10.2.9-h3",
            "PAN-OS 10.2.9-h2",
            "PAN-OS 10.2.9-h1",
            "PAN-OS 10.2.9",
            "PAN-OS 10.2.8-h21",
            "PAN-OS 10.2.8-h20",
            "PAN-OS 10.2.8-h19",
            "PAN-OS 10.2.8-h18",
            "PAN-OS 10.2.8-h17",
            "PAN-OS 10.2.8-h16",
            "PAN-OS 10.2.8-h15",
            "PAN-OS 10.2.8-h14",
            "PAN-OS 10.2.8-h13",
            "PAN-OS 10.2.8-h12",
            "PAN-OS 10.2.8-h11",
            "PAN-OS 10.2.8-h10",
            "PAN-OS 10.2.8-h9",
            "PAN-OS 10.2.8-h8",
            "PAN-OS 10.2.8-h7",
            "PAN-OS 10.2.8-h6",
            "PAN-OS 10.2.8-h5",
            "PAN-OS 10.2.8-h4",
            "PAN-OS 10.2.8-h3",
            "PAN-OS 10.2.8-h2",
            "PAN-OS 10.2.8-h1",
            "PAN-OS 10.2.8",
            "PAN-OS 10.2.7-h34",
            "PAN-OS 10.2.7-h32",
            "PAN-OS 10.2.7-h24",
            "PAN-OS 10.2.7-h23",
            "PAN-OS 10.2.7-h22",
            "PAN-OS 10.2.7-h21",
            "PAN-OS 10.2.7-h20",
            "PAN-OS 10.2.7-h19",
            "PAN-OS 10.2.7-h18",
            "PAN-OS 10.2.7-h17",
            "PAN-OS 10.2.7-h16",
            "PAN-OS 10.2.7-h15",
            "PAN-OS 10.2.7-h14",
            "PAN-OS 10.2.7-h13",
            "PAN-OS 10.2.7-h12",
            "PAN-OS 10.2.7-h11",
            "PAN-OS 10.2.7-h10",
            "PAN-OS 10.2.7-h9",
            "PAN-OS 10.2.7-h8",
            "PAN-OS 10.2.7-h7",
            "PAN-OS 10.2.7-h6",
            "PAN-OS 10.2.7-h5",
            "PAN-OS 10.2.7-h4",
            "PAN-OS 10.2.7-h3",
            "PAN-OS 10.2.7-h2",
            "PAN-OS 10.2.7-h1",
            "PAN-OS 10.2.7",
            "PAN-OS 10.2.6-h6",
            "PAN-OS 10.2.6-h5",
            "PAN-OS 10.2.6-h4",
            "PAN-OS 10.2.6-h3",
            "PAN-OS 10.2.6-h2",
            "PAN-OS 10.2.6-h1",
            "PAN-OS 10.2.6",
            "PAN-OS 10.2.5-h9",
            "PAN-OS 10.2.5-h8",
            "PAN-OS 10.2.5-h7",
            "PAN-OS 10.2.5-h6",
            "PAN-OS 10.2.5-h5",
            "PAN-OS 10.2.5-h4",
            "PAN-OS 10.2.5-h3",
            "PAN-OS 10.2.5-h2",
            "PAN-OS 10.2.5-h1",
            "PAN-OS 10.2.5",
            "PAN-OS 10.2.4-h32",
            "PAN-OS 10.2.4-h31",
            "PAN-OS 10.2.4-h30",
            "PAN-OS 10.2.4-h29",
            "PAN-OS 10.2.4-h28",
            "PAN-OS 10.2.4-h27",
            "PAN-OS 10.2.4-h26",
            "PAN-OS 10.2.4-h25",
            "PAN-OS 10.2.4-h24",
            "PAN-OS 10.2.4-h23",
            "PAN-OS 10.2.4-h22",
            "PAN-OS 10.2.4-h21",
            "PAN-OS 10.2.4-h20",
            "PAN-OS 10.2.4-h19",
            "PAN-OS 10.2.4-h18",
            "PAN-OS 10.2.4-h17",
            "PAN-OS 10.2.4-h16",
            "PAN-OS 10.2.4-h15",
            "PAN-OS 10.2.4-h14",
            "PAN-OS 10.2.4-h13",
            "PAN-OS 10.2.4-h12",
            "PAN-OS 10.2.4-h11",
            "PAN-OS 10.2.4-h10",
            "PAN-OS 10.2.4-h9",
            "PAN-OS 10.2.4-h8",
            "PAN-OS 10.2.4-h7",
            "PAN-OS 10.2.4-h6",
            "PAN-OS 10.2.4-h5",
            "PAN-OS 10.2.4-h4",
            "PAN-OS 10.2.4-h3",
            "PAN-OS 10.2.4-h2",
            "PAN-OS 10.2.4-h1",
            "PAN-OS 10.2.4",
            "PAN-OS 10.2.3-h14",
            "PAN-OS 10.2.3-h13",
            "PAN-OS 10.2.3-h12",
            "PAN-OS 10.2.3-h11",
            "PAN-OS 10.2.3-h10",
            "PAN-OS 10.2.3-h9",
            "PAN-OS 10.2.3-h8",
            "PAN-OS 10.2.3-h7",
            "PAN-OS 10.2.3-h6",
            "PAN-OS 10.2.3-h5",
            "PAN-OS 10.2.3-h4",
            "PAN-OS 10.2.3-h3",
            "PAN-OS 10.2.3-h2",
            "PAN-OS 10.2.3-h1",
            "PAN-OS 10.2.3",
            "PAN-OS 10.2.2-h6",
            "PAN-OS 10.2.2-h5",
            "PAN-OS 10.2.2-h4",
            "PAN-OS 10.2.2-h3",
            "PAN-OS 10.2.2-h2",
            "PAN-OS 10.2.2-h1",
            "PAN-OS 10.2.2",
            "PAN-OS 10.2.1-h3",
            "PAN-OS 10.2.1-h2",
            "PAN-OS 10.2.1-h1",
            "PAN-OS 10.2.1",
            "PAN-OS 10.2.0-h4",
            "PAN-OS 10.2.0-h3",
            "PAN-OS 10.2.0-h2",
            "PAN-OS 10.2.0-h1",
            "PAN-OS 10.2.0"
          ],
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "assignerShortName": "palo_alto",
        "cveId": "CVE-2026-0273",
        "datePublished": "2026-06-10T21:01:45.198Z",
        "dateReserved": "2025-11-03T20:44:32.837Z",
        "dateUpdated": "2026-06-11T10:17:28.325Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-0272 (GCVE-0-2026-0272)

    Vulnerability from nvd – Published: 2026-06-10 21:01 – Updated: 2026-06-11 10:17
    VLAI
    Title
    PAN-OS: Privilege Escalation (PE) Vulnerability in the Command Line Interface (CLI)
    Summary
    A privilege escalation vulnerability in Palo Alto Networks PAN-OS® software allows an authenticated administrator with access to the Command Line Interface (CLI) to perform actions on the device with root privileges. The security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of administrators and by restricting access to the management interface to only trusted internal IP addresses according to our recommended best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 . This issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series). Cloud NGFW, and Prisma® Access are not impacted by this vulnerability.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Palo Alto Networks Cloud NGFW Unaffected: All (custom)
    Create a notification for this product.
    Palo Alto Networks PAN-OS Affected: 12.1.0 , < 12.1.4-h7 (custom)
    Affected: 11.2.0 , < 11.2.4-h18 (custom)
    Affected: 11.1.0 , < 11.1.4-h34 (custom)
    Affected: 10.2.0 , < 10.2.7-h35 (custom)
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h26:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h25:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h32:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h29:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h25:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h23:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h22:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h20:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h19:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h33:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h32:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h27:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h25:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.17:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.15:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.14:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h16:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h36:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h31:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h30:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h27:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h26:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h23:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h34:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h32:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h24:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h23:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h22:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h20:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h19:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h16:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Palo Alto Networks Prisma Access Unaffected: All (custom)
    Create a notification for this product.
    Date Public
    2026-06-10 16:00
    Credits
    Palo Alto Networks thanks an external reporter, Frigo, for discovering and reporting this issue.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-0272",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-11T03:55:35.701340Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-11T10:17:40.792Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Cloud NGFW",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "All",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h26:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h25:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h32:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h29:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h25:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h23:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h22:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h20:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h19:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h33:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h32:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h27:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h25:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.17:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.15:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.14:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h16:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h36:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h31:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h30:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h27:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h26:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h23:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h34:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h32:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h24:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h23:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h22:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h20:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h19:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h16:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "PAN-OS",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "12.1.4-h7",
                      "status": "unaffected"
                    },
                    {
                      "at": "12.1.5",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "12.1.4-h7",
                  "status": "affected",
                  "version": "12.1.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "11.2.4-h18",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.2.7-h16",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.2.10-h9",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.2.11",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "11.2.4-h18",
                  "status": "affected",
                  "version": "11.2.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "11.1.4-h34",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.6-h33",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.7-h7",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.10-h27",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.13-h7",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.14",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "11.1.4-h34",
                  "status": "affected",
                  "version": "11.1.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "10.2.7-h35",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.10-h37",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.13-h22",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.16-h8",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.18-h5",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "10.2.7-h35",
                  "status": "affected",
                  "version": "10.2.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Prisma Access",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "All",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "configurations": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eNo special configuration is required to be affected by this issue.\u003c/p\u003e"
                }
              ],
              "value": "No special configuration is required to be affected by this issue."
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "12.1.4-h7",
                      "versionStartIncluding": "12.1.2",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.4-h18",
                      "versionStartIncluding": "11.2.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.7-h16",
                      "versionStartIncluding": "11.2.5",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.10-h9",
                      "versionStartIncluding": "11.2.8",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.11",
                      "versionStartIncluding": "11.2.10",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.4-h34",
                      "versionStartIncluding": "11.1.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.6-h33",
                      "versionStartIncluding": "11.1.5",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.7-h7",
                      "versionStartIncluding": "11.1.7",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.10-h27",
                      "versionStartIncluding": "11.1.8",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.13-h7",
                      "versionStartIncluding": "11.1.11",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.14",
                      "versionStartIncluding": "11.1.13",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.7-h35",
                      "versionStartIncluding": "10.2.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.10-h37",
                      "versionStartIncluding": "10.2.8",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.13-h22",
                      "versionStartIncluding": "10.2.11",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.16-h8",
                      "versionStartIncluding": "10.2.14",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.18-h5",
                      "versionStartIncluding": "10.2.17",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "other",
              "value": "Palo Alto Networks thanks an external reporter, Frigo, for discovering and reporting this issue."
            }
          ],
          "datePublic": "2026-06-10T16:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eA privilege escalation vulnerability in Palo Alto Networks PAN-OS\u00ae software allows an authenticated administrator with access to the Command Line Interface (CLI) to perform actions on the device with root privileges.\u003c/p\u003e\u003cp\u003eThe security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of administrators and by restricting access to the management interface to only trusted internal IP addresses according to our recommended \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431\"\u003ebest practice deployment guidelines\u003c/a\u003e.\u003c/p\u003e\u003cp\u003eThis issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series).\u003cbr\u003e\u003cbr\u003eCloud NGFW, and Prisma\u00ae Access are not impacted by this vulnerability.\u003c/p\u003e"
                }
              ],
              "value": "A privilege escalation vulnerability in Palo Alto Networks PAN-OS\u00ae software allows an authenticated administrator with access to the Command Line Interface (CLI) to perform actions on the device with root privileges.\n\n\n\nThe security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of administrators and by restricting access to the management interface to only trusted internal IP addresses according to our recommended  best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 .\n\n\n\nThis issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series).\n\nCloud NGFW, and Prisma\u00ae Access are not impacted by this vulnerability."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003ePalo Alto Networks is not aware of any malicious exploitation of this issue.\u003c/p\u003e"
                }
              ],
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-233",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-233 Privilege Escalation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NO",
                "Recovery": "USER",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 6,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "UNREPORTED",
                "privilegesRequired": "HIGH",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "CONCENTRATED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:C/RE:M/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "MODERATE"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "The risk is highest when you allow access to the management interface from external IP addresses on the internet."
                }
              ]
            },
            {
              "cvssV4_0": {
                "Automatable": "NO",
                "Recovery": "USER",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 5.6,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "UNREPORTED",
                "privilegesRequired": "HIGH",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "CONCENTRATED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:C/RE:M/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "MODERATE"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "You can reduce the risk of exploitation by restricting access to a jump box that is the only system allowed to access the management interface."
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-862",
                  "description": "CWE-862 Missing Authorization",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-10T21:01:10.714Z",
            "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
            "shortName": "palo_alto"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://security.paloaltonetworks.com/CVE-2026-0272"
            }
          ],
          "solutions": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003ctable class=\"tbl\"\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eVersion\u003c/th\u003e\u003cth\u003eMinor Version Range\u003c/th\u003e\u003cth\u003eSuggested Solution\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003eCloud NGFW\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 12.1\u003c/td\u003e\u003ctd\u003e12.1.2 through 12.1.4-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 12.1.4-h7 or 12.1.5 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 11.2\u003c/td\u003e\u003ctd\u003e11.2.8 through 11.2.10-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.2.10-h9 or 11.2.11 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.2.5 through 11.2.7-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.2.7-h16 or 11.2.11 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.2.0 through 11.2.4-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.2.4-h18 or 11.2.11 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 11.1\u003c/td\u003e\u003ctd\u003e11.1.11 through 11.1.13-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.13-h7 or 11.1.14 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.1.7 through 11.1.10-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.10-h27 or 11.1.14 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.1.5 through 11.1.6-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.6-h33 or 11.1.14 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.1.0 through 11.1.4-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.4-h34 or 11.1.14 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 10.2\u003c/td\u003e\u003ctd\u003e10.2.17 through 10.2.18-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.18-h5 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e10.2.14 through 10.2.16-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.16-h8 or 10.2.18-h5 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e10.2.11 through 10.2.13-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.13-h22 or 10.2.18-h5 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e10.2.8 through 10.2.10-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.10-h37 or 10.2.18-h5 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e10.2.0 through 10.2.7-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.7-h35 or 10.2.18-h5 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eAll other older\u003cbr\u003eunsupported\u003cbr\u003ePAN-OS versions\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eUpgrade to a supported fixed version.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePrisma Access\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e"
                }
              ],
              "value": "VERSION           MINOR VERSION RANGE          SUGGESTED SOLUTION\nCloud NGFW                                     No action needed.\nPAN-OS 12.1       12.1.2 through 12.1.4-h*     Upgrade to 12.1.4-h7 or 12.1.5 or later.\nPAN-OS 11.2       11.2.8 through 11.2.10-h*    Upgrade to 11.2.10-h9 or 11.2.11 or later.\n                  11.2.5 through 11.2.7-h*     Upgrade to 11.2.7-h16 or 11.2.11 or later.\n                  11.2.0 through 11.2.4-h*     Upgrade to 11.2.4-h18 or 11.2.11 or later.\nPAN-OS 11.1       11.1.11 through 11.1.13-h*   Upgrade to 11.1.13-h7 or 11.1.14 or later.\n                  11.1.7 through 11.1.10-h*    Upgrade to 11.1.10-h27 or 11.1.14 or later.\n                  11.1.5 through 11.1.6-h*     Upgrade to 11.1.6-h33 or 11.1.14 or later.\n                  11.1.0 through 11.1.4-h*     Upgrade to 11.1.4-h34 or 11.1.14 or later.\nPAN-OS 10.2       10.2.17 through 10.2.18-h*   Upgrade to 10.2.18-h5 or later.\n                  10.2.14 through 10.2.16-h*   Upgrade to 10.2.16-h8 or 10.2.18-h5 or later.\n                  10.2.11 through 10.2.13-h*   Upgrade to 10.2.13-h22 or 10.2.18-h5 or later.\n                  10.2.8 through 10.2.10-h*    Upgrade to 10.2.10-h37 or 10.2.18-h5 or later.\n                  10.2.0 through 10.2.7-h*     Upgrade to 10.2.7-h35 or 10.2.18-h5 or later.\nAll other older                                Upgrade to a supported fixed version.\nunsupported\nPAN-OS versions\nPrisma Access                                  No action needed."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "timeline": [
            {
              "lang": "en",
              "time": "2026-06-10T16:00:00.000Z",
              "value": "Initial publication."
            }
          ],
          "title": "PAN-OS: Privilege Escalation (PE) Vulnerability in the Command Line Interface (CLI)",
          "workarounds": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eThe vast majority of firewalls already follow Palo Alto Networks\u0027 and industry best practices. However, if you have not already, we strongly recommend that you secure access to your management interface according to our \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431\"\u003ebest practice deployment guidelines\u003c/a\u003e. Specifically, you should restrict management interface access to only trusted internal IP addresses.\u003c/p\u003e\u003cp\u003eReview information about how to secure management access to your Palo Alto Networks firewalls:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431\"\u003ePalo Alto Networks LIVEcommunity article\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices\"\u003ePalo Alto Networks official and detailed technical documentation\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e"
                }
              ],
              "value": "The vast majority of firewalls already follow Palo Alto Networks\u0027 and industry best practices. However, if you have not already, we strongly recommend that you secure access to your management interface according to our best practice deployment guidelines (https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431). Specifically, you should restrict management interface access to only trusted internal IP addresses.\n\nReview information about how to secure management access to your Palo Alto Networks firewalls:\n\n * Palo Alto Networks LIVEcommunity article (https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431)\n * Palo Alto Networks official and detailed technical documentation (https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices)"
            }
          ],
          "x_affectedList": [
            "PAN-OS 12.1.4-h6",
            "PAN-OS 12.1.4-h5",
            "PAN-OS 12.1.4-h3",
            "PAN-OS 12.1.4-h2",
            "PAN-OS 12.1.4",
            "PAN-OS 12.1.3-h3",
            "PAN-OS 12.1.3-h1",
            "PAN-OS 12.1.3",
            "PAN-OS 12.1.2",
            "PAN-OS 11.2.10-h8",
            "PAN-OS 11.2.10-h7",
            "PAN-OS 11.2.10-h6",
            "PAN-OS 11.2.10-h5",
            "PAN-OS 11.2.10-h4",
            "PAN-OS 11.2.10-h3",
            "PAN-OS 11.2.10-h2",
            "PAN-OS 11.2.10-h1",
            "PAN-OS 11.2.10",
            "PAN-OS 11.2.9",
            "PAN-OS 11.2.8",
            "PAN-OS 11.2.7-h15",
            "PAN-OS 11.2.7-h14",
            "PAN-OS 11.2.7-h13",
            "PAN-OS 11.2.7-h12",
            "PAN-OS 11.2.7-h11",
            "PAN-OS 11.2.7-h10",
            "PAN-OS 11.2.7-h8",
            "PAN-OS 11.2.7-h7",
            "PAN-OS 11.2.7-h4",
            "PAN-OS 11.2.7-h3",
            "PAN-OS 11.2.7-h2",
            "PAN-OS 11.2.7-h1",
            "PAN-OS 11.2.7",
            "PAN-OS 11.2.6",
            "PAN-OS 11.2.5",
            "PAN-OS 11.2.4-h17",
            "PAN-OS 11.2.4-h15",
            "PAN-OS 11.2.4-h14",
            "PAN-OS 11.2.4-h12",
            "PAN-OS 11.2.4-h11",
            "PAN-OS 11.2.4-h10",
            "PAN-OS 11.2.4-h9",
            "PAN-OS 11.2.4-h8",
            "PAN-OS 11.2.4-h7",
            "PAN-OS 11.2.4-h6",
            "PAN-OS 11.2.4-h5",
            "PAN-OS 11.2.4-h4",
            "PAN-OS 11.2.4-h3",
            "PAN-OS 11.2.4-h2",
            "PAN-OS 11.2.4-h1",
            "PAN-OS 11.2.4",
            "PAN-OS 11.2.3-h5",
            "PAN-OS 11.2.3-h4",
            "PAN-OS 11.2.3-h3",
            "PAN-OS 11.2.3-h2",
            "PAN-OS 11.2.3-h1",
            "PAN-OS 11.2.3",
            "PAN-OS 11.2.2-h2",
            "PAN-OS 11.2.2-h1",
            "PAN-OS 11.2.1-h1",
            "PAN-OS 11.2.1",
            "PAN-OS 11.2.0-h1",
            "PAN-OS 11.2.0",
            "PAN-OS 11.1.13-h6",
            "PAN-OS 11.1.13-h5",
            "PAN-OS 11.1.13-h3",
            "PAN-OS 11.1.13-h2",
            "PAN-OS 11.1.13-h1",
            "PAN-OS 11.1.13",
            "PAN-OS 11.1.12",
            "PAN-OS 11.1.11",
            "PAN-OS 11.1.10-h26",
            "PAN-OS 11.1.10-h25",
            "PAN-OS 11.1.10-h21",
            "PAN-OS 11.1.10-h12",
            "PAN-OS 11.1.10-h10",
            "PAN-OS 11.1.10-h9",
            "PAN-OS 11.1.10-h7",
            "PAN-OS 11.1.10-h5",
            "PAN-OS 11.1.10-h4",
            "PAN-OS 11.1.10-h1",
            "PAN-OS 11.1.10",
            "PAN-OS 11.1.9",
            "PAN-OS 11.1.8",
            "PAN-OS 11.1.6-h32",
            "PAN-OS 11.1.6-h29",
            "PAN-OS 11.1.6-h25",
            "PAN-OS 11.1.6-h23",
            "PAN-OS 11.1.6-h22",
            "PAN-OS 11.1.6-h21",
            "PAN-OS 11.1.6-h20",
            "PAN-OS 11.1.6-h19",
            "PAN-OS 11.1.6-h18",
            "PAN-OS 11.1.6-h17",
            "PAN-OS 11.1.6-h14",
            "PAN-OS 11.1.6-h10",
            "PAN-OS 11.1.6-h7",
            "PAN-OS 11.1.6-h6",
            "PAN-OS 11.1.6-h4",
            "PAN-OS 11.1.6-h3",
            "PAN-OS 11.1.6-h2",
            "PAN-OS 11.1.6-h1",
            "PAN-OS 11.1.6",
            "PAN-OS 11.1.5-h1",
            "PAN-OS 11.1.5",
            "PAN-OS 11.1.4-h33",
            "PAN-OS 11.1.4-h32",
            "PAN-OS 11.1.4-h27",
            "PAN-OS 11.1.4-h25",
            "PAN-OS 11.1.4-h18",
            "PAN-OS 11.1.4-h17",
            "PAN-OS 11.1.4-h15",
            "PAN-OS 11.1.4-h13",
            "PAN-OS 11.1.4-h12",
            "PAN-OS 11.1.4-h11",
            "PAN-OS 11.1.4-h10",
            "PAN-OS 11.1.4-h9",
            "PAN-OS 11.1.4-h8",
            "PAN-OS 11.1.4-h7",
            "PAN-OS 11.1.4-h6",
            "PAN-OS 11.1.4-h5",
            "PAN-OS 11.1.4-h4",
            "PAN-OS 11.1.4-h3",
            "PAN-OS 11.1.4-h2",
            "PAN-OS 11.1.4-h1",
            "PAN-OS 11.1.4",
            "PAN-OS 11.1.3-h13",
            "PAN-OS 11.1.3-h12",
            "PAN-OS 11.1.3-h11",
            "PAN-OS 11.1.3-h10",
            "PAN-OS 11.1.3-h9",
            "PAN-OS 11.1.3-h8",
            "PAN-OS 11.1.3-h7",
            "PAN-OS 11.1.3-h6",
            "PAN-OS 11.1.3-h5",
            "PAN-OS 11.1.3-h4",
            "PAN-OS 11.1.3-h3",
            "PAN-OS 11.1.3-h2",
            "PAN-OS 11.1.3-h1",
            "PAN-OS 11.1.3",
            "PAN-OS 11.1.2-h18",
            "PAN-OS 11.1.2-h17",
            "PAN-OS 11.1.2-h16",
            "PAN-OS 11.1.2-h15",
            "PAN-OS 11.1.2-h14",
            "PAN-OS 11.1.2-h13",
            "PAN-OS 11.1.2-h12",
            "PAN-OS 11.1.2-h11",
            "PAN-OS 11.1.2-h10",
            "PAN-OS 11.1.2-h9",
            "PAN-OS 11.1.2-h8",
            "PAN-OS 11.1.2-h7",
            "PAN-OS 11.1.2-h6",
            "PAN-OS 11.1.2-h5",
            "PAN-OS 11.1.2-h4",
            "PAN-OS 11.1.2-h3",
            "PAN-OS 11.1.2-h2",
            "PAN-OS 11.1.2-h1",
            "PAN-OS 11.1.2",
            "PAN-OS 11.1.1-h2",
            "PAN-OS 11.1.1-h1",
            "PAN-OS 11.1.1",
            "PAN-OS 11.1.0-h4",
            "PAN-OS 11.1.0-h3",
            "PAN-OS 11.1.0-h2",
            "PAN-OS 11.1.0-h1",
            "PAN-OS 11.1.0",
            "PAN-OS 10.2.18-h1",
            "PAN-OS 10.2.18",
            "PAN-OS 10.2.17",
            "PAN-OS 10.2.16-h7",
            "PAN-OS 10.2.16-h6",
            "PAN-OS 10.2.16-h4",
            "PAN-OS 10.2.16-h1",
            "PAN-OS 10.2.16",
            "PAN-OS 10.2.15",
            "PAN-OS 10.2.14-h1",
            "PAN-OS 10.2.14",
            "PAN-OS 10.2.13-h21",
            "PAN-OS 10.2.13-h18",
            "PAN-OS 10.2.13-h16",
            "PAN-OS 10.2.13-h15",
            "PAN-OS 10.2.13-h10",
            "PAN-OS 10.2.13-h7",
            "PAN-OS 10.2.13-h5",
            "PAN-OS 10.2.13-h4",
            "PAN-OS 10.2.13-h3",
            "PAN-OS 10.2.13-h2",
            "PAN-OS 10.2.13-h1",
            "PAN-OS 10.2.13",
            "PAN-OS 10.2.12-h6",
            "PAN-OS 10.2.12-h5",
            "PAN-OS 10.2.12-h4",
            "PAN-OS 10.2.12-h3",
            "PAN-OS 10.2.12-h2",
            "PAN-OS 10.2.12-h1",
            "PAN-OS 10.2.12",
            "PAN-OS 10.2.11-h13",
            "PAN-OS 10.2.11-h12",
            "PAN-OS 10.2.11-h11",
            "PAN-OS 10.2.11-h10",
            "PAN-OS 10.2.11-h9",
            "PAN-OS 10.2.11-h8",
            "PAN-OS 10.2.11-h7",
            "PAN-OS 10.2.11-h6",
            "PAN-OS 10.2.11-h5",
            "PAN-OS 10.2.11-h4",
            "PAN-OS 10.2.11-h3",
            "PAN-OS 10.2.11-h2",
            "PAN-OS 10.2.11-h1",
            "PAN-OS 10.2.11",
            "PAN-OS 10.2.10-h36",
            "PAN-OS 10.2.10-h31",
            "PAN-OS 10.2.10-h30",
            "PAN-OS 10.2.10-h27",
            "PAN-OS 10.2.10-h26",
            "PAN-OS 10.2.10-h23",
            "PAN-OS 10.2.10-h21",
            "PAN-OS 10.2.10-h18",
            "PAN-OS 10.2.10-h17",
            "PAN-OS 10.2.10-h14",
            "PAN-OS 10.2.10-h13",
            "PAN-OS 10.2.10-h12",
            "PAN-OS 10.2.10-h11",
            "PAN-OS 10.2.10-h10",
            "PAN-OS 10.2.10-h9",
            "PAN-OS 10.2.10-h8",
            "PAN-OS 10.2.10-h7",
            "PAN-OS 10.2.10-h6",
            "PAN-OS 10.2.10-h5",
            "PAN-OS 10.2.10-h4",
            "PAN-OS 10.2.10-h3",
            "PAN-OS 10.2.10-h2",
            "PAN-OS 10.2.10-h1",
            "PAN-OS 10.2.10",
            "PAN-OS 10.2.9-h21",
            "PAN-OS 10.2.9-h20",
            "PAN-OS 10.2.9-h19",
            "PAN-OS 10.2.9-h18",
            "PAN-OS 10.2.9-h17",
            "PAN-OS 10.2.9-h16",
            "PAN-OS 10.2.9-h15",
            "PAN-OS 10.2.9-h14",
            "PAN-OS 10.2.9-h13",
            "PAN-OS 10.2.9-h12",
            "PAN-OS 10.2.9-h11",
            "PAN-OS 10.2.9-h10",
            "PAN-OS 10.2.9-h9",
            "PAN-OS 10.2.9-h8",
            "PAN-OS 10.2.9-h7",
            "PAN-OS 10.2.9-h6",
            "PAN-OS 10.2.9-h5",
            "PAN-OS 10.2.9-h4",
            "PAN-OS 10.2.9-h3",
            "PAN-OS 10.2.9-h2",
            "PAN-OS 10.2.9-h1",
            "PAN-OS 10.2.9",
            "PAN-OS 10.2.8-h21",
            "PAN-OS 10.2.8-h20",
            "PAN-OS 10.2.8-h19",
            "PAN-OS 10.2.8-h18",
            "PAN-OS 10.2.8-h17",
            "PAN-OS 10.2.8-h16",
            "PAN-OS 10.2.8-h15",
            "PAN-OS 10.2.8-h14",
            "PAN-OS 10.2.8-h13",
            "PAN-OS 10.2.8-h12",
            "PAN-OS 10.2.8-h11",
            "PAN-OS 10.2.8-h10",
            "PAN-OS 10.2.8-h9",
            "PAN-OS 10.2.8-h8",
            "PAN-OS 10.2.8-h7",
            "PAN-OS 10.2.8-h6",
            "PAN-OS 10.2.8-h5",
            "PAN-OS 10.2.8-h4",
            "PAN-OS 10.2.8-h3",
            "PAN-OS 10.2.8-h2",
            "PAN-OS 10.2.8-h1",
            "PAN-OS 10.2.8",
            "PAN-OS 10.2.7-h34",
            "PAN-OS 10.2.7-h32",
            "PAN-OS 10.2.7-h24",
            "PAN-OS 10.2.7-h23",
            "PAN-OS 10.2.7-h22",
            "PAN-OS 10.2.7-h21",
            "PAN-OS 10.2.7-h20",
            "PAN-OS 10.2.7-h19",
            "PAN-OS 10.2.7-h18",
            "PAN-OS 10.2.7-h17",
            "PAN-OS 10.2.7-h16",
            "PAN-OS 10.2.7-h15",
            "PAN-OS 10.2.7-h14",
            "PAN-OS 10.2.7-h13",
            "PAN-OS 10.2.7-h12",
            "PAN-OS 10.2.7-h11",
            "PAN-OS 10.2.7-h10",
            "PAN-OS 10.2.7-h9",
            "PAN-OS 10.2.7-h8",
            "PAN-OS 10.2.7-h7",
            "PAN-OS 10.2.7-h6",
            "PAN-OS 10.2.7-h5",
            "PAN-OS 10.2.7-h4",
            "PAN-OS 10.2.7-h3",
            "PAN-OS 10.2.7-h2",
            "PAN-OS 10.2.7-h1",
            "PAN-OS 10.2.7",
            "PAN-OS 10.2.6-h6",
            "PAN-OS 10.2.6-h5",
            "PAN-OS 10.2.6-h4",
            "PAN-OS 10.2.6-h3",
            "PAN-OS 10.2.6-h2",
            "PAN-OS 10.2.6-h1",
            "PAN-OS 10.2.6",
            "PAN-OS 10.2.5-h9",
            "PAN-OS 10.2.5-h8",
            "PAN-OS 10.2.5-h7",
            "PAN-OS 10.2.5-h6",
            "PAN-OS 10.2.5-h5",
            "PAN-OS 10.2.5-h4",
            "PAN-OS 10.2.5-h3",
            "PAN-OS 10.2.5-h2",
            "PAN-OS 10.2.5-h1",
            "PAN-OS 10.2.5",
            "PAN-OS 10.2.4-h32",
            "PAN-OS 10.2.4-h31",
            "PAN-OS 10.2.4-h30",
            "PAN-OS 10.2.4-h29",
            "PAN-OS 10.2.4-h28",
            "PAN-OS 10.2.4-h27",
            "PAN-OS 10.2.4-h26",
            "PAN-OS 10.2.4-h25",
            "PAN-OS 10.2.4-h24",
            "PAN-OS 10.2.4-h23",
            "PAN-OS 10.2.4-h22",
            "PAN-OS 10.2.4-h21",
            "PAN-OS 10.2.4-h20",
            "PAN-OS 10.2.4-h19",
            "PAN-OS 10.2.4-h18",
            "PAN-OS 10.2.4-h17",
            "PAN-OS 10.2.4-h16",
            "PAN-OS 10.2.4-h15",
            "PAN-OS 10.2.4-h14",
            "PAN-OS 10.2.4-h13",
            "PAN-OS 10.2.4-h12",
            "PAN-OS 10.2.4-h11",
            "PAN-OS 10.2.4-h10",
            "PAN-OS 10.2.4-h9",
            "PAN-OS 10.2.4-h8",
            "PAN-OS 10.2.4-h7",
            "PAN-OS 10.2.4-h6",
            "PAN-OS 10.2.4-h5",
            "PAN-OS 10.2.4-h4",
            "PAN-OS 10.2.4-h3",
            "PAN-OS 10.2.4-h2",
            "PAN-OS 10.2.4-h1",
            "PAN-OS 10.2.4",
            "PAN-OS 10.2.3-h14",
            "PAN-OS 10.2.3-h13",
            "PAN-OS 10.2.3-h12",
            "PAN-OS 10.2.3-h11",
            "PAN-OS 10.2.3-h10",
            "PAN-OS 10.2.3-h9",
            "PAN-OS 10.2.3-h8",
            "PAN-OS 10.2.3-h7",
            "PAN-OS 10.2.3-h6",
            "PAN-OS 10.2.3-h5",
            "PAN-OS 10.2.3-h4",
            "PAN-OS 10.2.3-h3",
            "PAN-OS 10.2.3-h2",
            "PAN-OS 10.2.3-h1",
            "PAN-OS 10.2.3",
            "PAN-OS 10.2.2-h6",
            "PAN-OS 10.2.2-h5",
            "PAN-OS 10.2.2-h4",
            "PAN-OS 10.2.2-h3",
            "PAN-OS 10.2.2-h2",
            "PAN-OS 10.2.2-h1",
            "PAN-OS 10.2.2",
            "PAN-OS 10.2.1-h3",
            "PAN-OS 10.2.1-h2",
            "PAN-OS 10.2.1-h1",
            "PAN-OS 10.2.1",
            "PAN-OS 10.2.0-h4",
            "PAN-OS 10.2.0-h3",
            "PAN-OS 10.2.0-h2",
            "PAN-OS 10.2.0-h1",
            "PAN-OS 10.2.0"
          ],
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "assignerShortName": "palo_alto",
        "cveId": "CVE-2026-0272",
        "datePublished": "2026-06-10T21:01:10.714Z",
        "dateReserved": "2025-11-03T20:44:31.995Z",
        "dateUpdated": "2026-06-11T10:17:40.792Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-0269 (GCVE-0-2026-0269)

    Vulnerability from nvd – Published: 2026-06-10 20:54 – Updated: 2026-06-11 13:55
    VLAI
    Title
    PAN-OS: Denial of Service (DoS) in Tunnel Traffic Processing
    Summary
    A memory corruption vulnerability in the processing of tunnel traffic in Palo Alto Networks PAN-OS® software allows an authenticated user to initiate system reboots using a maliciously crafted packet. Repeated attempts to initiate a reboot causes the firewall to enter maintenance mode. Panorama, Cloud NGFW, and Prisma® Access are not impacted by this vulnerability.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-754 - Improper Check for Unusual or Exceptional Conditions
    Assigner
    References
    Impacted products
    Vendor Product Version
    Palo Alto Networks Cloud NGFW Unaffected: All (custom)
    Create a notification for this product.
    Palo Alto Networks PAN-OS Affected: 12.1.0 , < 12.1.5 (custom)
    Affected: 11.2.0 , < 11.2.10 (custom)
    Affected: 11.1.0 , < 11.1.6-h21 (custom)
    Affected: 10.2.0 , < 10.2.16-h6 (custom)
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h20:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h19:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h32:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h27:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h25:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.17:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.15:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.14:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h16:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h31:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h30:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h27:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h26:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h23:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h32:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h24:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h23:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h22:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h20:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h19:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h16:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Palo Alto Networks Panorama Unaffected: All (custom)
    Create a notification for this product.
    Palo Alto Networks Prisma Access Unaffected: All (custom)
    Create a notification for this product.
    Date Public
    2026-06-10 16:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-0269",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-11T13:55:39.388734Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-11T13:55:47.585Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Cloud NGFW",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "All",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h20:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h19:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h32:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h27:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h25:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.17:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.15:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.14:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h16:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h31:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h30:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h27:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h26:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h23:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h32:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h24:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h23:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h22:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h20:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h19:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h16:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "PAN-OS",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "12.1.5",
                      "status": "unaffected"
                    },
                    {
                      "at": "12.1.4-h5",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "12.1.5",
                  "status": "affected",
                  "version": "12.1.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "11.2.10",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.2.7-h4",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.2.4-h17",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "11.2.10",
                  "status": "affected",
                  "version": "11.2.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "11.1.12",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.10-h7",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.6-h21",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.4-h33",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "11.1.6-h21",
                  "status": "affected",
                  "version": "11.1.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "10.2.18",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.16-h6",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.13-h21",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.10-h36",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.7-h34",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "10.2.16-h6",
                  "status": "affected",
                  "version": "10.2.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Panorama",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "All",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Prisma Access",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "All",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "configurations": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "This vulnerability affects PAN-OS firewalls configured with one or more of the following:\u003cbr\u003e\u003cul\u003e\u003cli\u003eIPSec Tunnels\u003c/li\u003e\u003cli\u003eGlobalProtect Gateways (Remote Access)\u003c/li\u003e\u003c/ul\u003e"
                }
              ],
              "value": "This vulnerability affects PAN-OS firewalls configured with one or more of the following:\n\n * IPSec Tunnels\n * GlobalProtect Gateways (Remote Access)"
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "12.1.5",
                      "versionStartIncluding": "12.1.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "12.1.4-h5",
                      "versionStartIncluding": "12.1.4",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.10",
                      "versionStartIncluding": "11.2.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.7-h4",
                      "versionStartIncluding": "11.2.7",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.4-h17",
                      "versionStartIncluding": "11.2.4",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.12",
                      "versionStartIncluding": "11.1.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.10-h7",
                      "versionStartIncluding": "11.1.10",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.6-h21",
                      "versionStartIncluding": "11.1.6",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.4-h33",
                      "versionStartIncluding": "11.1.4",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.18",
                      "versionStartIncluding": "10.2.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.16-h6",
                      "versionStartIncluding": "10.2.16",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.13-h21",
                      "versionStartIncluding": "10.2.13",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.10-h36",
                      "versionStartIncluding": "10.2.10",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.7-h34",
                      "versionStartIncluding": "10.2.7",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "datePublic": "2026-06-10T16:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003e\u003cspan\u003eA memory corruption vulnerability in the processing of tunnel traffic in Palo Alto Networks PAN-OS\u00ae software allows an authenticated user to initiate system reboots using a maliciously crafted packet. Repeated attempts to initiate a reboot causes the firewall to enter maintenance mode.\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan\u003ePanorama, Cloud NGFW, and Prisma\u00ae Access are not impacted by this vulnerability.\u003c/span\u003e\u003c/p\u003e"
                }
              ],
              "value": "A memory corruption vulnerability in the processing of tunnel traffic in Palo Alto Networks PAN-OS\u00ae software allows an authenticated user to initiate system reboots using a maliciously crafted packet. Repeated attempts to initiate a reboot causes the firewall to enter maintenance mode.\n\n\n\nPanorama, Cloud NGFW, and Prisma\u00ae Access are not impacted by this vulnerability."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
                }
              ],
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-153",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-153 Input Data Manipulation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NO",
                "Recovery": "AUTOMATIC",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "ADJACENT",
                "baseScore": 4.6,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "UNREPORTED",
                "privilegesRequired": "LOW",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "DIFFUSE",
                "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/AU:N/R:A/V:D/RE:M/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "MODERATE"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-754",
                  "description": "CWE-754: Improper Check for Unusual or Exceptional Conditions",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-10T20:54:29.102Z",
            "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
            "shortName": "palo_alto"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://security.paloaltonetworks.com/CVE-2026-0269"
            }
          ],
          "solutions": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003ctable\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eVersion\u003cbr\u003e\u003c/th\u003e\u003cth\u003eMinor Version\u003cbr\u003e\u003c/th\u003e\u003cth\u003eSuggested Solution\u003cbr\u003e\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003eCloud NGFW\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePAN-OS 12.1\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e12.1.2 through 12.1.4-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 12.1.4-h5 or 12.1.5 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePAN-OS 11.2\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.2.8 through 11.2.9\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.2.10 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.2.5 through 11.2.7-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.2.7-h4 or 11.2.10 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.2.0 through 11.2.4-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.2.4-h17 or 11.2.10 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePAN-OS 11.1\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.11 or later\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.12 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u0026nbsp;\u003c/td\u003e\u003ctd\u003e11.1.7 through 11.1.10-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.10-h7 or 11.1.12 or later.\u003cbr\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.5 through 11.1.6-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.6-h21 or 11.1.12 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.0 through 11.1.4-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.4-h33 or 11.1.12 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePAN-OS 10.2\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e10.2.17 or later\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 10.2.18 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u0026nbsp;\u003c/td\u003e\u003ctd\u003e10.2.4 through 10.2.16-h*\u003cbr\u003e\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.16-h6 or 10.2.18 or later.\u003cbr\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e10.2.11 through 10.2.13-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 10.2.13-h21 or 10.2.18 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e10.2.8 through 10.2.10-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 10.2.10-h36 or 10.2.18 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e10.2.0 through 10.2.7-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 10.2.7-h34 or 10.2.18 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eAll older\u003cbr\u003eunsupported\u003cbr\u003ePAN-OS versions\u003c/td\u003e\u003ctd\u003e\u0026nbsp;\u003c/td\u003e\u003ctd\u003eUpgrade to a supported fixed version.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePanorama\u003c/td\u003e\u003ctd\u003e\u0026nbsp;\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePrisma Access\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003eNo action needed.\u003c/td\u003e\n                            \u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e"
                }
              ],
              "value": "VERSION           MINOR VERSION                SUGGESTED SOLUTION\nCloud NGFW                                     No action needed.\nPAN-OS 12.1       12.1.2 through 12.1.4-h*     Upgrade to 12.1.4-h5 or 12.1.5 or later.\nPAN-OS 11.2       11.2.8 through 11.2.9        Upgrade to 11.2.10 or later.\n                  11.2.5 through 11.2.7-h*     Upgrade to 11.2.7-h4 or 11.2.10 or later.\n                  11.2.0 through 11.2.4-h*     Upgrade to 11.2.4-h17 or 11.2.10 or later.\nPAN-OS 11.1       11.1.11 or later             Upgrade to 11.1.12 or later.\n\u00a0                 11.1.7 through 11.1.10-h*    Upgrade to 11.1.10-h7 or 11.1.12 or later.\n                  11.1.5 through 11.1.6-h*     Upgrade to 11.1.6-h21 or 11.1.12 or later.\n                  11.1.0 through 11.1.4-h*     Upgrade to 11.1.4-h33 or 11.1.12 or later.\nPAN-OS 10.2       10.2.17 or later             Upgrade to 10.2.18 or later.\n\u00a0                 10.2.4 through 10.2.16-h*    Upgrade to 10.2.16-h6 or 10.2.18 or later.\n                  10.2.11 through 10.2.13-h*   Upgrade to 10.2.13-h21 or 10.2.18 or later.\n                  10.2.8 through 10.2.10-h*    Upgrade to 10.2.10-h36 or 10.2.18 or later.\n                  10.2.0 through 10.2.7-h*     Upgrade to 10.2.7-h34 or 10.2.18 or later.\nAll older         \u00a0                            Upgrade to a supported fixed version.\nunsupported\nPAN-OS versions\nPanorama          \u00a0                            No action needed.\nPrisma Access                                  No action needed."
            }
          ],
          "source": {
            "discovery": "USER"
          },
          "timeline": [
            {
              "lang": "en",
              "time": "2026-06-10T16:00:00.000Z",
              "value": "Initial publication."
            }
          ],
          "title": "PAN-OS: Denial of Service (DoS) in Tunnel Traffic Processing",
          "workarounds": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "No known workarounds exist for this issue."
                }
              ],
              "value": "No known workarounds exist for this issue."
            }
          ],
          "x_affectedList": [
            "PAN-OS 12.1.4-h3",
            "PAN-OS 12.1.4-h2",
            "PAN-OS 12.1.4",
            "PAN-OS 12.1.3-h3",
            "PAN-OS 12.1.3-h1",
            "PAN-OS 12.1.3",
            "PAN-OS 12.1.2",
            "PAN-OS 11.2.9",
            "PAN-OS 11.2.8",
            "PAN-OS 11.2.7-h3",
            "PAN-OS 11.2.7-h2",
            "PAN-OS 11.2.7-h1",
            "PAN-OS 11.2.7",
            "PAN-OS 11.2.6",
            "PAN-OS 11.2.5",
            "PAN-OS 11.2.4-h15",
            "PAN-OS 11.2.4-h14",
            "PAN-OS 11.2.4-h12",
            "PAN-OS 11.2.4-h11",
            "PAN-OS 11.2.4-h10",
            "PAN-OS 11.2.4-h9",
            "PAN-OS 11.2.4-h8",
            "PAN-OS 11.2.4-h7",
            "PAN-OS 11.2.4-h6",
            "PAN-OS 11.2.4-h5",
            "PAN-OS 11.2.4-h4",
            "PAN-OS 11.2.4-h3",
            "PAN-OS 11.2.4-h2",
            "PAN-OS 11.2.4-h1",
            "PAN-OS 11.2.4",
            "PAN-OS 11.2.3-h5",
            "PAN-OS 11.2.3-h4",
            "PAN-OS 11.2.3-h3",
            "PAN-OS 11.2.3-h2",
            "PAN-OS 11.2.3-h1",
            "PAN-OS 11.2.3",
            "PAN-OS 11.2.2-h2",
            "PAN-OS 11.2.2-h1",
            "PAN-OS 11.2.1-h1",
            "PAN-OS 11.2.1",
            "PAN-OS 11.2.0-h1",
            "PAN-OS 11.2.0",
            "PAN-OS 11.1.11",
            "PAN-OS 11.1.10-h5",
            "PAN-OS 11.1.10-h4",
            "PAN-OS 11.1.10-h1",
            "PAN-OS 11.1.10",
            "PAN-OS 11.1.9",
            "PAN-OS 11.1.8",
            "PAN-OS 11.1.6-h20",
            "PAN-OS 11.1.6-h19",
            "PAN-OS 11.1.6-h18",
            "PAN-OS 11.1.6-h17",
            "PAN-OS 11.1.6-h14",
            "PAN-OS 11.1.6-h10",
            "PAN-OS 11.1.6-h7",
            "PAN-OS 11.1.6-h6",
            "PAN-OS 11.1.6-h4",
            "PAN-OS 11.1.6-h3",
            "PAN-OS 11.1.6-h2",
            "PAN-OS 11.1.6-h1",
            "PAN-OS 11.1.6",
            "PAN-OS 11.1.5-h1",
            "PAN-OS 11.1.5",
            "PAN-OS 11.1.4-h32",
            "PAN-OS 11.1.4-h27",
            "PAN-OS 11.1.4-h25",
            "PAN-OS 11.1.4-h18",
            "PAN-OS 11.1.4-h17",
            "PAN-OS 11.1.4-h15",
            "PAN-OS 11.1.4-h13",
            "PAN-OS 11.1.4-h12",
            "PAN-OS 11.1.4-h11",
            "PAN-OS 11.1.4-h10",
            "PAN-OS 11.1.4-h9",
            "PAN-OS 11.1.4-h8",
            "PAN-OS 11.1.4-h7",
            "PAN-OS 11.1.4-h6",
            "PAN-OS 11.1.4-h5",
            "PAN-OS 11.1.4-h4",
            "PAN-OS 11.1.4-h3",
            "PAN-OS 11.1.4-h2",
            "PAN-OS 11.1.4-h1",
            "PAN-OS 11.1.4",
            "PAN-OS 11.1.3-h13",
            "PAN-OS 11.1.3-h12",
            "PAN-OS 11.1.3-h11",
            "PAN-OS 11.1.3-h10",
            "PAN-OS 11.1.3-h9",
            "PAN-OS 11.1.3-h8",
            "PAN-OS 11.1.3-h7",
            "PAN-OS 11.1.3-h6",
            "PAN-OS 11.1.3-h5",
            "PAN-OS 11.1.3-h4",
            "PAN-OS 11.1.3-h3",
            "PAN-OS 11.1.3-h2",
            "PAN-OS 11.1.3-h1",
            "PAN-OS 11.1.3",
            "PAN-OS 11.1.2-h18",
            "PAN-OS 11.1.2-h17",
            "PAN-OS 11.1.2-h16",
            "PAN-OS 11.1.2-h15",
            "PAN-OS 11.1.2-h14",
            "PAN-OS 11.1.2-h13",
            "PAN-OS 11.1.2-h12",
            "PAN-OS 11.1.2-h11",
            "PAN-OS 11.1.2-h10",
            "PAN-OS 11.1.2-h9",
            "PAN-OS 11.1.2-h8",
            "PAN-OS 11.1.2-h7",
            "PAN-OS 11.1.2-h6",
            "PAN-OS 11.1.2-h5",
            "PAN-OS 11.1.2-h4",
            "PAN-OS 11.1.2-h3",
            "PAN-OS 11.1.2-h2",
            "PAN-OS 11.1.2-h1",
            "PAN-OS 11.1.2",
            "PAN-OS 11.1.1-h2",
            "PAN-OS 11.1.1-h1",
            "PAN-OS 11.1.1",
            "PAN-OS 11.1.0-h4",
            "PAN-OS 11.1.0-h3",
            "PAN-OS 11.1.0-h2",
            "PAN-OS 11.1.0-h1",
            "PAN-OS 11.1.0",
            "PAN-OS 10.2.17",
            "PAN-OS 10.2.16-h4",
            "PAN-OS 10.2.16-h1",
            "PAN-OS 10.2.16",
            "PAN-OS 10.2.15",
            "PAN-OS 10.2.14-h1",
            "PAN-OS 10.2.14",
            "PAN-OS 10.2.13-h18",
            "PAN-OS 10.2.13-h16",
            "PAN-OS 10.2.13-h15",
            "PAN-OS 10.2.13-h10",
            "PAN-OS 10.2.13-h7",
            "PAN-OS 10.2.13-h5",
            "PAN-OS 10.2.13-h4",
            "PAN-OS 10.2.13-h3",
            "PAN-OS 10.2.13-h2",
            "PAN-OS 10.2.13-h1",
            "PAN-OS 10.2.13",
            "PAN-OS 10.2.12-h6",
            "PAN-OS 10.2.12-h5",
            "PAN-OS 10.2.12-h4",
            "PAN-OS 10.2.12-h3",
            "PAN-OS 10.2.12-h2",
            "PAN-OS 10.2.12-h1",
            "PAN-OS 10.2.12",
            "PAN-OS 10.2.11-h13",
            "PAN-OS 10.2.11-h12",
            "PAN-OS 10.2.11-h11",
            "PAN-OS 10.2.11-h10",
            "PAN-OS 10.2.11-h9",
            "PAN-OS 10.2.11-h8",
            "PAN-OS 10.2.11-h7",
            "PAN-OS 10.2.11-h6",
            "PAN-OS 10.2.11-h5",
            "PAN-OS 10.2.11-h4",
            "PAN-OS 10.2.11-h3",
            "PAN-OS 10.2.11-h2",
            "PAN-OS 10.2.11-h1",
            "PAN-OS 10.2.11",
            "PAN-OS 10.2.10-h31",
            "PAN-OS 10.2.10-h30",
            "PAN-OS 10.2.10-h27",
            "PAN-OS 10.2.10-h26",
            "PAN-OS 10.2.10-h23",
            "PAN-OS 10.2.10-h21",
            "PAN-OS 10.2.10-h18",
            "PAN-OS 10.2.10-h17",
            "PAN-OS 10.2.10-h14",
            "PAN-OS 10.2.10-h13",
            "PAN-OS 10.2.10-h12",
            "PAN-OS 10.2.10-h11",
            "PAN-OS 10.2.10-h10",
            "PAN-OS 10.2.10-h9",
            "PAN-OS 10.2.10-h8",
            "PAN-OS 10.2.10-h7",
            "PAN-OS 10.2.10-h6",
            "PAN-OS 10.2.10-h5",
            "PAN-OS 10.2.10-h4",
            "PAN-OS 10.2.10-h3",
            "PAN-OS 10.2.10-h2",
            "PAN-OS 10.2.10-h1",
            "PAN-OS 10.2.10",
            "PAN-OS 10.2.9-h21",
            "PAN-OS 10.2.9-h20",
            "PAN-OS 10.2.9-h19",
            "PAN-OS 10.2.9-h18",
            "PAN-OS 10.2.9-h17",
            "PAN-OS 10.2.9-h16",
            "PAN-OS 10.2.9-h15",
            "PAN-OS 10.2.9-h14",
            "PAN-OS 10.2.9-h13",
            "PAN-OS 10.2.9-h12",
            "PAN-OS 10.2.9-h11",
            "PAN-OS 10.2.9-h10",
            "PAN-OS 10.2.9-h9",
            "PAN-OS 10.2.9-h8",
            "PAN-OS 10.2.9-h7",
            "PAN-OS 10.2.9-h6",
            "PAN-OS 10.2.9-h5",
            "PAN-OS 10.2.9-h4",
            "PAN-OS 10.2.9-h3",
            "PAN-OS 10.2.9-h2",
            "PAN-OS 10.2.9-h1",
            "PAN-OS 10.2.9",
            "PAN-OS 10.2.8-h21",
            "PAN-OS 10.2.8-h20",
            "PAN-OS 10.2.8-h19",
            "PAN-OS 10.2.8-h18",
            "PAN-OS 10.2.8-h17",
            "PAN-OS 10.2.8-h16",
            "PAN-OS 10.2.8-h15",
            "PAN-OS 10.2.8-h14",
            "PAN-OS 10.2.8-h13",
            "PAN-OS 10.2.8-h12",
            "PAN-OS 10.2.8-h11",
            "PAN-OS 10.2.8-h10",
            "PAN-OS 10.2.8-h9",
            "PAN-OS 10.2.8-h8",
            "PAN-OS 10.2.8-h7",
            "PAN-OS 10.2.8-h6",
            "PAN-OS 10.2.8-h5",
            "PAN-OS 10.2.8-h4",
            "PAN-OS 10.2.8-h3",
            "PAN-OS 10.2.8-h2",
            "PAN-OS 10.2.8-h1",
            "PAN-OS 10.2.8",
            "PAN-OS 10.2.7-h32",
            "PAN-OS 10.2.7-h24",
            "PAN-OS 10.2.7-h23",
            "PAN-OS 10.2.7-h22",
            "PAN-OS 10.2.7-h21",
            "PAN-OS 10.2.7-h20",
            "PAN-OS 10.2.7-h19",
            "PAN-OS 10.2.7-h18",
            "PAN-OS 10.2.7-h17",
            "PAN-OS 10.2.7-h16",
            "PAN-OS 10.2.7-h15",
            "PAN-OS 10.2.7-h14",
            "PAN-OS 10.2.7-h13",
            "PAN-OS 10.2.7-h12",
            "PAN-OS 10.2.7-h11",
            "PAN-OS 10.2.7-h10",
            "PAN-OS 10.2.7-h9",
            "PAN-OS 10.2.7-h8",
            "PAN-OS 10.2.7-h7",
            "PAN-OS 10.2.7-h6",
            "PAN-OS 10.2.7-h5",
            "PAN-OS 10.2.7-h4",
            "PAN-OS 10.2.7-h3",
            "PAN-OS 10.2.7-h2",
            "PAN-OS 10.2.7-h1",
            "PAN-OS 10.2.7",
            "PAN-OS 10.2.6-h6",
            "PAN-OS 10.2.6-h5",
            "PAN-OS 10.2.6-h4",
            "PAN-OS 10.2.6-h3",
            "PAN-OS 10.2.6-h2",
            "PAN-OS 10.2.6-h1",
            "PAN-OS 10.2.6",
            "PAN-OS 10.2.5-h9",
            "PAN-OS 10.2.5-h8",
            "PAN-OS 10.2.5-h7",
            "PAN-OS 10.2.5-h6",
            "PAN-OS 10.2.5-h5",
            "PAN-OS 10.2.5-h4",
            "PAN-OS 10.2.5-h3",
            "PAN-OS 10.2.5-h2",
            "PAN-OS 10.2.5-h1",
            "PAN-OS 10.2.5",
            "PAN-OS 10.2.4-h32",
            "PAN-OS 10.2.4-h31",
            "PAN-OS 10.2.4-h30",
            "PAN-OS 10.2.4-h29",
            "PAN-OS 10.2.4-h28",
            "PAN-OS 10.2.4-h27",
            "PAN-OS 10.2.4-h26",
            "PAN-OS 10.2.4-h25",
            "PAN-OS 10.2.4-h24",
            "PAN-OS 10.2.4-h23",
            "PAN-OS 10.2.4-h22",
            "PAN-OS 10.2.4-h21",
            "PAN-OS 10.2.4-h20",
            "PAN-OS 10.2.4-h19",
            "PAN-OS 10.2.4-h18",
            "PAN-OS 10.2.4-h17",
            "PAN-OS 10.2.4-h16",
            "PAN-OS 10.2.4-h15",
            "PAN-OS 10.2.4-h14",
            "PAN-OS 10.2.4-h13",
            "PAN-OS 10.2.4-h12",
            "PAN-OS 10.2.4-h11",
            "PAN-OS 10.2.4-h10",
            "PAN-OS 10.2.4-h9",
            "PAN-OS 10.2.4-h8",
            "PAN-OS 10.2.4-h7",
            "PAN-OS 10.2.4-h6",
            "PAN-OS 10.2.4-h5",
            "PAN-OS 10.2.4-h4",
            "PAN-OS 10.2.4-h3",
            "PAN-OS 10.2.4-h2",
            "PAN-OS 10.2.4-h1",
            "PAN-OS 10.2.4",
            "PAN-OS 10.2.3-h14",
            "PAN-OS 10.2.3-h13",
            "PAN-OS 10.2.3-h12",
            "PAN-OS 10.2.3-h11",
            "PAN-OS 10.2.3-h10",
            "PAN-OS 10.2.3-h9",
            "PAN-OS 10.2.3-h8",
            "PAN-OS 10.2.3-h7",
            "PAN-OS 10.2.3-h6",
            "PAN-OS 10.2.3-h5",
            "PAN-OS 10.2.3-h4",
            "PAN-OS 10.2.3-h3",
            "PAN-OS 10.2.3-h2",
            "PAN-OS 10.2.3-h1",
            "PAN-OS 10.2.3",
            "PAN-OS 10.2.2-h6",
            "PAN-OS 10.2.2-h5",
            "PAN-OS 10.2.2-h4",
            "PAN-OS 10.2.2-h3",
            "PAN-OS 10.2.2-h2",
            "PAN-OS 10.2.2-h1",
            "PAN-OS 10.2.2",
            "PAN-OS 10.2.1-h3",
            "PAN-OS 10.2.1-h2",
            "PAN-OS 10.2.1-h1",
            "PAN-OS 10.2.1",
            "PAN-OS 10.2.0-h4",
            "PAN-OS 10.2.0-h3",
            "PAN-OS 10.2.0-h2",
            "PAN-OS 10.2.0-h1",
            "PAN-OS 10.2.0"
          ],
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "assignerShortName": "palo_alto",
        "cveId": "CVE-2026-0269",
        "datePublished": "2026-06-10T20:54:29.102Z",
        "dateReserved": "2025-11-03T20:44:29.323Z",
        "dateUpdated": "2026-06-11T13:55:47.585Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-0266 (GCVE-0-2026-0266)

    Vulnerability from nvd – Published: 2026-06-10 20:30 – Updated: 2026-06-11 14:36
    VLAI
    Title
    PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in the Web Interface
    Summary
    A cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS® software enables a malicious authenticated administrator to store a JavaScript payload using the web interface. This issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series). Cloud NGFW and Prisma® Access are not affected by this vulnerability.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    References
    Impacted products
    Vendor Product Version
    Palo Alto Networks Cloud NGFW Unaffected: All (custom)
    Create a notification for this product.
    Palo Alto Networks PAN-OS Affected: 12.1.0 , < 12.1.5 (custom)
    Affected: 11.2.0 , < 11.2.11 (custom)
    Affected: 11.1.0 , < 11.1.14 (custom)
    Affected: 10.2.0 (custom)
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.17:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.15:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.14:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Palo Alto Networks Prisma Access Unaffected: All (custom)
    Create a notification for this product.
    Date Public
    2026-06-10 16:00
    Credits
    Palo Alto Networks thanks Rajnish Gupta (internal reporter), James Otten (internal reporter), and Jasper Westerman of REQON B.V. for discovering and reporting this issue.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-0266",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-11T14:34:49.983330Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-11T14:36:48.227Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Cloud NGFW",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "All",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.17:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.15:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.14:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "PAN-OS",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "12.1.5",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "12.1.5",
                  "status": "affected",
                  "version": "12.1.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "11.2.11",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "11.2.11",
                  "status": "affected",
                  "version": "11.2.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "11.1.14",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "11.1.14",
                  "status": "affected",
                  "version": "11.1.0",
                  "versionType": "custom"
                },
                {
                  "status": "affected",
                  "version": "10.2.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Prisma Access",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "All",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "configurations": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eNo special configuration is required to be affected by this issue.\u003c/p\u003e"
                }
              ],
              "value": "No special configuration is required to be affected by this issue."
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "12.1.5",
                      "versionStartIncluding": "12.1.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.11",
                      "versionStartIncluding": "11.2.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.14",
                      "versionStartIncluding": "11.1.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionStartIncluding": "10.2.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "other",
              "value": "Palo Alto Networks thanks Rajnish Gupta (internal reporter), James Otten (internal reporter), and Jasper Westerman of REQON B.V. for discovering and reporting this issue."
            }
          ],
          "datePublic": "2026-06-10T16:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS\u00ae software enables a malicious authenticated administrator to store a JavaScript payload using the web interface. \u003cbr\u003e\u003cbr\u003eThis issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series).\u003cbr\u003e\u003cbr\u003eCloud NGFW and Prisma\u00ae Access are not affected by this vulnerability."
                }
              ],
              "value": "A cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS\u00ae software enables a malicious authenticated administrator to store a JavaScript payload using the web interface. \n\nThis issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series).\n\nCloud NGFW and Prisma\u00ae Access are not affected by this vulnerability."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003ePalo Alto Networks is not aware of any malicious exploitation of this issue.\u003c/p\u003e"
                }
              ],
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-592",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-592 Stored XSS"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NO",
                "Recovery": "USER",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 1.1,
                "baseSeverity": "LOW",
                "exploitMaturity": "UNREPORTED",
                "privilegesRequired": "HIGH",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "PASSIVE",
                "valueDensity": "DIFFUSE",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "MODERATE"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "The risk is highest when you allow access to the management interface from external IP addresses on the internet."
                }
              ]
            },
            {
              "cvssV4_0": {
                "Automatable": "NO",
                "Recovery": "USER",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 0.4,
                "baseSeverity": "LOW",
                "exploitMaturity": "UNREPORTED",
                "privilegesRequired": "HIGH",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "PASSIVE",
                "valueDensity": "DIFFUSE",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "MODERATE"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "You can greatly reduce the risk of exploitation by restricting access to a jump box that is the only system allowed to access the management interface. This will ensure that attacks can succeed only if they obtain privileged access through those specified IP addresses."
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-10T20:30:04.127Z",
            "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
            "shortName": "palo_alto"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://security.paloaltonetworks.com/CVE-2026-0266"
            }
          ],
          "solutions": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003ctable\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eVersion\u003cbr\u003e\u003c/th\u003e\u003cth\u003eMinor Version\u003cbr\u003e\u003c/th\u003e\u003cth\u003eSuggested Solution\u003cbr\u003e\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003eCloud NGFW\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePAN-OS 12.1\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e12.1.2 through 12.1.4\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 12.1.5 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePAN-OS 11.2\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.2.0 through 11.2.10\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.2.11 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePAN-OS 11.1\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.0 through 11.1.13\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.14 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePAN-OS 10.2\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e10.2.0 through 10.2.18\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.14, 11.2.11, 12.1.5 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eAll older\u003cbr\u003eunsupported\u003cbr\u003ePAN-OS versions\u003c/td\u003e\u003ctd\u003e\u0026nbsp;\u003c/td\u003e\u003ctd\u003eUpgrade to a supported fixed version.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePrisma Access\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e"
                }
              ],
              "value": "VERSION           MINOR VERSION            SUGGESTED SOLUTION\nCloud NGFW                                 No action needed.\nPAN-OS 12.1       12.1.2 through 12.1.4    Upgrade to 12.1.5 or later.\nPAN-OS 11.2       11.2.0 through 11.2.10   Upgrade to 11.2.11 or later.\nPAN-OS 11.1       11.1.0 through 11.1.13   Upgrade to 11.1.14 or later.\nPAN-OS 10.2       10.2.0 through 10.2.18   Upgrade to 11.1.14, 11.2.11, 12.1.5 or later.\nAll older         \u00a0                        Upgrade to a supported fixed version.\nunsupported\nPAN-OS versions\nPrisma Access                              No action needed."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "timeline": [
            {
              "lang": "en",
              "time": "2026-06-10T16:00:00.000Z",
              "value": "Initial publication."
            }
          ],
          "title": "PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in the Web Interface",
          "workarounds": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eNo known workarounds or mitigations exist for this issue.\u003c/p\u003e"
                }
              ],
              "value": "No known workarounds or mitigations exist for this issue."
            }
          ],
          "x_affectedList": [
            "PAN-OS 12.1.4-h6",
            "PAN-OS 12.1.4-h5",
            "PAN-OS 12.1.4-h3",
            "PAN-OS 12.1.4-h2",
            "PAN-OS 12.1.4",
            "PAN-OS 12.1.3-h3",
            "PAN-OS 12.1.3-h1",
            "PAN-OS 12.1.3",
            "PAN-OS 12.1.2",
            "PAN-OS 11.2.10-h8",
            "PAN-OS 11.2.10-h7",
            "PAN-OS 11.2.10-h6",
            "PAN-OS 11.2.10-h5",
            "PAN-OS 11.2.10-h4",
            "PAN-OS 11.2.10-h3",
            "PAN-OS 11.2.10-h2",
            "PAN-OS 11.2.10-h1",
            "PAN-OS 11.2.10",
            "PAN-OS 11.2.9",
            "PAN-OS 11.2.8",
            "PAN-OS 11.2.7-h15",
            "PAN-OS 11.2.7-h14",
            "PAN-OS 11.2.7-h13",
            "PAN-OS 11.2.7-h12",
            "PAN-OS 11.2.7-h11",
            "PAN-OS 11.2.7-h10",
            "PAN-OS 11.2.7-h8",
            "PAN-OS 11.2.7-h7",
            "PAN-OS 11.2.7-h4",
            "PAN-OS 11.2.7-h3",
            "PAN-OS 11.2.7-h2",
            "PAN-OS 11.2.7-h1",
            "PAN-OS 11.2.7",
            "PAN-OS 11.2.6",
            "PAN-OS 11.2.5",
            "PAN-OS 11.2.4-h17",
            "PAN-OS 11.2.4-h15",
            "PAN-OS 11.2.4-h14",
            "PAN-OS 11.2.4-h12",
            "PAN-OS 11.2.4-h11",
            "PAN-OS 11.2.4-h10",
            "PAN-OS 11.2.4-h9",
            "PAN-OS 11.2.4-h8",
            "PAN-OS 11.2.4-h7",
            "PAN-OS 11.2.4-h6",
            "PAN-OS 11.2.4-h5",
            "PAN-OS 11.2.4-h4",
            "PAN-OS 11.2.4-h3",
            "PAN-OS 11.2.4-h2",
            "PAN-OS 11.2.4-h1",
            "PAN-OS 11.2.4",
            "PAN-OS 11.2.3-h5",
            "PAN-OS 11.2.3-h4",
            "PAN-OS 11.2.3-h3",
            "PAN-OS 11.2.3-h2",
            "PAN-OS 11.2.3-h1",
            "PAN-OS 11.2.3",
            "PAN-OS 11.2.2-h2",
            "PAN-OS 11.2.2-h1",
            "PAN-OS 11.2.1-h1",
            "PAN-OS 11.2.1",
            "PAN-OS 11.2.0-h1",
            "PAN-OS 11.2.0",
            "PAN-OS 11.1.13-h6",
            "PAN-OS 11.1.13-h5",
            "PAN-OS 11.1.13-h3",
            "PAN-OS 11.1.13-h2",
            "PAN-OS 11.1.13-h1",
            "PAN-OS 11.1.13",
            "PAN-OS 11.1.12",
            "PAN-OS 11.1.11",
            "PAN-OS 11.1.10-h26",
            "PAN-OS 11.1.10-h25",
            "PAN-OS 11.1.10-h21",
            "PAN-OS 11.1.10-h12",
            "PAN-OS 11.1.10-h10",
            "PAN-OS 11.1.10-h9",
            "PAN-OS 11.1.10-h7",
            "PAN-OS 11.1.10-h5",
            "PAN-OS 11.1.10-h4",
            "PAN-OS 11.1.10-h1",
            "PAN-OS 11.1.10",
            "PAN-OS 11.1.9",
            "PAN-OS 11.1.8",
            "PAN-OS 11.1.6-h32",
            "PAN-OS 11.1.6-h29",
            "PAN-OS 11.1.6-h25",
            "PAN-OS 11.1.6-h23",
            "PAN-OS 11.1.6-h22",
            "PAN-OS 11.1.6-h21",
            "PAN-OS 11.1.6-h20",
            "PAN-OS 11.1.6-h19",
            "PAN-OS 11.1.6-h18",
            "PAN-OS 11.1.6-h17",
            "PAN-OS 11.1.6-h14",
            "PAN-OS 11.1.6-h10",
            "PAN-OS 11.1.6-h7",
            "PAN-OS 11.1.6-h6",
            "PAN-OS 11.1.6-h4",
            "PAN-OS 11.1.6-h3",
            "PAN-OS 11.1.6-h2",
            "PAN-OS 11.1.6-h1",
            "PAN-OS 11.1.6",
            "PAN-OS 11.1.5-h1",
            "PAN-OS 11.1.5",
            "PAN-OS 11.1.4-h33",
            "PAN-OS 11.1.4-h32",
            "PAN-OS 11.1.4-h27",
            "PAN-OS 11.1.4-h25",
            "PAN-OS 11.1.4-h18",
            "PAN-OS 11.1.4-h17",
            "PAN-OS 11.1.4-h15",
            "PAN-OS 11.1.4-h13",
            "PAN-OS 11.1.4-h12",
            "PAN-OS 11.1.4-h11",
            "PAN-OS 11.1.4-h10",
            "PAN-OS 11.1.4-h9",
            "PAN-OS 11.1.4-h8",
            "PAN-OS 11.1.4-h7",
            "PAN-OS 11.1.4-h6",
            "PAN-OS 11.1.4-h5",
            "PAN-OS 11.1.4-h4",
            "PAN-OS 11.1.4-h3",
            "PAN-OS 11.1.4-h2",
            "PAN-OS 11.1.4-h1",
            "PAN-OS 11.1.4",
            "PAN-OS 11.1.3-h13",
            "PAN-OS 11.1.3-h12",
            "PAN-OS 11.1.3-h11",
            "PAN-OS 11.1.3-h10",
            "PAN-OS 11.1.3-h9",
            "PAN-OS 11.1.3-h8",
            "PAN-OS 11.1.3-h7",
            "PAN-OS 11.1.3-h6",
            "PAN-OS 11.1.3-h5",
            "PAN-OS 11.1.3-h4",
            "PAN-OS 11.1.3-h3",
            "PAN-OS 11.1.3-h2",
            "PAN-OS 11.1.3-h1",
            "PAN-OS 11.1.3",
            "PAN-OS 11.1.2-h18",
            "PAN-OS 11.1.2-h17",
            "PAN-OS 11.1.2-h16",
            "PAN-OS 11.1.2-h15",
            "PAN-OS 11.1.2-h14",
            "PAN-OS 11.1.2-h13",
            "PAN-OS 11.1.2-h12",
            "PAN-OS 11.1.2-h11",
            "PAN-OS 11.1.2-h10",
            "PAN-OS 11.1.2-h9",
            "PAN-OS 11.1.2-h8",
            "PAN-OS 11.1.2-h7",
            "PAN-OS 11.1.2-h6",
            "PAN-OS 11.1.2-h5",
            "PAN-OS 11.1.2-h4",
            "PAN-OS 11.1.2-h3",
            "PAN-OS 11.1.2-h2",
            "PAN-OS 11.1.2-h1",
            "PAN-OS 11.1.2",
            "PAN-OS 11.1.1-h2",
            "PAN-OS 11.1.1-h1",
            "PAN-OS 11.1.1",
            "PAN-OS 11.1.0-h4",
            "PAN-OS 11.1.0-h3",
            "PAN-OS 11.1.0-h2",
            "PAN-OS 11.1.0-h1",
            "PAN-OS 11.1.0",
            "PAN-OS 10.2.18-h6",
            "PAN-OS 10.2.18-h5",
            "PAN-OS 10.2.18-h1",
            "PAN-OS 10.2.18",
            "PAN-OS 10.2.17",
            "PAN-OS 10.2.16-h7",
            "PAN-OS 10.2.16-h6",
            "PAN-OS 10.2.16-h4",
            "PAN-OS 10.2.16-h1",
            "PAN-OS 10.2.16",
            "PAN-OS 10.2.15",
            "PAN-OS 10.2.14-h1",
            "PAN-OS 10.2.14",
            "PAN-OS 10.2.13-h21",
            "PAN-OS 10.2.13-h18",
            "PAN-OS 10.2.13-h16",
            "PAN-OS 10.2.13-h15",
            "PAN-OS 10.2.13-h10",
            "PAN-OS 10.2.13-h7",
            "PAN-OS 10.2.13-h5",
            "PAN-OS 10.2.13-h4",
            "PAN-OS 10.2.13-h3",
            "PAN-OS 10.2.13-h2",
            "PAN-OS 10.2.13-h1",
            "PAN-OS 10.2.13",
            "PAN-OS 10.2.12-h6",
            "PAN-OS 10.2.12-h5",
            "PAN-OS 10.2.12-h4",
            "PAN-OS 10.2.12-h3",
            "PAN-OS 10.2.12-h2",
            "PAN-OS 10.2.12-h1",
            "PAN-OS 10.2.12",
            "PAN-OS 10.2.11-h13",
            "PAN-OS 10.2.11-h12",
            "PAN-OS 10.2.11-h11",
            "PAN-OS 10.2.11-h10",
            "PAN-OS 10.2.11-h9",
            "PAN-OS 10.2.11-h8",
            "PAN-OS 10.2.11-h7",
            "PAN-OS 10.2.11-h6",
            "PAN-OS 10.2.11-h5",
            "PAN-OS 10.2.11-h4",
            "PAN-OS 10.2.11-h3",
            "PAN-OS 10.2.11-h2",
            "PAN-OS 10.2.11-h1",
            "PAN-OS 10.2.11",
            "PAN-OS 10.2.10-h36",
            "PAN-OS 10.2.10-h31",
            "PAN-OS 10.2.10-h30",
            "PAN-OS 10.2.10-h27",
            "PAN-OS 10.2.10-h26",
            "PAN-OS 10.2.10-h23",
            "PAN-OS 10.2.10-h21",
            "PAN-OS 10.2.10-h18",
            "PAN-OS 10.2.10-h17",
            "PAN-OS 10.2.10-h14",
            "PAN-OS 10.2.10-h13",
            "PAN-OS 10.2.10-h12",
            "PAN-OS 10.2.10-h11",
            "PAN-OS 10.2.10-h10",
            "PAN-OS 10.2.10-h9",
            "PAN-OS 10.2.10-h8",
            "PAN-OS 10.2.10-h7",
            "PAN-OS 10.2.10-h6",
            "PAN-OS 10.2.10-h5",
            "PAN-OS 10.2.10-h4",
            "PAN-OS 10.2.10-h3",
            "PAN-OS 10.2.10-h2",
            "PAN-OS 10.2.10-h1",
            "PAN-OS 10.2.10",
            "PAN-OS 10.2.9-h21",
            "PAN-OS 10.2.9-h20",
            "PAN-OS 10.2.9-h19",
            "PAN-OS 10.2.9-h18",
            "PAN-OS 10.2.9-h17",
            "PAN-OS 10.2.9-h16",
            "PAN-OS 10.2.9-h15",
            "PAN-OS 10.2.9-h14",
            "PAN-OS 10.2.9-h13",
            "PAN-OS 10.2.9-h12",
            "PAN-OS 10.2.9-h11",
            "PAN-OS 10.2.9-h10",
            "PAN-OS 10.2.9-h9",
            "PAN-OS 10.2.9-h8",
            "PAN-OS 10.2.9-h7",
            "PAN-OS 10.2.9-h6",
            "PAN-OS 10.2.9-h5",
            "PAN-OS 10.2.9-h4",
            "PAN-OS 10.2.9-h3",
            "PAN-OS 10.2.9-h2",
            "PAN-OS 10.2.9-h1",
            "PAN-OS 10.2.9",
            "PAN-OS 10.2.8-h21",
            "PAN-OS 10.2.8-h20",
            "PAN-OS 10.2.8-h19",
            "PAN-OS 10.2.8-h18",
            "PAN-OS 10.2.8-h17",
            "PAN-OS 10.2.8-h16",
            "PAN-OS 10.2.8-h15",
            "PAN-OS 10.2.8-h14",
            "PAN-OS 10.2.8-h13",
            "PAN-OS 10.2.8-h12",
            "PAN-OS 10.2.8-h11",
            "PAN-OS 10.2.8-h10",
            "PAN-OS 10.2.8-h9",
            "PAN-OS 10.2.8-h8",
            "PAN-OS 10.2.8-h7",
            "PAN-OS 10.2.8-h6",
            "PAN-OS 10.2.8-h5",
            "PAN-OS 10.2.8-h4",
            "PAN-OS 10.2.8-h3",
            "PAN-OS 10.2.8-h2",
            "PAN-OS 10.2.8-h1",
            "PAN-OS 10.2.8",
            "PAN-OS 10.2.7-h34",
            "PAN-OS 10.2.7-h32",
            "PAN-OS 10.2.7-h24",
            "PAN-OS 10.2.7-h23",
            "PAN-OS 10.2.7-h22",
            "PAN-OS 10.2.7-h21",
            "PAN-OS 10.2.7-h20",
            "PAN-OS 10.2.7-h19",
            "PAN-OS 10.2.7-h18",
            "PAN-OS 10.2.7-h17",
            "PAN-OS 10.2.7-h16",
            "PAN-OS 10.2.7-h15",
            "PAN-OS 10.2.7-h14",
            "PAN-OS 10.2.7-h13",
            "PAN-OS 10.2.7-h12",
            "PAN-OS 10.2.7-h11",
            "PAN-OS 10.2.7-h10",
            "PAN-OS 10.2.7-h9",
            "PAN-OS 10.2.7-h8",
            "PAN-OS 10.2.7-h7",
            "PAN-OS 10.2.7-h6",
            "PAN-OS 10.2.7-h5",
            "PAN-OS 10.2.7-h4",
            "PAN-OS 10.2.7-h3",
            "PAN-OS 10.2.7-h2",
            "PAN-OS 10.2.7-h1",
            "PAN-OS 10.2.7",
            "PAN-OS 10.2.6-h6",
            "PAN-OS 10.2.6-h5",
            "PAN-OS 10.2.6-h4",
            "PAN-OS 10.2.6-h3",
            "PAN-OS 10.2.6-h2",
            "PAN-OS 10.2.6-h1",
            "PAN-OS 10.2.6",
            "PAN-OS 10.2.5-h9",
            "PAN-OS 10.2.5-h8",
            "PAN-OS 10.2.5-h7",
            "PAN-OS 10.2.5-h6",
            "PAN-OS 10.2.5-h5",
            "PAN-OS 10.2.5-h4",
            "PAN-OS 10.2.5-h3",
            "PAN-OS 10.2.5-h2",
            "PAN-OS 10.2.5-h1",
            "PAN-OS 10.2.5",
            "PAN-OS 10.2.4-h32",
            "PAN-OS 10.2.4-h31",
            "PAN-OS 10.2.4-h30",
            "PAN-OS 10.2.4-h29",
            "PAN-OS 10.2.4-h28",
            "PAN-OS 10.2.4-h27",
            "PAN-OS 10.2.4-h26",
            "PAN-OS 10.2.4-h25",
            "PAN-OS 10.2.4-h24",
            "PAN-OS 10.2.4-h23",
            "PAN-OS 10.2.4-h22",
            "PAN-OS 10.2.4-h21",
            "PAN-OS 10.2.4-h20",
            "PAN-OS 10.2.4-h19",
            "PAN-OS 10.2.4-h18",
            "PAN-OS 10.2.4-h17",
            "PAN-OS 10.2.4-h16",
            "PAN-OS 10.2.4-h15",
            "PAN-OS 10.2.4-h14",
            "PAN-OS 10.2.4-h13",
            "PAN-OS 10.2.4-h12",
            "PAN-OS 10.2.4-h11",
            "PAN-OS 10.2.4-h10",
            "PAN-OS 10.2.4-h9",
            "PAN-OS 10.2.4-h8",
            "PAN-OS 10.2.4-h7",
            "PAN-OS 10.2.4-h6",
            "PAN-OS 10.2.4-h5",
            "PAN-OS 10.2.4-h4",
            "PAN-OS 10.2.4-h3",
            "PAN-OS 10.2.4-h2",
            "PAN-OS 10.2.4-h1",
            "PAN-OS 10.2.4",
            "PAN-OS 10.2.3-h14",
            "PAN-OS 10.2.3-h13",
            "PAN-OS 10.2.3-h12",
            "PAN-OS 10.2.3-h11",
            "PAN-OS 10.2.3-h10",
            "PAN-OS 10.2.3-h9",
            "PAN-OS 10.2.3-h8",
            "PAN-OS 10.2.3-h7",
            "PAN-OS 10.2.3-h6",
            "PAN-OS 10.2.3-h5",
            "PAN-OS 10.2.3-h4",
            "PAN-OS 10.2.3-h3",
            "PAN-OS 10.2.3-h2",
            "PAN-OS 10.2.3-h1",
            "PAN-OS 10.2.3",
            "PAN-OS 10.2.2-h6",
            "PAN-OS 10.2.2-h5",
            "PAN-OS 10.2.2-h4",
            "PAN-OS 10.2.2-h3",
            "PAN-OS 10.2.2-h2",
            "PAN-OS 10.2.2-h1",
            "PAN-OS 10.2.2",
            "PAN-OS 10.2.1-h3",
            "PAN-OS 10.2.1-h2",
            "PAN-OS 10.2.1-h1",
            "PAN-OS 10.2.1",
            "PAN-OS 10.2.0-h4",
            "PAN-OS 10.2.0-h3",
            "PAN-OS 10.2.0-h2",
            "PAN-OS 10.2.0-h1",
            "PAN-OS 10.2.0"
          ],
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "assignerShortName": "palo_alto",
        "cveId": "CVE-2026-0266",
        "datePublished": "2026-06-10T20:30:04.127Z",
        "dateReserved": "2025-11-03T20:44:26.433Z",
        "dateUpdated": "2026-06-11T14:36:48.227Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-0262 (GCVE-0-2026-0262)

    Vulnerability from nvd – Published: 2026-05-13 17:49 – Updated: 2026-06-09 09:02
    VLAI
    Title
    PAN-OS: Denial of Service Vulnerabilities in Network Traffic Parsing
    Summary
    Multiple denial of service vulnerabilities in Palo Alto Networks PAN-OS® software allow an unauthenticated attacker with network access to cause a denial of service (DoS) condition by sending specially crafted network traffic. Panorama and Cloud NGFW are not impacted by these vulnerabilities.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-754 - Improper Check for Unusual or Exceptional Conditions
    Assigner
    Impacted products
    Vendor Product Version
    Palo Alto Networks Cloud NGFW Unaffected: All (custom)
    Create a notification for this product.
    Palo Alto Networks PAN-OS Affected: 12.1.0 , < 12.1.7, 12.1.4-h5 (custom)
    Affected: 11.2.0 , < 11.2.12, 11.2.10-h6, 11.2.7-h13, 11.2.4-h17 (custom)
    Affected: 11.1.0 , < 11.1.15, 11.1.13-h5, 11.1.10-h25, 11.1.7-h6, 11.1.6-h32, 11.1.4-h33 (custom)
    Affected: 10.2.0 , < 10.2.18-h6, 10.2.16-h7, 10.2.13-h21, 10.2.10-h36, 10.2.7-h34 (custom)
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.14:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h29:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h25:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h23:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h22:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h20:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h19:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h32:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h27:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h25:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.17:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.15:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.14:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h16:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h31:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h30:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h27:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h26:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h23:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h32:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h24:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h23:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h22:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h20:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h19:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h16:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Palo Alto Networks Prisma Access Affected: 10.2.0 , < 10.2.10-h36 (custom)
    Affected: 11.2.0 , < 11.2.7-h13 (custom)
    Create a notification for this product.
    Siemens RUGGEDCOM APE1808 Affected: 0 , < * (custom)
    Create a notification for this product.
    Date Public
    2026-05-13 16:00
    Credits
    Palo Alto Networks thanks our internal security research teams for discovering and reporting this issue.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-0262",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-13T18:48:50.434924Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-13T18:49:05.116Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "defaultStatus": "unknown",
                "product": "RUGGEDCOM APE1808",
                "vendor": "Siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-09T09:02:46.762Z",
              "orgId": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e",
              "shortName": "siemens-SADP"
            },
            "references": [
              {
                "url": "https://cert-portal.siemens.com/productcert/html/ssa-967325.html"
              }
            ],
            "x_adpType": "supplier"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Azure/AWS"
              ],
              "product": "Cloud NGFW",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "All",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.14:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h29:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h25:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h23:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h22:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h20:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h19:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h32:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h27:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h25:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.17:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.15:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.14:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h16:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h31:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h30:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h27:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h26:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h23:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h32:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h24:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h23:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h22:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h20:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h19:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h16:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "PAN-OS",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "12.1.7",
                      "status": "unaffected"
                    },
                    {
                      "at": "12.1.4-h5",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "12.1.7, 12.1.4-h5",
                  "status": "affected",
                  "version": "12.1.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "11.2.12",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.2.10-h6",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.2.7-h13",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.2.4-h17",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "11.2.12, 11.2.10-h6, 11.2.7-h13, 11.2.4-h17",
                  "status": "affected",
                  "version": "11.2.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "11.1.15",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.13-h5",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.10-h25",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.7-h6",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.6-h32",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.4-h33",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "11.1.15, 11.1.13-h5, 11.1.10-h25, 11.1.7-h6, 11.1.6-h32, 11.1.4-h33",
                  "status": "affected",
                  "version": "11.1.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "10.2.18-h6",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.16-h7",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.13-h21",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.10-h36",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.7-h34",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "10.2.18-h6, 10.2.16-h7, 10.2.13-h21, 10.2.10-h36, 10.2.7-h34",
                  "status": "affected",
                  "version": "10.2.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Prisma Access",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "10.2.10-h36",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "10.2.10-h36",
                  "status": "affected",
                  "version": "10.2.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "11.2.7-h13",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "11.2.7-h13",
                  "status": "affected",
                  "version": "11.2.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "configurations": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eNo special configuration is required to be affected by this issue.\u003c/p\u003e"
                }
              ],
              "value": "No special configuration is required to be affected by this issue."
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:palo_alto_networks:cloud_ngfw:all:*:azure_aws:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "12.1.7_12.1.4-h5",
                      "versionStartIncluding": "12.1.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.12_11.2.10-h6_11.2.7-h13_11.2.4-h17",
                      "versionStartIncluding": "11.2.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.15_11.1.13-h5_11.1.10-h25_11.1.7-h6_11.1.6-h32_11.1.4-h33",
                      "versionStartIncluding": "11.1.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.18-h6_10.2.16-h7_10.2.13-h21_10.2.10-h36_10.2.7-h34",
                      "versionStartIncluding": "10.2.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:palo_alto_networks:prisma_access:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.10-h36",
                      "versionStartIncluding": "10.2.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:palo_alto_networks:prisma_access:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.7-h13",
                      "versionStartIncluding": "11.2.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "other",
              "value": "Palo Alto Networks thanks our internal security research teams for discovering and reporting this issue."
            }
          ],
          "datePublic": "2026-05-13T16:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eMultiple denial of service vulnerabilities in Palo Alto Networks PAN-OS\u00ae software allow an unauthenticated attacker with network access to cause a denial of service (DoS) condition by sending specially crafted network traffic. \u003cbr\u003e\u003cbr\u003ePanorama and Cloud NGFW are not impacted by these vulnerabilities.\u003c/p\u003e"
                }
              ],
              "value": "Multiple denial of service vulnerabilities in Palo Alto Networks PAN-OS\u00ae software allow an unauthenticated attacker with network access to cause a denial of service (DoS) condition by sending specially crafted network traffic. \n\nPanorama and Cloud NGFW are not impacted by these vulnerabilities."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003ePalo Alto Networks is not aware of any malicious exploitation of these issues.\u003c/p\u003e"
                }
              ],
              "value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-153",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-153 Input Data Manipulation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NO",
                "Recovery": "USER",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 6.6,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "UNREPORTED",
                "privilegesRequired": "NONE",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "CONCENTRATED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:C/RE:M/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "MODERATE"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-754",
                  "description": "CWE-754 Improper Check for Unusual or Exceptional Conditions",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-13T17:49:43.620Z",
            "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
            "shortName": "palo_alto"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://security.paloaltonetworks.com/CVE-2026-0262"
            }
          ],
          "solutions": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003ctable class=\"tbl\"\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eVersion\u003c/th\u003e\u003cth\u003eMinor Version\u003c/th\u003e\u003cth\u003eSuggested Solution\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003e Cloud NGFW\u003c/td\u003e\u003ctd\u003e\u0026nbsp;\u003c/td\u003e\u003ctd\u003eNo action needed\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 12.1\u003c/td\u003e\u003ctd\u003e12.1.5 through 12.1.6\u003c/td\u003e\u003ctd\u003eUpgrade to 12.1.7 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e12.1.2 through 12.1.4-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 12.1.4-h5 or 12.1.7 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 11.2\u003c/td\u003e\u003ctd\u003e11.2.11 or later\u003c/td\u003e\u003ctd\u003eUpgrade to 11.2.12 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.2.8 through 11.2.10-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.2.10-h6 or 11.2.12 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.2.5 through 11.2.7-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.2.7-h13 or 11.2.12 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.2.0 through 11.2.4-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.2.4-h17 or 11.2.12 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 11.1\u003c/td\u003e\u003ctd\u003e11.1.14 or later\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.15 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.1.11 through 11.1.13-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.13-h5 or 11.1.15 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.1.8 through 11.1.10-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.10-h25 or 11.1.15 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e\u003cbr\u003e11.1.7 through 11.1.7-h*\u003cbr\u003e\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.7-h6 or 11.1.15 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.1.5 through 11.1.6-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.6-h32 or 11.1.15 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.1.0 through 11.1.4-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.4-h33 or 11.1.15 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 10.2\u003c/td\u003e\u003ctd\u003e10.2.17 through 10.2.18-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.18-h6 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u0026nbsp;\u003c/td\u003e\u003ctd\u003e10.2.14 through 10.2.16-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.16-h7 or 10.2.18-h6 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e10.2.11 through 10.2.13-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.13-h21 or 10.2.18-h6 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e10.2.8 through 10.2.10-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.10-h36 or 10.2.18-h6 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u0026nbsp;\u003c/td\u003e\u003ctd\u003e10.2.0 through 10.2.7-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.7-h34 or 10.2.18-h6 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePrisma Access 10.2\u003c/td\u003e\u003ctd\u003e\u003cspan\u003e10.2.0 through 10.2.10-h*\u003c/span\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e\u003cspan\u003eUpgrade to 10.2.10-h36 or later.\u003c/span\u003e \u003cbr\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePrisma Access 11.2\u003c/td\u003e\u003ctd\u003e11.2.0 through 11.2.7-h*\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e\u0026nbsp;Upgrade to 11.2.7-h13 or later.\u003cbr\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e All older unsupported PAN-OS versions\u003c/td\u003e\u003ctd\u003e\u0026nbsp;\u003c/td\u003e\u003ctd\u003e Upgrade to a supported fixed version.\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e"
                }
              ],
              "value": "VERSION                                 MINOR VERSION                SUGGESTED SOLUTION\nCloud NGFW                                                           No action needed\nPAN-OS 12.1                             12.1.5 through 12.1.6        Upgrade to 12.1.7 or later.\n                                        12.1.2 through 12.1.4-h*     Upgrade to 12.1.4-h5 or 12.1.7 or later.\nPAN-OS 11.2                             11.2.11 or later             Upgrade to 11.2.12 or later.\n                                        11.2.8 through 11.2.10-h*    Upgrade to 11.2.10-h6 or 11.2.12 or later.\n                                        11.2.5 through 11.2.7-h*     Upgrade to 11.2.7-h13 or 11.2.12 or later.\n                                        11.2.0 through 11.2.4-h*     Upgrade to 11.2.4-h17 or 11.2.12 or later.\nPAN-OS 11.1                             11.1.14 or later             Upgrade to 11.1.15 or later.\n                                        11.1.11 through 11.1.13-h*   Upgrade to 11.1.13-h5 or 11.1.15 or later.\n                                        11.1.8 through 11.1.10-h*    Upgrade to 11.1.10-h25 or 11.1.15 or later.\n                                        11.1.7 through 11.1.7-h*     Upgrade to 11.1.7-h6 or 11.1.15 or later.\n                                        11.1.5 through 11.1.6-h*     Upgrade to 11.1.6-h32 or 11.1.15 or later.\n                                        11.1.0 through 11.1.4-h*     Upgrade to 11.1.4-h33 or 11.1.15 or later.\nPAN-OS 10.2                             10.2.17 through 10.2.18-h*   Upgrade to 10.2.18-h6 or later.\n                                        10.2.14 through 10.2.16-h*   Upgrade to 10.2.16-h7 or 10.2.18-h6 or later.\n                                        10.2.11 through 10.2.13-h*   Upgrade to 10.2.13-h21 or 10.2.18-h6 or later.\n                                        10.2.8 through 10.2.10-h*    Upgrade to 10.2.10-h36 or 10.2.18-h6 or later.\n                                        10.2.0 through 10.2.7-h*     Upgrade to 10.2.7-h34 or 10.2.18-h6 or later.\nPrisma Access 10.2                      10.2.0 through 10.2.10-h*    Upgrade to 10.2.10-h36 or later.\nPrisma Access 11.2                      11.2.0 through 11.2.7-h*      Upgrade to 11.2.7-h13 or later.\nAll older unsupported PAN-OS versions                                Upgrade to a supported fixed version."
            }
          ],
          "source": {
            "discovery": "INTERNAL"
          },
          "timeline": [
            {
              "lang": "en",
              "time": "2026-05-13T16:00:00.000Z",
              "value": "Initial publication."
            }
          ],
          "title": "PAN-OS: Denial of Service Vulnerabilities in Network Traffic Parsing",
          "workarounds": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003e\u003c/p\u003e\u003cp\u003eCustomers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat IDs 510011, 510015, 510022 (HTTP traffic only), and 510023 (from Applications and Threats content version 9100-10044 and later).\u003c/p\u003e\u003cp\u003ePlease note that all of the above Threat IDs require SSL Decryption.\u003c/p\u003e\u003cp\u003e\u003c/p\u003e"
                }
              ],
              "value": "Customers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat IDs 510011, 510015, 510022 (HTTP traffic only), and 510023 (from Applications and Threats content version 9100-10044 and later).\n\nPlease note that all of the above Threat IDs require SSL Decryption."
            }
          ],
          "x_affectedList": [
            "PAN-OS 12.1.6",
            "PAN-OS 12.1.5",
            "PAN-OS 12.1.4-h3",
            "PAN-OS 12.1.4-h2",
            "PAN-OS 12.1.4",
            "PAN-OS 12.1.3-h3",
            "PAN-OS 12.1.3-h1",
            "PAN-OS 12.1.3",
            "PAN-OS 12.1.2",
            "PAN-OS 11.2.11",
            "PAN-OS 11.2.10-h5",
            "PAN-OS 11.2.10-h4",
            "PAN-OS 11.2.10-h3",
            "PAN-OS 11.2.10-h2",
            "PAN-OS 11.2.10-h1",
            "PAN-OS 11.2.10",
            "PAN-OS 11.2.9",
            "PAN-OS 11.2.8",
            "PAN-OS 11.2.7-h12",
            "PAN-OS 11.2.7-h11",
            "PAN-OS 11.2.7-h10",
            "PAN-OS 11.2.7-h8",
            "PAN-OS 11.2.7-h7",
            "PAN-OS 11.2.7-h4",
            "PAN-OS 11.2.7-h3",
            "PAN-OS 11.2.7-h2",
            "PAN-OS 11.2.7-h1",
            "PAN-OS 11.2.7",
            "PAN-OS 11.2.6",
            "PAN-OS 11.2.5",
            "PAN-OS 11.2.4-h15",
            "PAN-OS 11.2.4-h14",
            "PAN-OS 11.2.4-h12",
            "PAN-OS 11.2.4-h11",
            "PAN-OS 11.2.4-h10",
            "PAN-OS 11.2.4-h9",
            "PAN-OS 11.2.4-h8",
            "PAN-OS 11.2.4-h7",
            "PAN-OS 11.2.4-h6",
            "PAN-OS 11.2.4-h5",
            "PAN-OS 11.2.4-h4",
            "PAN-OS 11.2.4-h3",
            "PAN-OS 11.2.4-h2",
            "PAN-OS 11.2.4-h1",
            "PAN-OS 11.2.4",
            "PAN-OS 11.2.3-h5",
            "PAN-OS 11.2.3-h4",
            "PAN-OS 11.2.3-h3",
            "PAN-OS 11.2.3-h2",
            "PAN-OS 11.2.3-h1",
            "PAN-OS 11.2.3",
            "PAN-OS 11.2.2-h2",
            "PAN-OS 11.2.2-h1",
            "PAN-OS 11.2.1-h1",
            "PAN-OS 11.2.1",
            "PAN-OS 11.2.0-h1",
            "PAN-OS 11.2.0",
            "PAN-OS 11.1.14",
            "PAN-OS 11.1.13-h3",
            "PAN-OS 11.1.13-h2",
            "PAN-OS 11.1.13-h1",
            "PAN-OS 11.1.13",
            "PAN-OS 11.1.12",
            "PAN-OS 11.1.11",
            "PAN-OS 11.1.10-h21",
            "PAN-OS 11.1.10-h12",
            "PAN-OS 11.1.10-h10",
            "PAN-OS 11.1.10-h9",
            "PAN-OS 11.1.10-h7",
            "PAN-OS 11.1.10-h5",
            "PAN-OS 11.1.10-h4",
            "PAN-OS 11.1.10-h1",
            "PAN-OS 11.1.10",
            "PAN-OS 11.1.9",
            "PAN-OS 11.1.8",
            "PAN-OS 11.1.6-h29",
            "PAN-OS 11.1.6-h25",
            "PAN-OS 11.1.6-h23",
            "PAN-OS 11.1.6-h22",
            "PAN-OS 11.1.6-h21",
            "PAN-OS 11.1.6-h20",
            "PAN-OS 11.1.6-h19",
            "PAN-OS 11.1.6-h18",
            "PAN-OS 11.1.6-h17",
            "PAN-OS 11.1.6-h14",
            "PAN-OS 11.1.6-h10",
            "PAN-OS 11.1.6-h7",
            "PAN-OS 11.1.6-h6",
            "PAN-OS 11.1.6-h4",
            "PAN-OS 11.1.6-h3",
            "PAN-OS 11.1.6-h2",
            "PAN-OS 11.1.6-h1",
            "PAN-OS 11.1.6",
            "PAN-OS 11.1.5-h1",
            "PAN-OS 11.1.5",
            "PAN-OS 11.1.4-h32",
            "PAN-OS 11.1.4-h27",
            "PAN-OS 11.1.4-h25",
            "PAN-OS 11.1.4-h18",
            "PAN-OS 11.1.4-h17",
            "PAN-OS 11.1.4-h15",
            "PAN-OS 11.1.4-h13",
            "PAN-OS 11.1.4-h12",
            "PAN-OS 11.1.4-h11",
            "PAN-OS 11.1.4-h10",
            "PAN-OS 11.1.4-h9",
            "PAN-OS 11.1.4-h8",
            "PAN-OS 11.1.4-h7",
            "PAN-OS 11.1.4-h6",
            "PAN-OS 11.1.4-h5",
            "PAN-OS 11.1.4-h4",
            "PAN-OS 11.1.4-h3",
            "PAN-OS 11.1.4-h2",
            "PAN-OS 11.1.4-h1",
            "PAN-OS 11.1.4",
            "PAN-OS 11.1.3-h13",
            "PAN-OS 11.1.3-h12",
            "PAN-OS 11.1.3-h11",
            "PAN-OS 11.1.3-h10",
            "PAN-OS 11.1.3-h9",
            "PAN-OS 11.1.3-h8",
            "PAN-OS 11.1.3-h7",
            "PAN-OS 11.1.3-h6",
            "PAN-OS 11.1.3-h5",
            "PAN-OS 11.1.3-h4",
            "PAN-OS 11.1.3-h3",
            "PAN-OS 11.1.3-h2",
            "PAN-OS 11.1.3-h1",
            "PAN-OS 11.1.3",
            "PAN-OS 11.1.2-h18",
            "PAN-OS 11.1.2-h17",
            "PAN-OS 11.1.2-h16",
            "PAN-OS 11.1.2-h15",
            "PAN-OS 11.1.2-h14",
            "PAN-OS 11.1.2-h13",
            "PAN-OS 11.1.2-h12",
            "PAN-OS 11.1.2-h11",
            "PAN-OS 11.1.2-h10",
            "PAN-OS 11.1.2-h9",
            "PAN-OS 11.1.2-h8",
            "PAN-OS 11.1.2-h7",
            "PAN-OS 11.1.2-h6",
            "PAN-OS 11.1.2-h5",
            "PAN-OS 11.1.2-h4",
            "PAN-OS 11.1.2-h3",
            "PAN-OS 11.1.2-h2",
            "PAN-OS 11.1.2-h1",
            "PAN-OS 11.1.2",
            "PAN-OS 11.1.1-h2",
            "PAN-OS 11.1.1-h1",
            "PAN-OS 11.1.1",
            "PAN-OS 11.1.0-h4",
            "PAN-OS 11.1.0-h3",
            "PAN-OS 11.1.0-h2",
            "PAN-OS 11.1.0-h1",
            "PAN-OS 11.1.0",
            "PAN-OS 10.2.18-h5",
            "PAN-OS 10.2.18-h1",
            "PAN-OS 10.2.18",
            "PAN-OS 10.2.17",
            "PAN-OS 10.2.16-h6",
            "PAN-OS 10.2.16-h4",
            "PAN-OS 10.2.16-h1",
            "PAN-OS 10.2.16",
            "PAN-OS 10.2.15",
            "PAN-OS 10.2.14-h1",
            "PAN-OS 10.2.14",
            "PAN-OS 10.2.13-h18",
            "PAN-OS 10.2.13-h16",
            "PAN-OS 10.2.13-h15",
            "PAN-OS 10.2.13-h10",
            "PAN-OS 10.2.13-h7",
            "PAN-OS 10.2.13-h5",
            "PAN-OS 10.2.13-h4",
            "PAN-OS 10.2.13-h3",
            "PAN-OS 10.2.13-h2",
            "PAN-OS 10.2.13-h1",
            "PAN-OS 10.2.13",
            "PAN-OS 10.2.12-h6",
            "PAN-OS 10.2.12-h5",
            "PAN-OS 10.2.12-h4",
            "PAN-OS 10.2.12-h3",
            "PAN-OS 10.2.12-h2",
            "PAN-OS 10.2.12-h1",
            "PAN-OS 10.2.12",
            "PAN-OS 10.2.11-h13",
            "PAN-OS 10.2.11-h12",
            "PAN-OS 10.2.11-h11",
            "PAN-OS 10.2.11-h10",
            "PAN-OS 10.2.11-h9",
            "PAN-OS 10.2.11-h8",
            "PAN-OS 10.2.11-h7",
            "PAN-OS 10.2.11-h6",
            "PAN-OS 10.2.11-h5",
            "PAN-OS 10.2.11-h4",
            "PAN-OS 10.2.11-h3",
            "PAN-OS 10.2.11-h2",
            "PAN-OS 10.2.11-h1",
            "PAN-OS 10.2.11",
            "PAN-OS 10.2.10-h31",
            "PAN-OS 10.2.10-h30",
            "PAN-OS 10.2.10-h27",
            "PAN-OS 10.2.10-h26",
            "PAN-OS 10.2.10-h23",
            "PAN-OS 10.2.10-h21",
            "PAN-OS 10.2.10-h18",
            "PAN-OS 10.2.10-h17",
            "PAN-OS 10.2.10-h14",
            "PAN-OS 10.2.10-h13",
            "PAN-OS 10.2.10-h12",
            "PAN-OS 10.2.10-h11",
            "PAN-OS 10.2.10-h10",
            "PAN-OS 10.2.10-h9",
            "PAN-OS 10.2.10-h8",
            "PAN-OS 10.2.10-h7",
            "PAN-OS 10.2.10-h6",
            "PAN-OS 10.2.10-h5",
            "PAN-OS 10.2.10-h4",
            "PAN-OS 10.2.10-h3",
            "PAN-OS 10.2.10-h2",
            "PAN-OS 10.2.10-h1",
            "PAN-OS 10.2.10",
            "PAN-OS 10.2.9-h21",
            "PAN-OS 10.2.9-h20",
            "PAN-OS 10.2.9-h19",
            "PAN-OS 10.2.9-h18",
            "PAN-OS 10.2.9-h17",
            "PAN-OS 10.2.9-h16",
            "PAN-OS 10.2.9-h15",
            "PAN-OS 10.2.9-h14",
            "PAN-OS 10.2.9-h13",
            "PAN-OS 10.2.9-h12",
            "PAN-OS 10.2.9-h11",
            "PAN-OS 10.2.9-h10",
            "PAN-OS 10.2.9-h9",
            "PAN-OS 10.2.9-h8",
            "PAN-OS 10.2.9-h7",
            "PAN-OS 10.2.9-h6",
            "PAN-OS 10.2.9-h5",
            "PAN-OS 10.2.9-h4",
            "PAN-OS 10.2.9-h3",
            "PAN-OS 10.2.9-h2",
            "PAN-OS 10.2.9-h1",
            "PAN-OS 10.2.9",
            "PAN-OS 10.2.8-h21",
            "PAN-OS 10.2.8-h20",
            "PAN-OS 10.2.8-h19",
            "PAN-OS 10.2.8-h18",
            "PAN-OS 10.2.8-h17",
            "PAN-OS 10.2.8-h16",
            "PAN-OS 10.2.8-h15",
            "PAN-OS 10.2.8-h14",
            "PAN-OS 10.2.8-h13",
            "PAN-OS 10.2.8-h12",
            "PAN-OS 10.2.8-h11",
            "PAN-OS 10.2.8-h10",
            "PAN-OS 10.2.8-h9",
            "PAN-OS 10.2.8-h8",
            "PAN-OS 10.2.8-h7",
            "PAN-OS 10.2.8-h6",
            "PAN-OS 10.2.8-h5",
            "PAN-OS 10.2.8-h4",
            "PAN-OS 10.2.8-h3",
            "PAN-OS 10.2.8-h2",
            "PAN-OS 10.2.8-h1",
            "PAN-OS 10.2.8",
            "PAN-OS 10.2.7-h32",
            "PAN-OS 10.2.7-h24",
            "PAN-OS 10.2.7-h23",
            "PAN-OS 10.2.7-h22",
            "PAN-OS 10.2.7-h21",
            "PAN-OS 10.2.7-h20",
            "PAN-OS 10.2.7-h19",
            "PAN-OS 10.2.7-h18",
            "PAN-OS 10.2.7-h17",
            "PAN-OS 10.2.7-h16",
            "PAN-OS 10.2.7-h15",
            "PAN-OS 10.2.7-h14",
            "PAN-OS 10.2.7-h13",
            "PAN-OS 10.2.7-h12",
            "PAN-OS 10.2.7-h11",
            "PAN-OS 10.2.7-h10",
            "PAN-OS 10.2.7-h9",
            "PAN-OS 10.2.7-h8",
            "PAN-OS 10.2.7-h7",
            "PAN-OS 10.2.7-h6",
            "PAN-OS 10.2.7-h5",
            "PAN-OS 10.2.7-h4",
            "PAN-OS 10.2.7-h3",
            "PAN-OS 10.2.7-h2",
            "PAN-OS 10.2.7-h1",
            "PAN-OS 10.2.7",
            "PAN-OS 10.2.6-h6",
            "PAN-OS 10.2.6-h5",
            "PAN-OS 10.2.6-h4",
            "PAN-OS 10.2.6-h3",
            "PAN-OS 10.2.6-h2",
            "PAN-OS 10.2.6-h1",
            "PAN-OS 10.2.6",
            "PAN-OS 10.2.5-h9",
            "PAN-OS 10.2.5-h8",
            "PAN-OS 10.2.5-h7",
            "PAN-OS 10.2.5-h6",
            "PAN-OS 10.2.5-h5",
            "PAN-OS 10.2.5-h4",
            "PAN-OS 10.2.5-h3",
            "PAN-OS 10.2.5-h2",
            "PAN-OS 10.2.5-h1",
            "PAN-OS 10.2.5",
            "PAN-OS 10.2.4-h32",
            "PAN-OS 10.2.4-h31",
            "PAN-OS 10.2.4-h30",
            "PAN-OS 10.2.4-h29",
            "PAN-OS 10.2.4-h28",
            "PAN-OS 10.2.4-h27",
            "PAN-OS 10.2.4-h26",
            "PAN-OS 10.2.4-h25",
            "PAN-OS 10.2.4-h24",
            "PAN-OS 10.2.4-h23",
            "PAN-OS 10.2.4-h22",
            "PAN-OS 10.2.4-h21",
            "PAN-OS 10.2.4-h20",
            "PAN-OS 10.2.4-h19",
            "PAN-OS 10.2.4-h18",
            "PAN-OS 10.2.4-h17",
            "PAN-OS 10.2.4-h16",
            "PAN-OS 10.2.4-h15",
            "PAN-OS 10.2.4-h14",
            "PAN-OS 10.2.4-h13",
            "PAN-OS 10.2.4-h12",
            "PAN-OS 10.2.4-h11",
            "PAN-OS 10.2.4-h10",
            "PAN-OS 10.2.4-h9",
            "PAN-OS 10.2.4-h8",
            "PAN-OS 10.2.4-h7",
            "PAN-OS 10.2.4-h6",
            "PAN-OS 10.2.4-h5",
            "PAN-OS 10.2.4-h4",
            "PAN-OS 10.2.4-h3",
            "PAN-OS 10.2.4-h2",
            "PAN-OS 10.2.4-h1",
            "PAN-OS 10.2.4",
            "PAN-OS 10.2.3-h14",
            "PAN-OS 10.2.3-h13",
            "PAN-OS 10.2.3-h12",
            "PAN-OS 10.2.3-h11",
            "PAN-OS 10.2.3-h10",
            "PAN-OS 10.2.3-h9",
            "PAN-OS 10.2.3-h8",
            "PAN-OS 10.2.3-h7",
            "PAN-OS 10.2.3-h6",
            "PAN-OS 10.2.3-h5",
            "PAN-OS 10.2.3-h4",
            "PAN-OS 10.2.3-h3",
            "PAN-OS 10.2.3-h2",
            "PAN-OS 10.2.3-h1",
            "PAN-OS 10.2.3",
            "PAN-OS 10.2.2-h6",
            "PAN-OS 10.2.2-h5",
            "PAN-OS 10.2.2-h4",
            "PAN-OS 10.2.2-h3",
            "PAN-OS 10.2.2-h2",
            "PAN-OS 10.2.2-h1",
            "PAN-OS 10.2.2",
            "PAN-OS 10.2.1-h3",
            "PAN-OS 10.2.1-h2",
            "PAN-OS 10.2.1-h1",
            "PAN-OS 10.2.1",
            "PAN-OS 10.2.0-h4",
            "PAN-OS 10.2.0-h3",
            "PAN-OS 10.2.0-h2",
            "PAN-OS 10.2.0-h1",
            "PAN-OS 10.2.0"
          ],
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "assignerShortName": "palo_alto",
        "cveId": "CVE-2026-0262",
        "datePublished": "2026-05-13T17:49:43.620Z",
        "dateReserved": "2025-11-03T20:44:22.910Z",
        "dateUpdated": "2026-06-09T09:02:46.762Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-0261 (GCVE-0-2026-0261)

    Vulnerability from nvd – Published: 2026-05-13 17:59 – Updated: 2026-06-09 09:02
    VLAI
    Title
    PAN-OS: Authenticated Admin Command Injection Vulnerability
    Summary
    Multiple command injection vulnerabilities in Palo Alto Networks PAN-OS® software enable an authenticated administrator to bypass system restrictions and run arbitrary commands as a root user. To be able to exploit this issue, the user must have access to the PAN-OS CLI or Web UI. The security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of administrators and by restricting access to the management web interface to only trusted internal IP addresses according to our recommended best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 . This issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series). Cloud NGFW and Prisma Access® are not impacted by these vulnerabilities.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    Impacted products
    Vendor Product Version
    Palo Alto Networks Cloud NGFW Unaffected: All (custom)
    Create a notification for this product.
    Palo Alto Networks PAN-OS Affected: 12.1.0 , < 12.1.7, 12.1.4-h5 (custom)
    Affected: 11.2.0 , < 11.2.12, 11.2.10-h6, 11.2.7-h13, 11.2.4-h17 (custom)
    Affected: 11.1.0 , < 11.1.15, 11.1.13-h5, 11.1.10-h25, 11.1.7-h6, 11.1.6-h32, 11.1.4-h33 (custom)
    Affected: 10.2.0 , < 10.2.18-h6, 10.2.16-h7, 10.2.13-h21, 10.2.10-h36, 10.2.7-h34 (custom)
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.14:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h29:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h25:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h23:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h22:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h20:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h19:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h32:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h27:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h25:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.17:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.15:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.14:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h16:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h31:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h30:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h27:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h26:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h23:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h32:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h24:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h23:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h22:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h20:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h19:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h16:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Palo Alto Networks Prisma Access Unaffected: All (custom)
    Create a notification for this product.
    Siemens RUGGEDCOM APE1808 Affected: 0 , < * (custom)
    Create a notification for this product.
    Date Public
    2026-05-13 16:00
    Credits
    Palo Alto Networks thanks our internal security research teams for discovering and reporting this issue.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-0261",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-13T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-14T03:56:33.433Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "defaultStatus": "unknown",
                "product": "RUGGEDCOM APE1808",
                "vendor": "Siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-09T09:02:45.434Z",
              "orgId": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e",
              "shortName": "siemens-SADP"
            },
            "references": [
              {
                "url": "https://cert-portal.siemens.com/productcert/html/ssa-967325.html"
              }
            ],
            "x_adpType": "supplier"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Cloud NGFW",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "All",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.14:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h29:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h25:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h23:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h22:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h20:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h19:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h32:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h27:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h25:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.17:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.15:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.14:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h16:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h31:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h30:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h27:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h26:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h23:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h32:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h24:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h23:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h22:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h20:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h19:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h16:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "PAN-OS",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "12.1.7",
                      "status": "unaffected"
                    },
                    {
                      "at": "12.1.4-h5",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "12.1.7, 12.1.4-h5",
                  "status": "affected",
                  "version": "12.1.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "11.2.12",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.2.10-h6",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.2.7-h13",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.2.4-h17",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "11.2.12, 11.2.10-h6, 11.2.7-h13, 11.2.4-h17",
                  "status": "affected",
                  "version": "11.2.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "11.1.15",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.13-h5",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.10-h25",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.7-h6",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.6-h32",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.4-h33",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "11.1.15, 11.1.13-h5, 11.1.10-h25, 11.1.7-h6, 11.1.6-h32, 11.1.4-h33",
                  "status": "affected",
                  "version": "11.1.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "10.2.18-h6",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.16-h7",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.13-h21",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.10-h36",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.7-h34",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "10.2.18-h6, 10.2.16-h7, 10.2.13-h21, 10.2.10-h36, 10.2.7-h34",
                  "status": "affected",
                  "version": "10.2.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Prisma Access",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "All",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "configurations": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eNo special configuration is required to be affected by this issue.\u003c/p\u003e"
                }
              ],
              "value": "No special configuration is required to be affected by this issue."
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:palo_alto_networks:cloud_ngfw:all:*:*:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "12.1.7_12.1.4-h5",
                      "versionStartIncluding": "12.1.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.12_11.2.10-h6_11.2.7-h13_11.2.4-h17",
                      "versionStartIncluding": "11.2.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.15_11.1.13-h5_11.1.10-h25_11.1.7-h6_11.1.6-h32_11.1.4-h33",
                      "versionStartIncluding": "11.1.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.18-h6_10.2.16-h7_10.2.13-h21_10.2.10-h36_10.2.7-h34",
                      "versionStartIncluding": "10.2.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:palo_alto_networks:prisma_access:all:*:*:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "other",
              "value": "Palo Alto Networks thanks our internal security research teams for discovering and reporting this issue."
            }
          ],
          "datePublic": "2026-05-13T16:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eMultiple command injection vulnerabilities in Palo Alto Networks PAN-OS\u00ae software enable an authenticated administrator to bypass system restrictions and run arbitrary commands as a root user. To be able to exploit this issue, the user must have access to the PAN-OS CLI or Web UI.\u003c/p\u003e\u003cp\u003eThe security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of administrators and by restricting access to the management web interface to only trusted internal IP addresses according to our recommended \u003ca href=\"https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431\"\u003ebest practice deployment guidelines\u003c/a\u003e.\u003c/p\u003e\u003cp\u003eThis issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series).\u003c/p\u003e\u003cp\u003eCloud NGFW and Prisma Access\u00ae are not impacted by these vulnerabilities.\u003c/p\u003e"
                }
              ],
              "value": "Multiple command injection vulnerabilities in Palo Alto Networks PAN-OS\u00ae software enable an authenticated administrator to bypass system restrictions and run arbitrary commands as a root user. To be able to exploit this issue, the user must have access to the PAN-OS CLI or Web UI.\n\n\n\nThe security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of administrators and by restricting access to the management web interface to only trusted internal IP addresses according to our recommended  best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 .\n\n\n\nThis issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series).\n\n\n\nCloud NGFW and Prisma Access\u00ae are not impacted by these vulnerabilities."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003ePalo Alto Networks is not aware of any malicious exploitation of these issues.\u003c/p\u003e"
                }
              ],
              "value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-88",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-88 OS Command Injection"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NO",
                "Recovery": "USER",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 6.1,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "UNREPORTED",
                "privilegesRequired": "HIGH",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "CONCENTRATED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:C/RE:M/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "MODERATE"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "The risk is highest when you allow access to the management interface from external IP addresses on the internet."
                }
              ]
            },
            {
              "cvssV4_0": {
                "Automatable": "NO",
                "Recovery": "USER",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 5.7,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "UNREPORTED",
                "privilegesRequired": "HIGH",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "DIFFUSE",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "MODERATE"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "You can reduce the risk of exploitation by restricting access to a jump box that is the only system allowed to access the management interface."
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-13T17:59:31.408Z",
            "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
            "shortName": "palo_alto"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://security.paloaltonetworks.com/CVE-2026-0261"
            }
          ],
          "solutions": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003ctable class=\"tbl\"\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eVersion\u003cbr\u003e\u003c/th\u003e\u003cth\u003eMinor Version\u003cbr\u003e\u003c/th\u003e\u003cth\u003eSuggested Solution\u003cbr\u003e\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003eCloud NGFW\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePAN-OS 12.1\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e12.1.5 through 12.1.6\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 12.1.7 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e12.1.2 through 12.1.4-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 12.1.4-h5 or 12.1.7 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePAN-OS 11.2\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.2.11 or later\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.2.12 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.2.8 through 11.2.10-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.2.10-h6 or 11.2.12 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.2.5 through 11.2.7-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.2.7-h13 or 11.2.12 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.2.0 through 11.2.4-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.2.4-h17 or 11.2.12 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePAN-OS 11.1\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.14 or later\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.15 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.11 through 11.1.13-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.13-h5 or 11.1.15 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.8 through 11.1.10-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.10-h25 or 11.1.15 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.7 through 11.1.7-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.7-h6 or 11.1.15 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.5 through 11.1.6-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.6-h32 or 11.1.15 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.0 through 11.1.4-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.4-h33 or 11.1.15 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePAN-OS 10.2\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e10.2.17 through 10.2.18-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 10.2.18-h6 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e10.2.14 through 10.2.16-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 10.2.16-h7 or 10.2.18-h6 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e10.2.11 through 10.2.13-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 10.2.13-h21 or 10.2.18-h6 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e10.2.8 through 10.2.10-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 10.2.10-h36 or 10.2.18-h6 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e10.2.0 through 10.2.7-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 10.2.7-h34 or 10.2.18-h6 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eAll older\u003cbr\u003eunsupported\u003cbr\u003ePAN-OS versions\u003c/td\u003e\u003ctd\u003e\u0026nbsp;\u003c/td\u003e\u003ctd\u003eUpgrade to a supported fixed version.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePrisma Access\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e"
                }
              ],
              "value": "VERSION           MINOR VERSION                SUGGESTED SOLUTION\nCloud NGFW                                     No action needed.\nPAN-OS 12.1       12.1.5 through 12.1.6        Upgrade to 12.1.7 or later.\n                  12.1.2 through 12.1.4-h*     Upgrade to 12.1.4-h5 or 12.1.7 or later.\nPAN-OS 11.2       11.2.11 or later             Upgrade to 11.2.12 or later.\n                  11.2.8 through 11.2.10-h*    Upgrade to 11.2.10-h6 or 11.2.12 or later.\n                  11.2.5 through 11.2.7-h*     Upgrade to 11.2.7-h13 or 11.2.12 or later.\n                  11.2.0 through 11.2.4-h*     Upgrade to 11.2.4-h17 or 11.2.12 or later.\nPAN-OS 11.1       11.1.14 or later             Upgrade to 11.1.15 or later.\n                  11.1.11 through 11.1.13-h*   Upgrade to 11.1.13-h5 or 11.1.15 or later.\n                  11.1.8 through 11.1.10-h*    Upgrade to 11.1.10-h25 or 11.1.15 or later.\n                  11.1.7 through 11.1.7-h*     Upgrade to 11.1.7-h6 or 11.1.15 or later.\n                  11.1.5 through 11.1.6-h*     Upgrade to 11.1.6-h32 or 11.1.15 or later.\n                  11.1.0 through 11.1.4-h*     Upgrade to 11.1.4-h33 or 11.1.15 or later.\nPAN-OS 10.2       10.2.17 through 10.2.18-h*   Upgrade to 10.2.18-h6 or later.\n                  10.2.14 through 10.2.16-h*   Upgrade to 10.2.16-h7 or 10.2.18-h6 or later.\n                  10.2.11 through 10.2.13-h*   Upgrade to 10.2.13-h21 or 10.2.18-h6 or later.\n                  10.2.8 through 10.2.10-h*    Upgrade to 10.2.10-h36 or 10.2.18-h6 or later.\n                  10.2.0 through 10.2.7-h*     Upgrade to 10.2.7-h34 or 10.2.18-h6 or later.\nAll older                                      Upgrade to a supported fixed version.\nunsupported\nPAN-OS versions\nPrisma Access                                  No action needed."
            }
          ],
          "source": {
            "discovery": "INTERNAL"
          },
          "timeline": [
            {
              "lang": "en",
              "time": "2026-05-13T16:00:00.000Z",
              "value": "Initial publication."
            }
          ],
          "title": "PAN-OS: Authenticated Admin Command Injection Vulnerability",
          "workarounds": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eThe vast majority of firewalls already follow Palo Alto Networks\u0027 and industry best practices. However, if you have not already, we strongly recommend that you secure access to your management interface according to our \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431\"\u003ebest practice deployment guidelines\u003c/a\u003e. Specifically, you should restrict management interface access to only trusted internal IP addresses.\u003c/p\u003e\u003cp\u003eReview information about how to secure management access to your Palo Alto Networks firewalls:\u003c/p\u003e\u003cul\u003e\u003cli\u003ePalo Alto Networks LIVEcommunity article:\u0026nbsp;\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431\"\u003ehttps://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431\u003c/a\u003e\u003c/li\u003e\u003cli\u003ePalo Alto Networks official and detailed technical documentation:\u0026nbsp;\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices\"\u003ehttps://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eCustomers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat IDs 510017, 510018 and 510024 and can detect attacks for this vulnerability by enabling Threat IDs 510021, 510025 and 510026 (from Applications and Threats content version 9100-10044 and later). For these Threat IDs to protect against attacks for this vulnerability:\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices#id59206398-3dab-4b2f-9b4b-7ea500d036ba\"\u003eRoute incoming traffic for the MGT port through a DP port\u003c/a\u003e, e.g., enabling management profile on a DP interface for management access.\u003c/li\u003e\u003cli\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices#id112f7714-8995-4496-bbf9-781e63dec71c\"\u003eReplace the Certificate for Inbound Traffic Management\u003c/a\u003e.\u003c/li\u003e\u003cli\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices#idbbd82587-17a2-42b4-9245-d3714e1e13a2\"\u003eDecrypt inbound traffic to the management interface\u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices#idbbd82587-17a2-42b4-9245-d3714e1e13a2\"\u003e so the firewall can inspect it\u003c/a\u003e.\u003c/li\u003e\u003cli\u003eEnable threat prevention on the inbound traffic to management services.\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003c/p\u003e"
                }
              ],
              "value": "The vast majority of firewalls already follow Palo Alto Networks\u0027 and industry best practices. However, if you have not already, we strongly recommend that you secure access to your management interface according to our best practice deployment guidelines (https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431). Specifically, you should restrict management interface access to only trusted internal IP addresses.\n\nReview information about how to secure management access to your Palo Alto Networks firewalls:\n\n * Palo Alto Networks LIVEcommunity article: https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431\n * Palo Alto Networks official and detailed technical documentation: https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices\n\nCustomers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat IDs 510017, 510018 and 510024 and can detect attacks for this vulnerability by enabling Threat IDs 510021, 510025 and 510026 (from Applications and Threats content version 9100-10044 and later). For these Threat IDs to protect against attacks for this vulnerability:\n\n\n\n * Route incoming traffic for the MGT port through a DP port (https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices#id59206398-3dab-4b2f-9b4b-7ea500d036ba), e.g., enabling management profile on a DP interface for management access.\n * Replace the Certificate for Inbound Traffic Management (https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices#id112f7714-8995-4496-bbf9-781e63dec71c).\n * Decrypt inbound traffic to the management interface (https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices#idbbd82587-17a2-42b4-9245-d3714e1e13a2) so the firewall can inspect it (https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices#idbbd82587-17a2-42b4-9245-d3714e1e13a2).\n * Enable threat prevention on the inbound traffic to management services."
            }
          ],
          "x_affectedList": [
            "PAN-OS 12.1.6",
            "PAN-OS 12.1.5",
            "PAN-OS 12.1.4-h3",
            "PAN-OS 12.1.4-h2",
            "PAN-OS 12.1.4",
            "PAN-OS 12.1.3-h3",
            "PAN-OS 12.1.3-h1",
            "PAN-OS 12.1.3",
            "PAN-OS 12.1.2",
            "PAN-OS 11.2.11",
            "PAN-OS 11.2.10-h4",
            "PAN-OS 11.2.10-h3",
            "PAN-OS 11.2.10-h2",
            "PAN-OS 11.2.10-h1",
            "PAN-OS 11.2.10",
            "PAN-OS 11.2.9",
            "PAN-OS 11.2.8",
            "PAN-OS 11.2.7-h11",
            "PAN-OS 11.2.7-h10",
            "PAN-OS 11.2.7-h8",
            "PAN-OS 11.2.7-h7",
            "PAN-OS 11.2.7-h4",
            "PAN-OS 11.2.7-h3",
            "PAN-OS 11.2.7-h2",
            "PAN-OS 11.2.7-h1",
            "PAN-OS 11.2.7",
            "PAN-OS 11.2.6",
            "PAN-OS 11.2.5",
            "PAN-OS 11.2.4-h15",
            "PAN-OS 11.2.4-h14",
            "PAN-OS 11.2.4-h12",
            "PAN-OS 11.2.4-h11",
            "PAN-OS 11.2.4-h10",
            "PAN-OS 11.2.4-h9",
            "PAN-OS 11.2.4-h8",
            "PAN-OS 11.2.4-h7",
            "PAN-OS 11.2.4-h6",
            "PAN-OS 11.2.4-h5",
            "PAN-OS 11.2.4-h4",
            "PAN-OS 11.2.4-h3",
            "PAN-OS 11.2.4-h2",
            "PAN-OS 11.2.4-h1",
            "PAN-OS 11.2.4",
            "PAN-OS 11.2.3-h5",
            "PAN-OS 11.2.3-h4",
            "PAN-OS 11.2.3-h3",
            "PAN-OS 11.2.3-h2",
            "PAN-OS 11.2.3-h1",
            "PAN-OS 11.2.3",
            "PAN-OS 11.2.2-h2",
            "PAN-OS 11.2.2-h1",
            "PAN-OS 11.2.1-h1",
            "PAN-OS 11.2.1",
            "PAN-OS 11.2.0-h1",
            "PAN-OS 11.2.0",
            "PAN-OS 11.1.13-h3",
            "PAN-OS 11.1.13-h2",
            "PAN-OS 11.1.13-h1",
            "PAN-OS 11.1.13",
            "PAN-OS 11.1.12",
            "PAN-OS 11.1.11",
            "PAN-OS 11.1.10-h21",
            "PAN-OS 11.1.10-h12",
            "PAN-OS 11.1.10-h10",
            "PAN-OS 11.1.10-h9",
            "PAN-OS 11.1.10-h7",
            "PAN-OS 11.1.10-h5",
            "PAN-OS 11.1.10-h4",
            "PAN-OS 11.1.10-h1",
            "PAN-OS 11.1.10",
            "PAN-OS 11.1.9",
            "PAN-OS 11.1.8",
            "PAN-OS 11.1.6-h29",
            "PAN-OS 11.1.6-h25",
            "PAN-OS 11.1.6-h23",
            "PAN-OS 11.1.6-h22",
            "PAN-OS 11.1.6-h21",
            "PAN-OS 11.1.6-h20",
            "PAN-OS 11.1.6-h19",
            "PAN-OS 11.1.6-h18",
            "PAN-OS 11.1.6-h17",
            "PAN-OS 11.1.6-h14",
            "PAN-OS 11.1.6-h10",
            "PAN-OS 11.1.6-h7",
            "PAN-OS 11.1.6-h6",
            "PAN-OS 11.1.6-h4",
            "PAN-OS 11.1.6-h3",
            "PAN-OS 11.1.6-h2",
            "PAN-OS 11.1.6-h1",
            "PAN-OS 11.1.6",
            "PAN-OS 11.1.5-h1",
            "PAN-OS 11.1.5",
            "PAN-OS 11.1.4-h27",
            "PAN-OS 11.1.4-h25",
            "PAN-OS 11.1.4-h18",
            "PAN-OS 11.1.4-h17",
            "PAN-OS 11.1.4-h15",
            "PAN-OS 11.1.4-h13",
            "PAN-OS 11.1.4-h12",
            "PAN-OS 11.1.4-h11",
            "PAN-OS 11.1.4-h10",
            "PAN-OS 11.1.4-h9",
            "PAN-OS 11.1.4-h8",
            "PAN-OS 11.1.4-h7",
            "PAN-OS 11.1.4-h6",
            "PAN-OS 11.1.4-h5",
            "PAN-OS 11.1.4-h4",
            "PAN-OS 11.1.4-h3",
            "PAN-OS 11.1.4-h2",
            "PAN-OS 11.1.4-h1",
            "PAN-OS 11.1.4",
            "PAN-OS 11.1.3-h13",
            "PAN-OS 11.1.3-h12",
            "PAN-OS 11.1.3-h11",
            "PAN-OS 11.1.3-h10",
            "PAN-OS 11.1.3-h9",
            "PAN-OS 11.1.3-h8",
            "PAN-OS 11.1.3-h7",
            "PAN-OS 11.1.3-h6",
            "PAN-OS 11.1.3-h5",
            "PAN-OS 11.1.3-h4",
            "PAN-OS 11.1.3-h3",
            "PAN-OS 11.1.3-h2",
            "PAN-OS 11.1.3-h1",
            "PAN-OS 11.1.3",
            "PAN-OS 11.1.2-h18",
            "PAN-OS 11.1.2-h17",
            "PAN-OS 11.1.2-h16",
            "PAN-OS 11.1.2-h15",
            "PAN-OS 11.1.2-h14",
            "PAN-OS 11.1.2-h13",
            "PAN-OS 11.1.2-h12",
            "PAN-OS 11.1.2-h11",
            "PAN-OS 11.1.2-h10",
            "PAN-OS 11.1.2-h9",
            "PAN-OS 11.1.2-h8",
            "PAN-OS 11.1.2-h7",
            "PAN-OS 11.1.2-h6",
            "PAN-OS 11.1.2-h5",
            "PAN-OS 11.1.2-h4",
            "PAN-OS 11.1.2-h3",
            "PAN-OS 11.1.2-h2",
            "PAN-OS 11.1.2-h1",
            "PAN-OS 11.1.2",
            "PAN-OS 11.1.1-h2",
            "PAN-OS 11.1.1-h1",
            "PAN-OS 11.1.1",
            "PAN-OS 11.1.0-h4",
            "PAN-OS 11.1.0-h3",
            "PAN-OS 11.1.0-h2",
            "PAN-OS 11.1.0-h1",
            "PAN-OS 11.1.0",
            "PAN-OS 10.2.18-h1",
            "PAN-OS 10.2.18",
            "PAN-OS 10.2.17",
            "PAN-OS 10.2.16-h6",
            "PAN-OS 10.2.16-h4",
            "PAN-OS 10.2.16-h1",
            "PAN-OS 10.2.16",
            "PAN-OS 10.2.15",
            "PAN-OS 10.2.14-h1",
            "PAN-OS 10.2.14",
            "PAN-OS 10.2.13-h18",
            "PAN-OS 10.2.13-h16",
            "PAN-OS 10.2.13-h15",
            "PAN-OS 10.2.13-h10",
            "PAN-OS 10.2.13-h7",
            "PAN-OS 10.2.13-h5",
            "PAN-OS 10.2.13-h4",
            "PAN-OS 10.2.13-h3",
            "PAN-OS 10.2.13-h2",
            "PAN-OS 10.2.13-h1",
            "PAN-OS 10.2.13",
            "PAN-OS 10.2.12-h6",
            "PAN-OS 10.2.12-h5",
            "PAN-OS 10.2.12-h4",
            "PAN-OS 10.2.12-h3",
            "PAN-OS 10.2.12-h2",
            "PAN-OS 10.2.12-h1",
            "PAN-OS 10.2.12",
            "PAN-OS 10.2.11-h13",
            "PAN-OS 10.2.11-h12",
            "PAN-OS 10.2.11-h11",
            "PAN-OS 10.2.11-h10",
            "PAN-OS 10.2.11-h9",
            "PAN-OS 10.2.11-h8",
            "PAN-OS 10.2.11-h7",
            "PAN-OS 10.2.11-h6",
            "PAN-OS 10.2.11-h5",
            "PAN-OS 10.2.11-h4",
            "PAN-OS 10.2.11-h3",
            "PAN-OS 10.2.11-h2",
            "PAN-OS 10.2.11-h1",
            "PAN-OS 10.2.11",
            "PAN-OS 10.2.10-h31",
            "PAN-OS 10.2.10-h30",
            "PAN-OS 10.2.10-h27",
            "PAN-OS 10.2.10-h26",
            "PAN-OS 10.2.10-h23",
            "PAN-OS 10.2.10-h21",
            "PAN-OS 10.2.10-h18",
            "PAN-OS 10.2.10-h17",
            "PAN-OS 10.2.10-h14",
            "PAN-OS 10.2.10-h13",
            "PAN-OS 10.2.10-h12",
            "PAN-OS 10.2.10-h11",
            "PAN-OS 10.2.10-h10",
            "PAN-OS 10.2.10-h9",
            "PAN-OS 10.2.10-h8",
            "PAN-OS 10.2.10-h7",
            "PAN-OS 10.2.10-h6",
            "PAN-OS 10.2.10-h5",
            "PAN-OS 10.2.10-h4",
            "PAN-OS 10.2.10-h3",
            "PAN-OS 10.2.10-h2",
            "PAN-OS 10.2.10-h1",
            "PAN-OS 10.2.10",
            "PAN-OS 10.2.9-h21",
            "PAN-OS 10.2.9-h20",
            "PAN-OS 10.2.9-h19",
            "PAN-OS 10.2.9-h18",
            "PAN-OS 10.2.9-h17",
            "PAN-OS 10.2.9-h16",
            "PAN-OS 10.2.9-h15",
            "PAN-OS 10.2.9-h14",
            "PAN-OS 10.2.9-h13",
            "PAN-OS 10.2.9-h12",
            "PAN-OS 10.2.9-h11",
            "PAN-OS 10.2.9-h10",
            "PAN-OS 10.2.9-h9",
            "PAN-OS 10.2.9-h8",
            "PAN-OS 10.2.9-h7",
            "PAN-OS 10.2.9-h6",
            "PAN-OS 10.2.9-h5",
            "PAN-OS 10.2.9-h4",
            "PAN-OS 10.2.9-h3",
            "PAN-OS 10.2.9-h2",
            "PAN-OS 10.2.9-h1",
            "PAN-OS 10.2.9",
            "PAN-OS 10.2.8-h21",
            "PAN-OS 10.2.8-h20",
            "PAN-OS 10.2.8-h19",
            "PAN-OS 10.2.8-h18",
            "PAN-OS 10.2.8-h17",
            "PAN-OS 10.2.8-h16",
            "PAN-OS 10.2.8-h15",
            "PAN-OS 10.2.8-h14",
            "PAN-OS 10.2.8-h13",
            "PAN-OS 10.2.8-h12",
            "PAN-OS 10.2.8-h11",
            "PAN-OS 10.2.8-h10",
            "PAN-OS 10.2.8-h9",
            "PAN-OS 10.2.8-h8",
            "PAN-OS 10.2.8-h7",
            "PAN-OS 10.2.8-h6",
            "PAN-OS 10.2.8-h5",
            "PAN-OS 10.2.8-h4",
            "PAN-OS 10.2.8-h3",
            "PAN-OS 10.2.8-h2",
            "PAN-OS 10.2.8-h1",
            "PAN-OS 10.2.8",
            "PAN-OS 10.2.7-h32",
            "PAN-OS 10.2.7-h24",
            "PAN-OS 10.2.7-h23",
            "PAN-OS 10.2.7-h22",
            "PAN-OS 10.2.7-h21",
            "PAN-OS 10.2.7-h20",
            "PAN-OS 10.2.7-h19",
            "PAN-OS 10.2.7-h18",
            "PAN-OS 10.2.7-h17",
            "PAN-OS 10.2.7-h16",
            "PAN-OS 10.2.7-h15",
            "PAN-OS 10.2.7-h14",
            "PAN-OS 10.2.7-h13",
            "PAN-OS 10.2.7-h12",
            "PAN-OS 10.2.7-h11",
            "PAN-OS 10.2.7-h10",
            "PAN-OS 10.2.7-h9",
            "PAN-OS 10.2.7-h8",
            "PAN-OS 10.2.7-h7",
            "PAN-OS 10.2.7-h6",
            "PAN-OS 10.2.7-h5",
            "PAN-OS 10.2.7-h4",
            "PAN-OS 10.2.7-h3",
            "PAN-OS 10.2.7-h2",
            "PAN-OS 10.2.7-h1",
            "PAN-OS 10.2.7",
            "PAN-OS 10.2.6-h6",
            "PAN-OS 10.2.6-h5",
            "PAN-OS 10.2.6-h4",
            "PAN-OS 10.2.6-h3",
            "PAN-OS 10.2.6-h2",
            "PAN-OS 10.2.6-h1",
            "PAN-OS 10.2.6",
            "PAN-OS 10.2.5-h9",
            "PAN-OS 10.2.5-h8",
            "PAN-OS 10.2.5-h7",
            "PAN-OS 10.2.5-h6",
            "PAN-OS 10.2.5-h5",
            "PAN-OS 10.2.5-h4",
            "PAN-OS 10.2.5-h3",
            "PAN-OS 10.2.5-h2",
            "PAN-OS 10.2.5-h1",
            "PAN-OS 10.2.5",
            "PAN-OS 10.2.4-h32",
            "PAN-OS 10.2.4-h31",
            "PAN-OS 10.2.4-h30",
            "PAN-OS 10.2.4-h29",
            "PAN-OS 10.2.4-h28",
            "PAN-OS 10.2.4-h27",
            "PAN-OS 10.2.4-h26",
            "PAN-OS 10.2.4-h25",
            "PAN-OS 10.2.4-h24",
            "PAN-OS 10.2.4-h23",
            "PAN-OS 10.2.4-h22",
            "PAN-OS 10.2.4-h21",
            "PAN-OS 10.2.4-h20",
            "PAN-OS 10.2.4-h19",
            "PAN-OS 10.2.4-h18",
            "PAN-OS 10.2.4-h17",
            "PAN-OS 10.2.4-h16",
            "PAN-OS 10.2.4-h15",
            "PAN-OS 10.2.4-h14",
            "PAN-OS 10.2.4-h13",
            "PAN-OS 10.2.4-h12",
            "PAN-OS 10.2.4-h11",
            "PAN-OS 10.2.4-h10",
            "PAN-OS 10.2.4-h9",
            "PAN-OS 10.2.4-h8",
            "PAN-OS 10.2.4-h7",
            "PAN-OS 10.2.4-h6",
            "PAN-OS 10.2.4-h5",
            "PAN-OS 10.2.4-h4",
            "PAN-OS 10.2.4-h3",
            "PAN-OS 10.2.4-h2",
            "PAN-OS 10.2.4-h1",
            "PAN-OS 10.2.4",
            "PAN-OS 10.2.3-h14",
            "PAN-OS 10.2.3-h13",
            "PAN-OS 10.2.3-h12",
            "PAN-OS 10.2.3-h11",
            "PAN-OS 10.2.3-h10",
            "PAN-OS 10.2.3-h9",
            "PAN-OS 10.2.3-h8",
            "PAN-OS 10.2.3-h7",
            "PAN-OS 10.2.3-h6",
            "PAN-OS 10.2.3-h5",
            "PAN-OS 10.2.3-h4",
            "PAN-OS 10.2.3-h3",
            "PAN-OS 10.2.3-h2",
            "PAN-OS 10.2.3-h1",
            "PAN-OS 10.2.3",
            "PAN-OS 10.2.2-h6",
            "PAN-OS 10.2.2-h5",
            "PAN-OS 10.2.2-h4",
            "PAN-OS 10.2.2-h3",
            "PAN-OS 10.2.2-h2",
            "PAN-OS 10.2.2-h1",
            "PAN-OS 10.2.2",
            "PAN-OS 10.2.1-h3",
            "PAN-OS 10.2.1-h2",
            "PAN-OS 10.2.1-h1",
            "PAN-OS 10.2.1",
            "PAN-OS 10.2.0-h4",
            "PAN-OS 10.2.0-h3",
            "PAN-OS 10.2.0-h2",
            "PAN-OS 10.2.0-h1",
            "PAN-OS 10.2.0"
          ],
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "assignerShortName": "palo_alto",
        "cveId": "CVE-2026-0261",
        "datePublished": "2026-05-13T17:59:31.408Z",
        "dateReserved": "2025-11-03T20:44:22.040Z",
        "dateUpdated": "2026-06-09T09:02:45.434Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-0279 (GCVE-0-2026-0279)

    Vulnerability from cvelistv5 – Published: 2026-07-09 19:08 – Updated: 2026-07-09 19:23
    VLAI
    Title
    PAN-OS: Multiple Cross-Site Scripting (XSS) Vulnerabilities
    Summary
    Multiple cross site scripting vulnerabilities in the User-ID™ Authentication Portal (aka Captive Portal) service, GlobalProtect™ gateway/portal features and Clientless VPN of Palo Alto Networks PAN-OS® software enables a malicious unauthenticated user to store or execute malicious JavaScript payload. The security risk posed by this issue is minimized when the management interface and access to the User-ID™ Authentication Portal is restricted to only trusted internal IP addresses according to our recommended best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 . This issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series). Cloud NGFW is not affected by this vulnerability.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    References
    Impacted products
    Vendor Product Version
    Palo Alto Networks Cloud NGFW Unaffected: All (custom)
    Create a notification for this product.
    Palo Alto Networks PAN-OS Affected: 12.1.0 , < 12.1.8 (custom)
    Affected: 11.2.0 , < 11.2.13 (custom)
    Affected: 11.1.0 , < 11.1.16 (custom)
    Affected: 10.2.0 , < 10.2.18-h8 (custom)
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.7:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h16:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.15:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.14:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.17:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.15:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.14:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h37:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h36:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h31:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h30:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h27:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h26:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h23:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Palo Alto Networks Prisma Access Affected: 12.1.0 , < 12.1.8 (custom)
    Affected: 11.2.0 (custom)
    Affected: 10.2.0 (custom)
    Create a notification for this product.
    Date Public
    2026-07-08 16:00
    Credits
    our internal security research teams
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-0279",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-09T19:23:35.978278Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-09T19:23:42.200Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Cloud NGFW",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "All",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.7:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h16:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.15:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.14:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.17:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.15:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.14:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h37:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h36:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h31:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h30:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h27:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h26:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h23:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "affected",
              "product": "PAN-OS",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "12.1.8",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "12.1.8",
                  "status": "affected",
                  "version": "12.1.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "11.2.13",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "11.2.13",
                  "status": "affected",
                  "version": "11.2.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "11.1.16",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "11.1.16",
                  "status": "affected",
                  "version": "11.1.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "10.2.18-h8",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.16-h9",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.13-h23",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.10-h39",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.7-h36",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "10.2.18-h8",
                  "status": "affected",
                  "version": "10.2.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "Prisma Access",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "12.1.8",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "12.1.8",
                  "status": "affected",
                  "version": "12.1.0",
                  "versionType": "custom"
                },
                {
                  "status": "affected",
                  "version": "11.2.0",
                  "versionType": "custom"
                },
                {
                  "status": "affected",
                  "version": "10.2.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "configurations": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "No special configuration is required to be affected by this issue."
                }
              ],
              "value": "No special configuration is required to be affected by this issue."
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "12.1.8",
                      "versionStartIncluding": "12.1.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.13",
                      "versionStartIncluding": "11.2.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.16",
                      "versionStartIncluding": "11.1.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionStartIncluding": "10.2.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:prisma_access:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "12.1.8",
                      "versionStartIncluding": "12.1.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:prisma_access:*:*:*:*:*:*:*:*",
                      "versionStartIncluding": "11.2.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:prisma_access:*:*:*:*:*:*:*:*",
                      "versionStartIncluding": "10.2.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "our internal security research teams"
            }
          ],
          "datePublic": "2026-07-08T16:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Multiple cross site scripting vulnerabilities in the User-ID\u2122 Authentication Portal (aka Captive Portal) service, GlobalProtect\u2122 gateway/portal features and Clientless VPN of Palo Alto Networks PAN-OS\u00ae software enables a malicious unauthenticated user to store or execute malicious JavaScript payload.\u003cbr\u003e\u003cp\u003e\u003cspan\u003eThe security risk posed by this issue is minimized when the management interface and access to the User-ID\u2122 Authentication Portal is restricted to only trusted internal IP addresses according to our recommended\u003c/span\u003e \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431\"\u003e\u003cspan\u003ebest practice deployment guidelines\u003c/span\u003e\u003c/a\u003e\u003cspan\u003e.\u003cbr\u003e\u003cbr\u003e\u003c/span\u003e\u003cspan\u003eThis issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series).\u003c/span\u003e\u003cb\u003e\u003cspan\u003e\u003cbr\u003e\u003c/span\u003e\u003cspan\u003e\u003cbr\u003e\u003c/span\u003e\u003c/b\u003e\u003cspan\u003eCloud NGFW is not affected by this vulnerability.\u003c/span\u003e\u003cbr\u003e\u003c/p\u003e"
                }
              ],
              "value": "Multiple cross site scripting vulnerabilities in the User-ID\u2122 Authentication Portal (aka Captive Portal) service, GlobalProtect\u2122 gateway/portal features and Clientless VPN of Palo Alto Networks PAN-OS\u00ae software enables a malicious unauthenticated user to store or execute malicious JavaScript payload.\n\n\nThe security risk posed by this issue is minimized when the management interface and access to the User-ID\u2122 Authentication Portal is restricted to only trusted internal IP addresses according to our recommended  best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 .\n\nThis issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series).\n\nCloud NGFW is not affected by this vulnerability."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
                }
              ],
              "value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-63",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-63 Cross-Site Scripting (XSS)"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NO",
                "Recovery": "USER",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 1.3,
                "baseSeverity": "LOW",
                "exploitMaturity": "UNREPORTED",
                "privilegesRequired": "NONE",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "PASSIVE",
                "valueDensity": "DIFFUSE",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "LOW",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "MODERATE"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "The risk is highest when you allow access to the management interface from external IP addresses on the internet."
                }
              ]
            },
            {
              "cvssV4_0": {
                "Automatable": "NO",
                "Recovery": "USER",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "ADJACENT",
                "baseScore": 1.2,
                "baseSeverity": "LOW",
                "exploitMaturity": "UNREPORTED",
                "privilegesRequired": "NONE",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "PASSIVE",
                "valueDensity": "DIFFUSE",
                "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "LOW",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "MODERATE"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "You can reduce the risk of exploitation by restricting access to a jump box that is the only system allowed to access the management interface."
                }
              ]
            },
            {
              "cvssV4_0": {
                "Automatable": "NO",
                "Recovery": "USER",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "ADJACENT",
                "baseScore": 0.4,
                "baseSeverity": "LOW",
                "exploitMaturity": "UNREPORTED",
                "privilegesRequired": "LOW",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "PASSIVE",
                "valueDensity": "DIFFUSE",
                "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "LOW",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "MODERATE"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "The risk of exploitation is lower for Prisma Access as it requires an authenticated user and the external network access to the management interface is restricted."
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-09T19:08:41.656Z",
            "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
            "shortName": "palo_alto"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://security.paloaltonetworks.com/CVE-2026-0279"
            }
          ],
          "solutions": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003ctable\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eVersion\u003cbr\u003e\u003c/th\u003e\u003cth\u003eMinor Version\u003cbr\u003e\u003c/th\u003e\u003cth\u003eSuggested Solution\u003cbr\u003e\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003eCloud NGFW\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 12.1\u003c/td\u003e\u003ctd\u003e12.1.2 through 12.1.7-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 12.1.8\u0026nbsp; or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 11.2\u003c/td\u003e\u003ctd\u003e11.2.0 through 11.2.12\u003c/td\u003e\u003ctd\u003eUpgrade to 11.2.13 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 11.1\u003c/td\u003e\u003ctd\u003e11.1.0 through 11.1.15-h*\u003cbr\u003e\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.16\u0026nbsp; or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 10.2\u003c/td\u003e\u003ctd\u003e10.2.0 through 10.2*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.16, 11.2.13, 12.1.8  or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eAll older\u003cbr\u003eunsupported\u003cbr\u003ePAN-OS versions\u003c/td\u003e\u003ctd\u003e\u0026nbsp;\u003c/td\u003e\u003ctd\u003eUpgrade to a supported fixed version.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u0026nbsp;Prisma Access 12.1\u003c/td\u003e\u003ctd\u003e12.1.2 through 12.1.7-h*\u003c/td\u003e\u003ctd\u003e\u0026nbsp;Upgrade to 12.1.8  or later.*\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePrisma Access 11.2\u003c/td\u003e\u003ctd\u003e11.2.0 through 11.2*\u003c/td\u003e\u003ctd\u003eUpgrade to 12.1.8 or later.*\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePrisma Access 10.2\u003c/td\u003e\u003ctd\u003e10.2.0 through 10.2*\u003c/td\u003e\u003ctd\u003eUpgrade to 12.1.8 or later.*\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003cbr\u003e* See the note under Product Status for information regarding Prisma Access upgrades."
                }
              ],
              "value": "Version\nMinor Version\nSuggested Solution\nCloud NGFW\nNo action needed.PAN-OS 12.112.1.2 through 12.1.7-h*Upgrade to 12.1.8\u00a0 or later.PAN-OS 11.211.2.0 through 11.2.12Upgrade to 11.2.13 or later.PAN-OS 11.111.1.0 through 11.1.15-h*\nUpgrade to 11.1.16\u00a0 or later.PAN-OS 10.210.2.0 through 10.2*Upgrade to 11.1.16, 11.2.13, 12.1.8  or later.All older\nunsupported\nPAN-OS versions\u00a0Upgrade to a supported fixed version.\u00a0Prisma Access 12.112.1.2 through 12.1.7-h*\u00a0Upgrade to 12.1.8  or later.*Prisma Access 11.211.2.0 through 11.2*Upgrade to 12.1.8 or later.*Prisma Access 10.210.2.0 through 10.2*Upgrade to 12.1.8 or later.*\n* See the note under Product Status for information regarding Prisma Access upgrades."
            }
          ],
          "source": {
            "discovery": "INTERNAL"
          },
          "timeline": [
            {
              "lang": "en",
              "time": "2026-07-08T20:30:00.000Z",
              "value": "Updated the Unaffected version for Prisma Access."
            },
            {
              "lang": "en",
              "time": "2026-07-08T16:00:00.000Z",
              "value": "Initial publication"
            }
          ],
          "title": "PAN-OS: Multiple Cross-Site Scripting (XSS) Vulnerabilities",
          "workarounds": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eThe vast majority of firewalls already follow Palo Alto Networks\u0027 and industry best practices. However, if you have not already, we strongly recommend that you secure access to your management interface according to our \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431\"\u003ebest practice deployment guidelines\u003c/a\u003e.\u0026nbsp;Specifically, you should restrict management interface access to only trusted internal IP addresses.\u003c/p\u003e\u003cp\u003eReview information about how to secure management access to your Palo Alto Networks firewalls:\u003c/p\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431\"\u003e\u003c/a\u003e\u003cul\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431\"\u003e\u003c/a\u003e\u003cli\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431\"\u003e\u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431\"\u003ePalo Alto Networks LIVEcommunity article\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices\"\u003ePalo Alto Networks official and detailed technical documentation\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e"
                }
              ],
              "value": "The vast majority of firewalls already follow Palo Alto Networks\u0027 and industry best practices. However, if you have not already, we strongly recommend that you secure access to your management interface according to our  best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 .\u00a0Specifically, you should restrict management interface access to only trusted internal IP addresses.\n\n\n\nReview information about how to secure management access to your Palo Alto Networks firewalls:\n\n  https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431   https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431   *    https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431  Palo Alto Networks LIVEcommunity article https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 \n  *   Palo Alto Networks official and detailed technical documentation https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices"
            }
          ],
          "x_affectedList": [
            "PAN-OS 12.1.7",
            "PAN-OS 12.1.6",
            "PAN-OS 12.1.5",
            "PAN-OS 12.1.4-h6",
            "PAN-OS 12.1.4-h5",
            "PAN-OS 12.1.4-h3",
            "PAN-OS 12.1.4-h2",
            "PAN-OS 12.1.4",
            "PAN-OS 12.1.3-h3",
            "PAN-OS 12.1.3-h1",
            "PAN-OS 12.1.3",
            "PAN-OS 12.1.2",
            "PAN-OS 11.2.12",
            "PAN-OS 11.2.11",
            "PAN-OS 11.2.10-h8",
            "PAN-OS 11.2.10-h7",
            "PAN-OS 11.2.10-h6",
            "PAN-OS 11.2.10-h5",
            "PAN-OS 11.2.10-h4",
            "PAN-OS 11.2.10-h3",
            "PAN-OS 11.2.10-h2",
            "PAN-OS 11.2.10-h1",
            "PAN-OS 11.2.10",
            "PAN-OS 11.2.9",
            "PAN-OS 11.2.8",
            "PAN-OS 11.2.7-h15",
            "PAN-OS 11.2.7-h14",
            "PAN-OS 11.2.7-h13",
            "PAN-OS 11.2.7-h12",
            "PAN-OS 11.2.7-h11",
            "PAN-OS 11.2.7-h10",
            "PAN-OS 11.2.7-h8",
            "PAN-OS 11.2.7-h7",
            "PAN-OS 11.2.7-h4",
            "PAN-OS 11.2.7-h3",
            "PAN-OS 11.2.7-h2",
            "PAN-OS 11.2.7-h1",
            "PAN-OS 11.2.7",
            "PAN-OS 11.2.6",
            "PAN-OS 11.2.5",
            "PAN-OS 11.2.4-h17",
            "PAN-OS 11.2.4-h15",
            "PAN-OS 11.2.4-h14",
            "PAN-OS 11.2.4-h12",
            "PAN-OS 11.2.4-h11",
            "PAN-OS 11.2.4-h10",
            "PAN-OS 11.2.4-h9",
            "PAN-OS 11.2.4-h8",
            "PAN-OS 11.2.4-h7",
            "PAN-OS 11.2.4-h6",
            "PAN-OS 11.2.4-h5",
            "PAN-OS 11.2.4-h4",
            "PAN-OS 11.2.4-h3",
            "PAN-OS 11.2.4-h2",
            "PAN-OS 11.2.4-h1",
            "PAN-OS 11.2.4",
            "PAN-OS 11.2.3-h5",
            "PAN-OS 11.2.3-h4",
            "PAN-OS 11.2.3-h3",
            "PAN-OS 11.2.3-h2",
            "PAN-OS 11.2.3-h1",
            "PAN-OS 11.2.3",
            "PAN-OS 11.2.2-h2",
            "PAN-OS 11.2.2-h1",
            "PAN-OS 11.2.1-h1",
            "PAN-OS 11.2.1",
            "PAN-OS 11.2.0-h1",
            "PAN-OS 11.2.0",
            "PAN-OS 11.1.15",
            "PAN-OS 11.1.14",
            "PAN-OS 11.1.13-h6",
            "PAN-OS 11.1.13-h5",
            "PAN-OS 11.1.13-h3",
            "PAN-OS 11.1.13-h2",
            "PAN-OS 11.1.13-h1",
            "PAN-OS 11.1.13",
            "PAN-OS 11.1.12",
            "PAN-OS 11.1.11",
            "PAN-OS 11.1.10-h26",
            "PAN-OS 11.1.10-h25",
            "PAN-OS 11.1.10-h21",
            "PAN-OS 11.1.10-h12",
            "PAN-OS 11.1.10-h10",
            "PAN-OS 11.1.10-h9",
            "PAN-OS 11.1.10-h7",
            "PAN-OS 11.1.10-h5",
            "PAN-OS 11.1.10-h4",
            "PAN-OS 11.1.10-h1",
            "PAN-OS 11.1.10",
            "PAN-OS 11.1.9",
            "PAN-OS 11.1.8",
            "PAN-OS 11.1.6-h32",
            "PAN-OS 11.1.6-h29",
            "PAN-OS 11.1.6-h25",
            "PAN-OS 11.1.6-h23",
            "PAN-OS 11.1.6-h22",
            "PAN-OS 11.1.6-h21",
            "PAN-OS 11.1.6-h20",
            "PAN-OS 11.1.6-h19",
            "PAN-OS 11.1.6-h18",
            "PAN-OS 11.1.6-h17",
            "PAN-OS 11.1.6-h14",
            "PAN-OS 11.1.6-h10",
            "PAN-OS 11.1.6-h7",
            "PAN-OS 11.1.6-h6",
            "PAN-OS 11.1.6-h4",
            "PAN-OS 11.1.6-h3",
            "PAN-OS 11.1.6-h2",
            "PAN-OS 11.1.6-h1",
            "PAN-OS 11.1.6",
            "PAN-OS 11.1.5-h1",
            "PAN-OS 11.1.5",
            "PAN-OS 11.1.4-h33",
            "PAN-OS 11.1.4-h32",
            "PAN-OS 11.1.4-h27",
            "PAN-OS 11.1.4-h25",
            "PAN-OS 11.1.4-h18",
            "PAN-OS 11.1.4-h17",
            "PAN-OS 11.1.4-h15",
            "PAN-OS 11.1.4-h13",
            "PAN-OS 11.1.4-h12",
            "PAN-OS 11.1.4-h11",
            "PAN-OS 11.1.4-h10",
            "PAN-OS 11.1.4-h9",
            "PAN-OS 11.1.4-h8",
            "PAN-OS 11.1.4-h7",
            "PAN-OS 11.1.4-h6",
            "PAN-OS 11.1.4-h5",
            "PAN-OS 11.1.4-h4",
            "PAN-OS 11.1.4-h3",
            "PAN-OS 11.1.4-h2",
            "PAN-OS 11.1.4-h1",
            "PAN-OS 11.1.4",
            "PAN-OS 11.1.3-h13",
            "PAN-OS 11.1.3-h12",
            "PAN-OS 11.1.3-h11",
            "PAN-OS 11.1.3-h10",
            "PAN-OS 11.1.3-h9",
            "PAN-OS 11.1.3-h8",
            "PAN-OS 11.1.3-h7",
            "PAN-OS 11.1.3-h6",
            "PAN-OS 11.1.3-h5",
            "PAN-OS 11.1.3-h4",
            "PAN-OS 11.1.3-h3",
            "PAN-OS 11.1.3-h2",
            "PAN-OS 11.1.3-h1",
            "PAN-OS 11.1.3",
            "PAN-OS 11.1.2-h18",
            "PAN-OS 11.1.2-h17",
            "PAN-OS 11.1.2-h16",
            "PAN-OS 11.1.2-h15",
            "PAN-OS 11.1.2-h14",
            "PAN-OS 11.1.2-h13",
            "PAN-OS 11.1.2-h12",
            "PAN-OS 11.1.2-h11",
            "PAN-OS 11.1.2-h10",
            "PAN-OS 11.1.2-h9",
            "PAN-OS 11.1.2-h8",
            "PAN-OS 11.1.2-h7",
            "PAN-OS 11.1.2-h6",
            "PAN-OS 11.1.2-h5",
            "PAN-OS 11.1.2-h4",
            "PAN-OS 11.1.2-h3",
            "PAN-OS 11.1.2-h2",
            "PAN-OS 11.1.2-h1",
            "PAN-OS 11.1.2",
            "PAN-OS 11.1.1-h2",
            "PAN-OS 11.1.1-h1",
            "PAN-OS 11.1.1",
            "PAN-OS 11.1.0-h4",
            "PAN-OS 11.1.0-h3",
            "PAN-OS 11.1.0-h2",
            "PAN-OS 11.1.0-h1",
            "PAN-OS 11.1.0",
            "PAN-OS 10.2.18-h6",
            "PAN-OS 10.2.18-h5",
            "PAN-OS 10.2.18-h1",
            "PAN-OS 10.2.18",
            "PAN-OS 10.2.17",
            "PAN-OS 10.2.16-h7",
            "PAN-OS 10.2.16-h6",
            "PAN-OS 10.2.16-h4",
            "PAN-OS 10.2.16-h1",
            "PAN-OS 10.2.16",
            "PAN-OS 10.2.15",
            "PAN-OS 10.2.14-h1",
            "PAN-OS 10.2.14",
            "PAN-OS 10.2.13-h21",
            "PAN-OS 10.2.13-h18",
            "PAN-OS 10.2.13-h16",
            "PAN-OS 10.2.13-h15",
            "PAN-OS 10.2.13-h10",
            "PAN-OS 10.2.13-h7",
            "PAN-OS 10.2.13-h5",
            "PAN-OS 10.2.13-h4",
            "PAN-OS 10.2.13-h3",
            "PAN-OS 10.2.13-h2",
            "PAN-OS 10.2.13-h1",
            "PAN-OS 10.2.13",
            "PAN-OS 10.2.12-h6",
            "PAN-OS 10.2.12-h5",
            "PAN-OS 10.2.12-h4",
            "PAN-OS 10.2.12-h3",
            "PAN-OS 10.2.12-h2",
            "PAN-OS 10.2.12-h1",
            "PAN-OS 10.2.12",
            "PAN-OS 10.2.11-h13",
            "PAN-OS 10.2.11-h12",
            "PAN-OS 10.2.11-h11",
            "PAN-OS 10.2.11-h10",
            "PAN-OS 10.2.11-h9",
            "PAN-OS 10.2.11-h8",
            "PAN-OS 10.2.11-h7",
            "PAN-OS 10.2.11-h6",
            "PAN-OS 10.2.11-h5",
            "PAN-OS 10.2.11-h4",
            "PAN-OS 10.2.11-h3",
            "PAN-OS 10.2.11-h2",
            "PAN-OS 10.2.11-h1",
            "PAN-OS 10.2.11",
            "PAN-OS 10.2.10-h36",
            "PAN-OS 10.2.10-h31",
            "PAN-OS 10.2.10-h30",
            "PAN-OS 10.2.10-h27",
            "PAN-OS 10.2.10-h26",
            "PAN-OS 10.2.10-h23",
            "PAN-OS 10.2.10-h21",
            "PAN-OS 10.2.10-h18",
            "PAN-OS 10.2.10-h17",
            "PAN-OS 10.2.10-h14",
            "PAN-OS 10.2.10-h13",
            "PAN-OS 10.2.10-h12",
            "PAN-OS 10.2.10-h11",
            "PAN-OS 10.2.10-h10",
            "PAN-OS 10.2.10-h9",
            "PAN-OS 10.2.10-h8",
            "PAN-OS 10.2.10-h7",
            "PAN-OS 10.2.10-h6",
            "PAN-OS 10.2.10-h5",
            "PAN-OS 10.2.10-h4",
            "PAN-OS 10.2.10-h3",
            "PAN-OS 10.2.10-h2",
            "PAN-OS 10.2.10-h1",
            "PAN-OS 10.2.10",
            "PAN-OS 10.2.9-h21",
            "PAN-OS 10.2.9-h20",
            "PAN-OS 10.2.9-h19",
            "PAN-OS 10.2.9-h18",
            "PAN-OS 10.2.9-h17",
            "PAN-OS 10.2.9-h16",
            "PAN-OS 10.2.9-h15",
            "PAN-OS 10.2.9-h14",
            "PAN-OS 10.2.9-h13",
            "PAN-OS 10.2.9-h12",
            "PAN-OS 10.2.9-h11",
            "PAN-OS 10.2.9-h10",
            "PAN-OS 10.2.9-h9",
            "PAN-OS 10.2.9-h8",
            "PAN-OS 10.2.9-h7",
            "PAN-OS 10.2.9-h6",
            "PAN-OS 10.2.9-h5",
            "PAN-OS 10.2.9-h4",
            "PAN-OS 10.2.9-h3",
            "PAN-OS 10.2.9-h2",
            "PAN-OS 10.2.9-h1",
            "PAN-OS 10.2.9",
            "PAN-OS 10.2.8-h21",
            "PAN-OS 10.2.8-h20",
            "PAN-OS 10.2.8-h19",
            "PAN-OS 10.2.8-h18",
            "PAN-OS 10.2.8-h17",
            "PAN-OS 10.2.8-h16",
            "PAN-OS 10.2.8-h15",
            "PAN-OS 10.2.8-h14",
            "PAN-OS 10.2.8-h13",
            "PAN-OS 10.2.8-h12",
            "PAN-OS 10.2.8-h11",
            "PAN-OS 10.2.8-h10",
            "PAN-OS 10.2.8-h9",
            "PAN-OS 10.2.8-h8",
            "PAN-OS 10.2.8-h7",
            "PAN-OS 10.2.8-h6",
            "PAN-OS 10.2.8-h5",
            "PAN-OS 10.2.8-h4",
            "PAN-OS 10.2.8-h3",
            "PAN-OS 10.2.8-h2",
            "PAN-OS 10.2.8-h1",
            "PAN-OS 10.2.8",
            "PAN-OS 10.2.7-h34",
            "PAN-OS 10.2.7-h32",
            "PAN-OS 10.2.7-h24",
            "PAN-OS 10.2.7-h23",
            "PAN-OS 10.2.7-h22",
            "PAN-OS 10.2.7-h21",
            "PAN-OS 10.2.7-h20",
            "PAN-OS 10.2.7-h19",
            "PAN-OS 10.2.7-h18",
            "PAN-OS 10.2.7-h17",
            "PAN-OS 10.2.7-h16",
            "PAN-OS 10.2.7-h15",
            "PAN-OS 10.2.7-h14",
            "PAN-OS 10.2.7-h13",
            "PAN-OS 10.2.7-h12",
            "PAN-OS 10.2.7-h11",
            "PAN-OS 10.2.7-h10",
            "PAN-OS 10.2.7-h9",
            "PAN-OS 10.2.7-h8",
            "PAN-OS 10.2.7-h7",
            "PAN-OS 10.2.7-h6",
            "PAN-OS 10.2.7-h5",
            "PAN-OS 10.2.7-h4",
            "PAN-OS 10.2.7-h3",
            "PAN-OS 10.2.7-h2",
            "PAN-OS 10.2.7-h1",
            "PAN-OS 10.2.7",
            "PAN-OS 10.2.6-h6",
            "PAN-OS 10.2.6-h5",
            "PAN-OS 10.2.6-h4",
            "PAN-OS 10.2.6-h3",
            "PAN-OS 10.2.6-h2",
            "PAN-OS 10.2.6-h1",
            "PAN-OS 10.2.6",
            "PAN-OS 10.2.5-h9",
            "PAN-OS 10.2.5-h8",
            "PAN-OS 10.2.5-h7",
            "PAN-OS 10.2.5-h6",
            "PAN-OS 10.2.5-h5",
            "PAN-OS 10.2.5-h4",
            "PAN-OS 10.2.5-h3",
            "PAN-OS 10.2.5-h2",
            "PAN-OS 10.2.5-h1",
            "PAN-OS 10.2.5",
            "PAN-OS 10.2.4-h32",
            "PAN-OS 10.2.4-h31",
            "PAN-OS 10.2.4-h30",
            "PAN-OS 10.2.4-h29",
            "PAN-OS 10.2.4-h28",
            "PAN-OS 10.2.4-h27",
            "PAN-OS 10.2.4-h26",
            "PAN-OS 10.2.4-h25",
            "PAN-OS 10.2.4-h24",
            "PAN-OS 10.2.4-h23",
            "PAN-OS 10.2.4-h22",
            "PAN-OS 10.2.4-h21",
            "PAN-OS 10.2.4-h20",
            "PAN-OS 10.2.4-h19",
            "PAN-OS 10.2.4-h18",
            "PAN-OS 10.2.4-h17",
            "PAN-OS 10.2.4-h16",
            "PAN-OS 10.2.4-h15",
            "PAN-OS 10.2.4-h14",
            "PAN-OS 10.2.4-h13",
            "PAN-OS 10.2.4-h12",
            "PAN-OS 10.2.4-h11",
            "PAN-OS 10.2.4-h10",
            "PAN-OS 10.2.4-h9",
            "PAN-OS 10.2.4-h8",
            "PAN-OS 10.2.4-h7",
            "PAN-OS 10.2.4-h6",
            "PAN-OS 10.2.4-h5",
            "PAN-OS 10.2.4-h4",
            "PAN-OS 10.2.4-h3",
            "PAN-OS 10.2.4-h2",
            "PAN-OS 10.2.4-h1",
            "PAN-OS 10.2.4",
            "PAN-OS 10.2.3-h14",
            "PAN-OS 10.2.3-h13",
            "PAN-OS 10.2.3-h12",
            "PAN-OS 10.2.3-h11",
            "PAN-OS 10.2.3-h10",
            "PAN-OS 10.2.3-h9",
            "PAN-OS 10.2.3-h8",
            "PAN-OS 10.2.3-h7",
            "PAN-OS 10.2.3-h6",
            "PAN-OS 10.2.3-h5",
            "PAN-OS 10.2.3-h4",
            "PAN-OS 10.2.3-h3",
            "PAN-OS 10.2.3-h2",
            "PAN-OS 10.2.3-h1",
            "PAN-OS 10.2.3",
            "PAN-OS 10.2.2-h6",
            "PAN-OS 10.2.2-h5",
            "PAN-OS 10.2.2-h4",
            "PAN-OS 10.2.2-h3",
            "PAN-OS 10.2.2-h2",
            "PAN-OS 10.2.2-h1",
            "PAN-OS 10.2.2",
            "PAN-OS 10.2.1-h3",
            "PAN-OS 10.2.1-h2",
            "PAN-OS 10.2.1-h1",
            "PAN-OS 10.2.1",
            "PAN-OS 10.2.0-h4",
            "PAN-OS 10.2.0-h3",
            "PAN-OS 10.2.0-h2",
            "PAN-OS 10.2.0-h1",
            "PAN-OS 10.2.0"
          ],
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "assignerShortName": "palo_alto",
        "cveId": "CVE-2026-0279",
        "datePublished": "2026-07-09T19:08:41.656Z",
        "dateReserved": "2025-11-03T20:44:38.280Z",
        "dateUpdated": "2026-07-09T19:23:42.200Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-0280 (GCVE-0-2026-0280)

    Vulnerability from cvelistv5 – Published: 2026-07-09 19:05 – Updated: 2026-07-09 19:23
    VLAI
    Title
    PAN-OS: IPv6 Firewall Policy Bypass
    Summary
    An IPv6 packet processing vulnerability in the dataplane of Palo Alto Networks PAN-OS® software enables an unauthenticated attacker to bypass firewall security policy enforcement, allowing network traffic that should be blocked to reach protected services. Cloud NGFW and Panorama are not impacted by this vulnerability.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-131 - Incorrect Calculation of Buffer Size
    Assigner
    References
    Impacted products
    Vendor Product Version
    Palo Alto Networks Cloud NGFW Unaffected: All (custom)
    Create a notification for this product.
    Palo Alto Networks PAN-OS Affected: 12.1.0 , < 12.1.8 (custom)
    Affected: 11.2.0 , < 11.2.13 (custom)
    Affected: 11.1.0 , < 11.1.16 (custom)
    Affected: 10.2.0 , < 10.2.18-h8 (custom)
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.7:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.15:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.14:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h26:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h25:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h32:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h29:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h25:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h23:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h22:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h20:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h19:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h33:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h32:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h27:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h25:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.17:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.15:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.14:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h16:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h36:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h31:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h30:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h27:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h26:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h23:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h34:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h32:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h24:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h23:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h22:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h20:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h19:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h16:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Palo Alto Networks Panorama Unaffected: All (custom)
    Create a notification for this product.
    Palo Alto Networks Prisma Access Affected: 11.2.0 , < 11.2.7-h18 (custom)
    Affected: 10.2.0 , < 10.2.10-h39 (custom)
    Create a notification for this product.
    Date Public
    2026-07-08 16:00
    Credits
    Curious of TRAPA Security
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-0280",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-09T19:23:50.545835Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-09T19:23:56.125Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Cloud NGFW",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "All",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.7:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.15:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.14:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h26:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h25:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h32:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h29:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h25:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h23:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h22:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h20:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h19:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h33:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h32:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h27:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h25:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.17:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.15:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.14:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h16:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h36:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h31:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h30:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h27:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h26:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h23:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h34:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h32:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h24:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h23:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h22:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h20:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h19:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h16:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "PAN-OS",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "12.1.8",
                      "status": "unaffected"
                    },
                    {
                      "at": "12.1.7-h2",
                      "status": "unaffected"
                    },
                    {
                      "at": "12.1.4-h8",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "12.1.8",
                  "status": "affected",
                  "version": "12.1.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "11.2.13",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.2.10-h11",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.2.7-h18",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.2.4-h20",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "11.2.13",
                  "status": "affected",
                  "version": "11.2.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "11.1.16",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.13-h9",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.10-h30",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.7-h8",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.6-h35",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.4-h35",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "11.1.16",
                  "status": "affected",
                  "version": "11.1.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "10.2.18-h8",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.16-h9",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.13-h23",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.10-h39",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.7-h36",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "10.2.18-h8",
                  "status": "affected",
                  "version": "10.2.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Panorama",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "All",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Prisma Access",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "11.2.7-h18",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "11.2.7-h18",
                  "status": "affected",
                  "version": "11.2.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "10.2.10-h39",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "10.2.10-h39",
                  "status": "affected",
                  "version": "10.2.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "configurations": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "This issue applies to PAN-OS firewalls with IPv6 enabled on one or more interfaces.\u003cbr\u003e\u003cbr\u003eYou can verify IPv6 is enabled by checking:\u003cbr\u003e\u2003Network -\u0026gt; Interfaces -\u0026gt; [Interface with Layer3 type] -\u0026gt; IPv6 \u0026gt; Enable IPv6 on the interface"
                }
              ],
              "value": "This issue applies to PAN-OS firewalls with IPv6 enabled on one or more interfaces.\n\nYou can verify IPv6 is enabled by checking:\n\u2003Network -\u003e Interfaces -\u003e [Interface with Layer3 type] -\u003e IPv6 \u003e Enable IPv6 on the interface"
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "12.1.8",
                      "versionStartIncluding": "12.1.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "12.1.7-h2",
                      "versionStartIncluding": "12.1.7",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "12.1.4-h8",
                      "versionStartIncluding": "12.1.4",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.13",
                      "versionStartIncluding": "11.2.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.10-h11",
                      "versionStartIncluding": "11.2.10",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.7-h18",
                      "versionStartIncluding": "11.2.7",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.4-h20",
                      "versionStartIncluding": "11.2.4",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.16",
                      "versionStartIncluding": "11.1.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.13-h9",
                      "versionStartIncluding": "11.1.13",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.10-h30",
                      "versionStartIncluding": "11.1.10",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.7-h8",
                      "versionStartIncluding": "11.1.7",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.6-h35",
                      "versionStartIncluding": "11.1.6",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.4-h35",
                      "versionStartIncluding": "11.1.4",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.18-h8",
                      "versionStartIncluding": "10.2.18",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.16-h9",
                      "versionStartIncluding": "10.2.16",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.13-h23",
                      "versionStartIncluding": "10.2.13",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.10-h39",
                      "versionStartIncluding": "10.2.10",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.7-h36",
                      "versionStartIncluding": "10.2.7",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:prisma_access:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.7-h18",
                      "versionStartIncluding": "11.2.7",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:prisma_access:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.10-h39",
                      "versionStartIncluding": "10.2.10",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Curious of TRAPA Security"
            }
          ],
          "datePublic": "2026-07-08T16:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An IPv6 packet processing vulnerability in the dataplane of Palo Alto Networks PAN-OS\u00ae software enables an unauthenticated attacker to bypass firewall security policy enforcement, allowing network traffic that should be blocked to reach protected services.\u003cbr\u003e\u003cbr\u003eCloud NGFW and Panorama are not impacted by this vulnerability."
                }
              ],
              "value": "An IPv6 packet processing vulnerability in the dataplane of Palo Alto Networks PAN-OS\u00ae software enables an unauthenticated attacker to bypass firewall security policy enforcement, allowing network traffic that should be blocked to reach protected services.\n\nCloud NGFW and Panorama are not impacted by this vulnerability."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
                }
              ],
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-153",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-153 Input Data Manipulation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "YES",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "NETWORK",
                "baseScore": 1.7,
                "baseSeverity": "LOW",
                "exploitMaturity": "UNREPORTED",
                "privilegesRequired": "NONE",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "LOW",
                "subIntegrityImpact": "LOW",
                "userInteraction": "NONE",
                "valueDensity": "DIFFUSE",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/AU:Y/V:D/RE:M/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "MODERATE"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-131",
                  "description": "CWE-131 Incorrect Calculation of Buffer Size",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-09T19:05:24.367Z",
            "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
            "shortName": "palo_alto"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://security.paloaltonetworks.com/CVE-2026-0280"
            }
          ],
          "solutions": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003ctable\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eVersion\u003cbr\u003e\u003c/th\u003e\u003cth\u003eMinor Version\u003cbr\u003e\u003c/th\u003e\u003cth\u003eSuggested Solution\u003cbr\u003e\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003eCloud NGFW\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePAN-OS 12.1\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e12.1.5 through 12.1.7\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 12.1.7-h2 or 12.1.8 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e12.1.2 through 12.1.4\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 12.1.4-h8 or 12.1.8 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePAN-OS 11.2\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.2.11 through 11.2.12\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.2.13 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.2.8 through 11.2.10\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.2.10-h11 or 11.2.13 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.2.5 through 11.2.7\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.2.7-h18 or 11.2.13 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.2.0 through 11.2.4\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.2.4-h20 or 11.2.13 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePAN-OS 11.1\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.14 through 11.1.15\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.16 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.11 through 11.1.13\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.13-h9 or 11.1.16 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.8 through 11.1.10\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.10-h30 or 11.1.16 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.7 through 11.1.7\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.7-h8 or 11.1.16 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.5 through 11.1.6\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.6-h35 or 11.1.16 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.0 through 11.1.4\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.4-h35 or 11.1.16 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePAN-OS 10.2\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e10.2.17 through 10.2.18\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 10.2.18-h8 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e10.2.14 through 10.2.16\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 10.2.16-h9 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e10.2.11 through 10.2.13\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 10.2.13-h23 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e10.2.8 through 10.2.10\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 10.2.10-h39 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e10.2.0 through 10.2.7\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 10.2.7-h36 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eAll older\u003cbr\u003eunsupported\u003cbr\u003ePAN-OS versions\u003c/td\u003e\u003ctd\u003e\u0026nbsp;\u003c/td\u003e\u003ctd\u003eUpgrade to a supported fixed version.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePrisma Access 11.2\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.2.0 through 11.2.7\u003c/td\u003e\u003ctd\u003eUpgrade to 11.2.7-h18 or later.*\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePrisma Access 10.2\u003c/td\u003e\u003ctd\u003e10.2.0 through 10.2.10\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.10-h39 or later.*\u003cbr\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003cbr\u003e* See the note under Product Status for information regarding Prisma Access upgrades."
                }
              ],
              "value": "Version\nMinor Version\nSuggested Solution\nCloud NGFW\nNo action needed.\n                                PAN-OS 12.1\n\n                                12.1.5 through 12.1.7-h*\n                                Upgrade to 12.1.7-h2 or 12.1.8 or later.\n                            \n                                \n                                12.1.2 through 12.1.4-h*\n                                Upgrade to 12.1.4-h8 or 12.1.8 or later.\n                            \n                                PAN-OS 11.2\n\n                                11.2.11 through 11.2.12\n                                Upgrade to 11.2.13 or later.\n                            \n                                \n                                11.2.8 through 11.2.10-h*\n                                Upgrade to 11.2.10-h11 or 11.2.13 or later.\n                            \n                                \n                                11.2.5 through 11.2.7-h*\n                                Upgrade to 11.2.7-h18 or 11.2.13 or later.\n                            \n                                \n                                11.2.0 through 11.2.4-h*\n                                Upgrade to 11.2.4-h20 or 11.2.13 or later.\n                            \n                                PAN-OS 11.1\n\n                                11.1.14 through 11.1.15\n                                Upgrade to 11.1.16 or later.\n                            \n                                \n                                11.1.11 through 11.1.13-h*\n                                Upgrade to 11.1.13-h9 or 11.1.16 or later.\n                            \n                                \n                                11.1.8 through 11.1.10-h*\n                                Upgrade to 11.1.10-h30 or 11.1.16 or later.\n                            \n                                \n                                11.1.7 through 11.1.7-h*\n                                Upgrade to 11.1.7-h8 or 11.1.16 or later.\n                            \n                                \n                                11.1.5 through 11.1.6-h*\n                                Upgrade to 11.1.6-h35 or 11.1.16 or later.\n                            \n                                \n                                11.1.0 through 11.1.4-h*\n                                Upgrade to 11.1.4-h35 or 11.1.16 or later.\n                            \n                                PAN-OS 10.2\n\n                                10.2.17 through 10.2.18-h*\n                                Upgrade to 10.2.18-h8 or later.\n                            \n                                \n                                10.2.14 through 10.2.16-h*\n                                Upgrade to 10.2.16-h9 or later.\n                            \n                                \n                                10.2.11 through 10.2.13-h*\n                                Upgrade to 10.2.13-h23 or later.\n                            \n                                \n                                10.2.8 through 10.2.10-h*\n                                Upgrade to 10.2.10-h39 or later.\n                            \n                                \n                                10.2.0 through 10.2.7-h*\n                                Upgrade to 10.2.7-h36 or later.\n                            All older\nunsupported\nPAN-OS versions\u00a0Upgrade to a supported fixed version.Prisma Access 11.2\n11.2.0 through 11.2.7Upgrade to 11.2.7-h18 or later.*Prisma Access 10.210.2.0 through 10.2.10Upgrade to 10.2.10-h39 or later.*\n\n* See the note under Product Status for information regarding Prisma Access upgrades."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "timeline": [
            {
              "lang": "en",
              "time": "2026-07-08T16:00:00.000Z",
              "value": "Initial Publication"
            }
          ],
          "title": "PAN-OS: IPv6 Firewall Policy Bypass",
          "workarounds": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eThe only way to completely address this vulnerability is to upgrade to a fixed version. However, if operationally feasible for your environment, risk can be mitigated by enabling the default \"Non SYN TCP Reject\" setting via the following command:\u2003\u003c/p\u003e\u2003set deviceconfig setting session tcp-reject-non-syn yes"
                }
              ],
              "value": "The only way to completely address this vulnerability is to upgrade to a fixed version. However, if operationally feasible for your environment, risk can be mitigated by enabling the default \"Non SYN TCP Reject\" setting via the following command:\u2003\n\n\u2003set deviceconfig setting session tcp-reject-non-syn yes"
            }
          ],
          "x_affectedList": [
            "PAN-OS 12.1.7",
            "PAN-OS 12.1.6",
            "PAN-OS 12.1.5",
            "PAN-OS 12.1.4-h6",
            "PAN-OS 12.1.4-h5",
            "PAN-OS 12.1.4-h3",
            "PAN-OS 12.1.4-h2",
            "PAN-OS 12.1.4",
            "PAN-OS 12.1.3-h3",
            "PAN-OS 12.1.3-h1",
            "PAN-OS 12.1.3",
            "PAN-OS 12.1.2",
            "PAN-OS 11.2.12",
            "PAN-OS 11.2.11",
            "PAN-OS 11.2.10-h8",
            "PAN-OS 11.2.10-h7",
            "PAN-OS 11.2.10-h6",
            "PAN-OS 11.2.10-h5",
            "PAN-OS 11.2.10-h4",
            "PAN-OS 11.2.10-h3",
            "PAN-OS 11.2.10-h2",
            "PAN-OS 11.2.10-h1",
            "PAN-OS 11.2.10",
            "PAN-OS 11.2.9",
            "PAN-OS 11.2.8",
            "PAN-OS 11.2.7-h15",
            "PAN-OS 11.2.7-h14",
            "PAN-OS 11.2.7-h13",
            "PAN-OS 11.2.7-h12",
            "PAN-OS 11.2.7-h11",
            "PAN-OS 11.2.7-h10",
            "PAN-OS 11.2.7-h8",
            "PAN-OS 11.2.7-h7",
            "PAN-OS 11.2.7-h4",
            "PAN-OS 11.2.7-h3",
            "PAN-OS 11.2.7-h2",
            "PAN-OS 11.2.7-h1",
            "PAN-OS 11.2.7",
            "PAN-OS 11.2.6",
            "PAN-OS 11.2.5",
            "PAN-OS 11.2.4-h17",
            "PAN-OS 11.2.4-h15",
            "PAN-OS 11.2.4-h14",
            "PAN-OS 11.2.4-h12",
            "PAN-OS 11.2.4-h11",
            "PAN-OS 11.2.4-h10",
            "PAN-OS 11.2.4-h9",
            "PAN-OS 11.2.4-h8",
            "PAN-OS 11.2.4-h7",
            "PAN-OS 11.2.4-h6",
            "PAN-OS 11.2.4-h5",
            "PAN-OS 11.2.4-h4",
            "PAN-OS 11.2.4-h3",
            "PAN-OS 11.2.4-h2",
            "PAN-OS 11.2.4-h1",
            "PAN-OS 11.2.4",
            "PAN-OS 11.2.3-h5",
            "PAN-OS 11.2.3-h4",
            "PAN-OS 11.2.3-h3",
            "PAN-OS 11.2.3-h2",
            "PAN-OS 11.2.3-h1",
            "PAN-OS 11.2.3",
            "PAN-OS 11.2.2-h2",
            "PAN-OS 11.2.2-h1",
            "PAN-OS 11.2.1-h1",
            "PAN-OS 11.2.1",
            "PAN-OS 11.2.0-h1",
            "PAN-OS 11.2.0",
            "PAN-OS 11.1.15",
            "PAN-OS 11.1.14",
            "PAN-OS 11.1.13-h6",
            "PAN-OS 11.1.13-h5",
            "PAN-OS 11.1.13-h3",
            "PAN-OS 11.1.13-h2",
            "PAN-OS 11.1.13-h1",
            "PAN-OS 11.1.13",
            "PAN-OS 11.1.12",
            "PAN-OS 11.1.11",
            "PAN-OS 11.1.10-h26",
            "PAN-OS 11.1.10-h25",
            "PAN-OS 11.1.10-h21",
            "PAN-OS 11.1.10-h12",
            "PAN-OS 11.1.10-h10",
            "PAN-OS 11.1.10-h9",
            "PAN-OS 11.1.10-h7",
            "PAN-OS 11.1.10-h5",
            "PAN-OS 11.1.10-h4",
            "PAN-OS 11.1.10-h1",
            "PAN-OS 11.1.10",
            "PAN-OS 11.1.9",
            "PAN-OS 11.1.8",
            "PAN-OS 11.1.6-h32",
            "PAN-OS 11.1.6-h29",
            "PAN-OS 11.1.6-h25",
            "PAN-OS 11.1.6-h23",
            "PAN-OS 11.1.6-h22",
            "PAN-OS 11.1.6-h21",
            "PAN-OS 11.1.6-h20",
            "PAN-OS 11.1.6-h19",
            "PAN-OS 11.1.6-h18",
            "PAN-OS 11.1.6-h17",
            "PAN-OS 11.1.6-h14",
            "PAN-OS 11.1.6-h10",
            "PAN-OS 11.1.6-h7",
            "PAN-OS 11.1.6-h6",
            "PAN-OS 11.1.6-h4",
            "PAN-OS 11.1.6-h3",
            "PAN-OS 11.1.6-h2",
            "PAN-OS 11.1.6-h1",
            "PAN-OS 11.1.6",
            "PAN-OS 11.1.5-h1",
            "PAN-OS 11.1.5",
            "PAN-OS 11.1.4-h33",
            "PAN-OS 11.1.4-h32",
            "PAN-OS 11.1.4-h27",
            "PAN-OS 11.1.4-h25",
            "PAN-OS 11.1.4-h18",
            "PAN-OS 11.1.4-h17",
            "PAN-OS 11.1.4-h15",
            "PAN-OS 11.1.4-h13",
            "PAN-OS 11.1.4-h12",
            "PAN-OS 11.1.4-h11",
            "PAN-OS 11.1.4-h10",
            "PAN-OS 11.1.4-h9",
            "PAN-OS 11.1.4-h8",
            "PAN-OS 11.1.4-h7",
            "PAN-OS 11.1.4-h6",
            "PAN-OS 11.1.4-h5",
            "PAN-OS 11.1.4-h4",
            "PAN-OS 11.1.4-h3",
            "PAN-OS 11.1.4-h2",
            "PAN-OS 11.1.4-h1",
            "PAN-OS 11.1.4",
            "PAN-OS 11.1.3-h13",
            "PAN-OS 11.1.3-h12",
            "PAN-OS 11.1.3-h11",
            "PAN-OS 11.1.3-h10",
            "PAN-OS 11.1.3-h9",
            "PAN-OS 11.1.3-h8",
            "PAN-OS 11.1.3-h7",
            "PAN-OS 11.1.3-h6",
            "PAN-OS 11.1.3-h5",
            "PAN-OS 11.1.3-h4",
            "PAN-OS 11.1.3-h3",
            "PAN-OS 11.1.3-h2",
            "PAN-OS 11.1.3-h1",
            "PAN-OS 11.1.3",
            "PAN-OS 11.1.2-h18",
            "PAN-OS 11.1.2-h17",
            "PAN-OS 11.1.2-h16",
            "PAN-OS 11.1.2-h15",
            "PAN-OS 11.1.2-h14",
            "PAN-OS 11.1.2-h13",
            "PAN-OS 11.1.2-h12",
            "PAN-OS 11.1.2-h11",
            "PAN-OS 11.1.2-h10",
            "PAN-OS 11.1.2-h9",
            "PAN-OS 11.1.2-h8",
            "PAN-OS 11.1.2-h7",
            "PAN-OS 11.1.2-h6",
            "PAN-OS 11.1.2-h5",
            "PAN-OS 11.1.2-h4",
            "PAN-OS 11.1.2-h3",
            "PAN-OS 11.1.2-h2",
            "PAN-OS 11.1.2-h1",
            "PAN-OS 11.1.2",
            "PAN-OS 11.1.1-h2",
            "PAN-OS 11.1.1-h1",
            "PAN-OS 11.1.1",
            "PAN-OS 11.1.0-h4",
            "PAN-OS 11.1.0-h3",
            "PAN-OS 11.1.0-h2",
            "PAN-OS 11.1.0-h1",
            "PAN-OS 11.1.0",
            "PAN-OS 10.2.18-h6",
            "PAN-OS 10.2.18-h5",
            "PAN-OS 10.2.18-h1",
            "PAN-OS 10.2.18",
            "PAN-OS 10.2.17",
            "PAN-OS 10.2.16-h7",
            "PAN-OS 10.2.16-h6",
            "PAN-OS 10.2.16-h4",
            "PAN-OS 10.2.16-h1",
            "PAN-OS 10.2.16",
            "PAN-OS 10.2.15",
            "PAN-OS 10.2.14-h1",
            "PAN-OS 10.2.14",
            "PAN-OS 10.2.13-h21",
            "PAN-OS 10.2.13-h18",
            "PAN-OS 10.2.13-h16",
            "PAN-OS 10.2.13-h15",
            "PAN-OS 10.2.13-h10",
            "PAN-OS 10.2.13-h7",
            "PAN-OS 10.2.13-h5",
            "PAN-OS 10.2.13-h4",
            "PAN-OS 10.2.13-h3",
            "PAN-OS 10.2.13-h2",
            "PAN-OS 10.2.13-h1",
            "PAN-OS 10.2.13",
            "PAN-OS 10.2.12-h6",
            "PAN-OS 10.2.12-h5",
            "PAN-OS 10.2.12-h4",
            "PAN-OS 10.2.12-h3",
            "PAN-OS 10.2.12-h2",
            "PAN-OS 10.2.12-h1",
            "PAN-OS 10.2.12",
            "PAN-OS 10.2.11-h13",
            "PAN-OS 10.2.11-h12",
            "PAN-OS 10.2.11-h11",
            "PAN-OS 10.2.11-h10",
            "PAN-OS 10.2.11-h9",
            "PAN-OS 10.2.11-h8",
            "PAN-OS 10.2.11-h7",
            "PAN-OS 10.2.11-h6",
            "PAN-OS 10.2.11-h5",
            "PAN-OS 10.2.11-h4",
            "PAN-OS 10.2.11-h3",
            "PAN-OS 10.2.11-h2",
            "PAN-OS 10.2.11-h1",
            "PAN-OS 10.2.11",
            "PAN-OS 10.2.10-h36",
            "PAN-OS 10.2.10-h31",
            "PAN-OS 10.2.10-h30",
            "PAN-OS 10.2.10-h27",
            "PAN-OS 10.2.10-h26",
            "PAN-OS 10.2.10-h23",
            "PAN-OS 10.2.10-h21",
            "PAN-OS 10.2.10-h18",
            "PAN-OS 10.2.10-h17",
            "PAN-OS 10.2.10-h14",
            "PAN-OS 10.2.10-h13",
            "PAN-OS 10.2.10-h12",
            "PAN-OS 10.2.10-h11",
            "PAN-OS 10.2.10-h10",
            "PAN-OS 10.2.10-h9",
            "PAN-OS 10.2.10-h8",
            "PAN-OS 10.2.10-h7",
            "PAN-OS 10.2.10-h6",
            "PAN-OS 10.2.10-h5",
            "PAN-OS 10.2.10-h4",
            "PAN-OS 10.2.10-h3",
            "PAN-OS 10.2.10-h2",
            "PAN-OS 10.2.10-h1",
            "PAN-OS 10.2.10",
            "PAN-OS 10.2.9-h21",
            "PAN-OS 10.2.9-h20",
            "PAN-OS 10.2.9-h19",
            "PAN-OS 10.2.9-h18",
            "PAN-OS 10.2.9-h17",
            "PAN-OS 10.2.9-h16",
            "PAN-OS 10.2.9-h15",
            "PAN-OS 10.2.9-h14",
            "PAN-OS 10.2.9-h13",
            "PAN-OS 10.2.9-h12",
            "PAN-OS 10.2.9-h11",
            "PAN-OS 10.2.9-h10",
            "PAN-OS 10.2.9-h9",
            "PAN-OS 10.2.9-h8",
            "PAN-OS 10.2.9-h7",
            "PAN-OS 10.2.9-h6",
            "PAN-OS 10.2.9-h5",
            "PAN-OS 10.2.9-h4",
            "PAN-OS 10.2.9-h3",
            "PAN-OS 10.2.9-h2",
            "PAN-OS 10.2.9-h1",
            "PAN-OS 10.2.9",
            "PAN-OS 10.2.8-h21",
            "PAN-OS 10.2.8-h20",
            "PAN-OS 10.2.8-h19",
            "PAN-OS 10.2.8-h18",
            "PAN-OS 10.2.8-h17",
            "PAN-OS 10.2.8-h16",
            "PAN-OS 10.2.8-h15",
            "PAN-OS 10.2.8-h14",
            "PAN-OS 10.2.8-h13",
            "PAN-OS 10.2.8-h12",
            "PAN-OS 10.2.8-h11",
            "PAN-OS 10.2.8-h10",
            "PAN-OS 10.2.8-h9",
            "PAN-OS 10.2.8-h8",
            "PAN-OS 10.2.8-h7",
            "PAN-OS 10.2.8-h6",
            "PAN-OS 10.2.8-h5",
            "PAN-OS 10.2.8-h4",
            "PAN-OS 10.2.8-h3",
            "PAN-OS 10.2.8-h2",
            "PAN-OS 10.2.8-h1",
            "PAN-OS 10.2.8",
            "PAN-OS 10.2.7-h34",
            "PAN-OS 10.2.7-h32",
            "PAN-OS 10.2.7-h24",
            "PAN-OS 10.2.7-h23",
            "PAN-OS 10.2.7-h22",
            "PAN-OS 10.2.7-h21",
            "PAN-OS 10.2.7-h20",
            "PAN-OS 10.2.7-h19",
            "PAN-OS 10.2.7-h18",
            "PAN-OS 10.2.7-h17",
            "PAN-OS 10.2.7-h16",
            "PAN-OS 10.2.7-h15",
            "PAN-OS 10.2.7-h14",
            "PAN-OS 10.2.7-h13",
            "PAN-OS 10.2.7-h12",
            "PAN-OS 10.2.7-h11",
            "PAN-OS 10.2.7-h10",
            "PAN-OS 10.2.7-h9",
            "PAN-OS 10.2.7-h8",
            "PAN-OS 10.2.7-h7",
            "PAN-OS 10.2.7-h6",
            "PAN-OS 10.2.7-h5",
            "PAN-OS 10.2.7-h4",
            "PAN-OS 10.2.7-h3",
            "PAN-OS 10.2.7-h2",
            "PAN-OS 10.2.7-h1",
            "PAN-OS 10.2.7",
            "PAN-OS 10.2.6-h6",
            "PAN-OS 10.2.6-h5",
            "PAN-OS 10.2.6-h4",
            "PAN-OS 10.2.6-h3",
            "PAN-OS 10.2.6-h2",
            "PAN-OS 10.2.6-h1",
            "PAN-OS 10.2.6",
            "PAN-OS 10.2.5-h9",
            "PAN-OS 10.2.5-h8",
            "PAN-OS 10.2.5-h7",
            "PAN-OS 10.2.5-h6",
            "PAN-OS 10.2.5-h5",
            "PAN-OS 10.2.5-h4",
            "PAN-OS 10.2.5-h3",
            "PAN-OS 10.2.5-h2",
            "PAN-OS 10.2.5-h1",
            "PAN-OS 10.2.5",
            "PAN-OS 10.2.4-h32",
            "PAN-OS 10.2.4-h31",
            "PAN-OS 10.2.4-h30",
            "PAN-OS 10.2.4-h29",
            "PAN-OS 10.2.4-h28",
            "PAN-OS 10.2.4-h27",
            "PAN-OS 10.2.4-h26",
            "PAN-OS 10.2.4-h25",
            "PAN-OS 10.2.4-h24",
            "PAN-OS 10.2.4-h23",
            "PAN-OS 10.2.4-h22",
            "PAN-OS 10.2.4-h21",
            "PAN-OS 10.2.4-h20",
            "PAN-OS 10.2.4-h19",
            "PAN-OS 10.2.4-h18",
            "PAN-OS 10.2.4-h17",
            "PAN-OS 10.2.4-h16",
            "PAN-OS 10.2.4-h15",
            "PAN-OS 10.2.4-h14",
            "PAN-OS 10.2.4-h13",
            "PAN-OS 10.2.4-h12",
            "PAN-OS 10.2.4-h11",
            "PAN-OS 10.2.4-h10",
            "PAN-OS 10.2.4-h9",
            "PAN-OS 10.2.4-h8",
            "PAN-OS 10.2.4-h7",
            "PAN-OS 10.2.4-h6",
            "PAN-OS 10.2.4-h5",
            "PAN-OS 10.2.4-h4",
            "PAN-OS 10.2.4-h3",
            "PAN-OS 10.2.4-h2",
            "PAN-OS 10.2.4-h1",
            "PAN-OS 10.2.4",
            "PAN-OS 10.2.3-h14",
            "PAN-OS 10.2.3-h13",
            "PAN-OS 10.2.3-h12",
            "PAN-OS 10.2.3-h11",
            "PAN-OS 10.2.3-h10",
            "PAN-OS 10.2.3-h9",
            "PAN-OS 10.2.3-h8",
            "PAN-OS 10.2.3-h7",
            "PAN-OS 10.2.3-h6",
            "PAN-OS 10.2.3-h5",
            "PAN-OS 10.2.3-h4",
            "PAN-OS 10.2.3-h3",
            "PAN-OS 10.2.3-h2",
            "PAN-OS 10.2.3-h1",
            "PAN-OS 10.2.3",
            "PAN-OS 10.2.2-h6",
            "PAN-OS 10.2.2-h5",
            "PAN-OS 10.2.2-h4",
            "PAN-OS 10.2.2-h3",
            "PAN-OS 10.2.2-h2",
            "PAN-OS 10.2.2-h1",
            "PAN-OS 10.2.2",
            "PAN-OS 10.2.1-h3",
            "PAN-OS 10.2.1-h2",
            "PAN-OS 10.2.1-h1",
            "PAN-OS 10.2.1",
            "PAN-OS 10.2.0-h4",
            "PAN-OS 10.2.0-h3",
            "PAN-OS 10.2.0-h2",
            "PAN-OS 10.2.0-h1",
            "PAN-OS 10.2.0"
          ],
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "assignerShortName": "palo_alto",
        "cveId": "CVE-2026-0280",
        "datePublished": "2026-07-09T19:05:24.367Z",
        "dateReserved": "2025-11-03T20:44:39.119Z",
        "dateUpdated": "2026-07-09T19:23:56.125Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-0281 (GCVE-0-2026-0281)

    Vulnerability from cvelistv5 – Published: 2026-07-09 19:03 – Updated: 2026-07-09 19:24
    VLAI
    Title
    PAN-OS: Information Disclosure Vulnerability in Management Web Interface
    Summary
    An information disclosure vulnerability in Palo Alto Networks PAN-OS® software enables an unauthenticated attacker with network access to the management web interface to obtain web session tokens. This requires a legitimate user to first click on a malicious link provided by the attacker. The security risk posed by this issue is minimized by restricting access to the management web interface to only trusted internal IP addresses according to our recommended best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 . This issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series). Cloud NGFW and Prisma® Access are not impacted by this vulnerability.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-524 - Use of Cache Containing Sensitive Information
    Assigner
    References
    Impacted products
    Vendor Product Version
    Palo Alto Networks Cloud NGFW Unaffected: All (custom)
    Create a notification for this product.
    Palo Alto Networks PAN-OS Affected: 12.1.0 , < 12.1.8 (custom)
    Affected: 11.2.0 , < 11.2.13 (custom)
    Affected: 11.1.0 , < 11.1.16 (custom)
    Affected: 10.2.0 , < 10.2.18-h8 (custom)
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.7:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.15:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.14:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.17:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.15:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.14:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Palo Alto Networks Prisma Access Unaffected: All (custom)
    Create a notification for this product.
    Date Public
    2026-07-08 16:00
    Credits
    our internal security research teams
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-0281",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-09T19:24:10.424243Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-09T19:24:18.136Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Cloud NGFW",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "All",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.7:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.15:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.14:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.17:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.15:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.14:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "PAN-OS",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "12.1.8",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "12.1.8",
                  "status": "affected",
                  "version": "12.1.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "11.2.13",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "11.2.13",
                  "status": "affected",
                  "version": "11.2.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "11.1.16",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "11.1.16",
                  "status": "affected",
                  "version": "11.1.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "10.2.18-h8",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.16-h9",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.13-h23",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.10-h39",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.7-h36",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "10.2.18-h8",
                  "status": "affected",
                  "version": "10.2.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Prisma Access",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "All",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "configurations": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "No special configuration is required to be affected by this issue."
                }
              ],
              "value": "No special configuration is required to be affected by this issue."
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "12.1.8",
                      "versionStartIncluding": "12.1.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.13",
                      "versionStartIncluding": "11.2.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.16",
                      "versionStartIncluding": "11.1.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionStartIncluding": "10.2.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "our internal security research teams"
            }
          ],
          "datePublic": "2026-07-08T16:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An information disclosure vulnerability in Palo Alto Networks PAN-OS\u00ae software enables an unauthenticated attacker with network access to the management web interface to obtain web session tokens. This requires a legitimate user to first click on a malicious link provided by the attacker.\u003cbr\u003e\u003cbr\u003eThe security risk posed by this issue is minimized by restricting access to the management web interface to only trusted internal IP addresses according to our recommended \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431\"\u003ebest practice deployment guidelines\u003c/a\u003e.\u003cbr\u003e\u003cbr\u003eThis issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series).\u003cbr\u003e\u003cbr\u003eCloud NGFW and Prisma\u00ae Access are not impacted by this vulnerability."
                }
              ],
              "value": "An information disclosure vulnerability in Palo Alto Networks PAN-OS\u00ae software enables an unauthenticated attacker with network access to the management web interface to obtain web session tokens. This requires a legitimate user to first click on a malicious link provided by the attacker.\n\nThe security risk posed by this issue is minimized by restricting access to the management web interface to only trusted internal IP addresses according to our recommended  best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 .\n\nThis issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series).\n\nCloud NGFW and Prisma\u00ae Access are not impacted by this vulnerability."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
                }
              ],
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-141",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-141 Cache Poisoning"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NO",
                "Recovery": "AUTOMATIC",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "NETWORK",
                "baseScore": 2.1,
                "baseSeverity": "LOW",
                "exploitMaturity": "UNREPORTED",
                "privilegesRequired": "NONE",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "ACTIVE",
                "valueDensity": "DIFFUSE",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/AU:N/R:A/V:D/RE:M/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "MODERATE"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "The risk is highest when you allow access to the management interface from external IP addresses on the internet."
                }
              ]
            },
            {
              "cvssV4_0": {
                "Automatable": "NO",
                "Recovery": "AUTOMATIC",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "LOCAL",
                "baseScore": 1.7,
                "baseSeverity": "LOW",
                "exploitMaturity": "UNREPORTED",
                "privilegesRequired": "NONE",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "ACTIVE",
                "valueDensity": "DIFFUSE",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/AU:N/R:A/V:D/RE:M/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "MODERATE"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "You can reduce the risk of exploitation by restricting access to a jump box that is the only system allowed to access the management interface."
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-524",
                  "description": "CWE-524 Use of Cache Containing Sensitive Information",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-09T19:03:44.381Z",
            "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
            "shortName": "palo_alto"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://security.paloaltonetworks.com/CVE-2026-0281"
            }
          ],
          "solutions": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003ctable\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eVersion\u003c/th\u003e\u003cth\u003eMinor Version Range\u003c/th\u003e\u003cth\u003eSuggested Solution\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003eCloud NGFW\u003c/td\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 12.1\u003c/td\u003e\u003ctd\u003e12.1.2 through 12.1.7-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 12.1.8 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 11.2\u003c/td\u003e\u003ctd\u003e11.2.0 through 11.2.12\u003c/td\u003e\u003ctd\u003eUpgrade to 11.2.13 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 11.1\u003c/td\u003e\u003ctd\u003e11.1.0 through 11.1.15-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.16 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 10.2\u003c/td\u003e\u003ctd\u003e10.2.0 through 10.2*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.16, 11.2.13, 12.1.8 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eAll older\u003cbr\u003eunsupported\u003cbr\u003ePAN-OS versions\u003c/td\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003eUpgrade to a supported fixed version.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePrisma Access\u003c/td\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e"
                }
              ],
              "value": "VersionMinor Version RangeSuggested SolutionCloud NGFW\nNo action needed.PAN-OS 12.112.1.2 through 12.1.7-h*Upgrade to 12.1.8 or later.PAN-OS 11.211.2.0 through 11.2.12Upgrade to 11.2.13 or later.PAN-OS 11.111.1.0 through 11.1.15-h*Upgrade to 11.1.16 or later.PAN-OS 10.210.2.0 through 10.2*Upgrade to 11.1.16, 11.2.13, 12.1.8 or later.All older\nunsupported\nPAN-OS versions\nUpgrade to a supported fixed version.Prisma Access\nNo action needed."
            }
          ],
          "source": {
            "discovery": "INTERNAL"
          },
          "timeline": [
            {
              "lang": "en",
              "time": "2026-07-08T16:00:00.000Z",
              "value": "Initial publication."
            }
          ],
          "title": "PAN-OS: Information Disclosure Vulnerability in Management Web Interface",
          "workarounds": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "The vast majority of firewalls already follow Palo Alto Networks\u0027 and industry best practices. However, if you have not already, we strongly recommend that you secure access to your management interface according to our \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431\"\u003ebest practice deployment guidelines\u003c/a\u003e. Specifically, you should restrict management interface access to only trusted internal IP addresses.\u003cbr\u003e\u003cbr\u003eReview information about how to secure management access to your Palo Alto Networks firewalls:\u003cul\u003e\u003cli\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431\"\u003ePalo Alto Networks LIVEcommunity article\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices\"\u003ePalo Alto Networks official and detailed technical documentation\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e"
                }
              ],
              "value": "The vast majority of firewalls already follow Palo Alto Networks\u0027 and industry best practices. However, if you have not already, we strongly recommend that you secure access to your management interface according to our best practice deployment guidelines (https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431). Specifically, you should restrict management interface access to only trusted internal IP addresses.\n\nReview information about how to secure management access to your Palo Alto Networks firewalls:\n * Palo Alto Networks LIVEcommunity article (https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431)\n * Palo Alto Networks official and detailed technical documentation (https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices)"
            }
          ],
          "x_affectedList": [
            "PAN-OS 12.1.7",
            "PAN-OS 12.1.6",
            "PAN-OS 12.1.5",
            "PAN-OS 12.1.4-h6",
            "PAN-OS 12.1.4-h5",
            "PAN-OS 12.1.4-h3",
            "PAN-OS 12.1.4-h2",
            "PAN-OS 12.1.4",
            "PAN-OS 12.1.3-h3",
            "PAN-OS 12.1.3-h1",
            "PAN-OS 12.1.3",
            "PAN-OS 12.1.2",
            "PAN-OS 11.2.12",
            "PAN-OS 11.2.11",
            "PAN-OS 11.2.10-h8",
            "PAN-OS 11.2.10-h7",
            "PAN-OS 11.2.10-h6",
            "PAN-OS 11.2.10-h5",
            "PAN-OS 11.2.10-h4",
            "PAN-OS 11.2.10-h3",
            "PAN-OS 11.2.10-h2",
            "PAN-OS 11.2.10-h1",
            "PAN-OS 11.2.10",
            "PAN-OS 11.2.9",
            "PAN-OS 11.2.8",
            "PAN-OS 11.2.7-h15",
            "PAN-OS 11.2.7-h14",
            "PAN-OS 11.2.7-h13",
            "PAN-OS 11.2.7-h12",
            "PAN-OS 11.2.7-h11",
            "PAN-OS 11.2.7-h10",
            "PAN-OS 11.2.7-h8",
            "PAN-OS 11.2.7-h7",
            "PAN-OS 11.2.7-h4",
            "PAN-OS 11.2.7-h3",
            "PAN-OS 11.2.7-h2",
            "PAN-OS 11.2.7-h1",
            "PAN-OS 11.2.7",
            "PAN-OS 11.2.6",
            "PAN-OS 11.2.5",
            "PAN-OS 11.2.4-h17",
            "PAN-OS 11.2.4-h15",
            "PAN-OS 11.2.4-h14",
            "PAN-OS 11.2.4-h12",
            "PAN-OS 11.2.4-h11",
            "PAN-OS 11.2.4-h10",
            "PAN-OS 11.2.4-h9",
            "PAN-OS 11.2.4-h8",
            "PAN-OS 11.2.4-h7",
            "PAN-OS 11.2.4-h6",
            "PAN-OS 11.2.4-h5",
            "PAN-OS 11.2.4-h4",
            "PAN-OS 11.2.4-h3",
            "PAN-OS 11.2.4-h2",
            "PAN-OS 11.2.4-h1",
            "PAN-OS 11.2.4",
            "PAN-OS 11.2.3-h5",
            "PAN-OS 11.2.3-h4",
            "PAN-OS 11.2.3-h3",
            "PAN-OS 11.2.3-h2",
            "PAN-OS 11.2.3-h1",
            "PAN-OS 11.2.3",
            "PAN-OS 11.2.2-h2",
            "PAN-OS 11.2.2-h1",
            "PAN-OS 11.2.1-h1",
            "PAN-OS 11.2.1",
            "PAN-OS 11.2.0-h1",
            "PAN-OS 11.2.0",
            "PAN-OS 11.1.15",
            "PAN-OS 11.1.14",
            "PAN-OS 11.1.13-h6",
            "PAN-OS 11.1.13-h5",
            "PAN-OS 11.1.13-h3",
            "PAN-OS 11.1.13-h2",
            "PAN-OS 11.1.13-h1",
            "PAN-OS 11.1.13",
            "PAN-OS 11.1.12",
            "PAN-OS 11.1.11",
            "PAN-OS 11.1.10-h26",
            "PAN-OS 11.1.10-h25",
            "PAN-OS 11.1.10-h21",
            "PAN-OS 11.1.10-h12",
            "PAN-OS 11.1.10-h10",
            "PAN-OS 11.1.10-h9",
            "PAN-OS 11.1.10-h7",
            "PAN-OS 11.1.10-h5",
            "PAN-OS 11.1.10-h4",
            "PAN-OS 11.1.10-h1",
            "PAN-OS 11.1.10",
            "PAN-OS 11.1.9",
            "PAN-OS 11.1.8",
            "PAN-OS 11.1.6-h32",
            "PAN-OS 11.1.6-h29",
            "PAN-OS 11.1.6-h25",
            "PAN-OS 11.1.6-h23",
            "PAN-OS 11.1.6-h22",
            "PAN-OS 11.1.6-h21",
            "PAN-OS 11.1.6-h20",
            "PAN-OS 11.1.6-h19",
            "PAN-OS 11.1.6-h18",
            "PAN-OS 11.1.6-h17",
            "PAN-OS 11.1.6-h14",
            "PAN-OS 11.1.6-h10",
            "PAN-OS 11.1.6-h7",
            "PAN-OS 11.1.6-h6",
            "PAN-OS 11.1.6-h4",
            "PAN-OS 11.1.6-h3",
            "PAN-OS 11.1.6-h2",
            "PAN-OS 11.1.6-h1",
            "PAN-OS 11.1.6",
            "PAN-OS 11.1.5-h1",
            "PAN-OS 11.1.5",
            "PAN-OS 11.1.4-h33",
            "PAN-OS 11.1.4-h32",
            "PAN-OS 11.1.4-h27",
            "PAN-OS 11.1.4-h25",
            "PAN-OS 11.1.4-h18",
            "PAN-OS 11.1.4-h17",
            "PAN-OS 11.1.4-h15",
            "PAN-OS 11.1.4-h13",
            "PAN-OS 11.1.4-h12",
            "PAN-OS 11.1.4-h11",
            "PAN-OS 11.1.4-h10",
            "PAN-OS 11.1.4-h9",
            "PAN-OS 11.1.4-h8",
            "PAN-OS 11.1.4-h7",
            "PAN-OS 11.1.4-h6",
            "PAN-OS 11.1.4-h5",
            "PAN-OS 11.1.4-h4",
            "PAN-OS 11.1.4-h3",
            "PAN-OS 11.1.4-h2",
            "PAN-OS 11.1.4-h1",
            "PAN-OS 11.1.4",
            "PAN-OS 11.1.3-h13",
            "PAN-OS 11.1.3-h12",
            "PAN-OS 11.1.3-h11",
            "PAN-OS 11.1.3-h10",
            "PAN-OS 11.1.3-h9",
            "PAN-OS 11.1.3-h8",
            "PAN-OS 11.1.3-h7",
            "PAN-OS 11.1.3-h6",
            "PAN-OS 11.1.3-h5",
            "PAN-OS 11.1.3-h4",
            "PAN-OS 11.1.3-h3",
            "PAN-OS 11.1.3-h2",
            "PAN-OS 11.1.3-h1",
            "PAN-OS 11.1.3",
            "PAN-OS 11.1.2-h18",
            "PAN-OS 11.1.2-h17",
            "PAN-OS 11.1.2-h16",
            "PAN-OS 11.1.2-h15",
            "PAN-OS 11.1.2-h14",
            "PAN-OS 11.1.2-h13",
            "PAN-OS 11.1.2-h12",
            "PAN-OS 11.1.2-h11",
            "PAN-OS 11.1.2-h10",
            "PAN-OS 11.1.2-h9",
            "PAN-OS 11.1.2-h8",
            "PAN-OS 11.1.2-h7",
            "PAN-OS 11.1.2-h6",
            "PAN-OS 11.1.2-h5",
            "PAN-OS 11.1.2-h4",
            "PAN-OS 11.1.2-h3",
            "PAN-OS 11.1.2-h2",
            "PAN-OS 11.1.2-h1",
            "PAN-OS 11.1.2",
            "PAN-OS 11.1.1-h2",
            "PAN-OS 11.1.1-h1",
            "PAN-OS 11.1.1",
            "PAN-OS 11.1.0-h4",
            "PAN-OS 11.1.0-h3",
            "PAN-OS 11.1.0-h2",
            "PAN-OS 11.1.0-h1",
            "PAN-OS 11.1.0",
            "PAN-OS 10.2.18-h6",
            "PAN-OS 10.2.18-h5",
            "PAN-OS 10.2.18-h1",
            "PAN-OS 10.2.18",
            "PAN-OS 10.2.17",
            "PAN-OS 10.2.16-h7",
            "PAN-OS 10.2.16-h6",
            "PAN-OS 10.2.16-h4",
            "PAN-OS 10.2.16-h1",
            "PAN-OS 10.2.16",
            "PAN-OS 10.2.15",
            "PAN-OS 10.2.14-h1",
            "PAN-OS 10.2.14",
            "PAN-OS 10.2.13-h21",
            "PAN-OS 10.2.13-h18",
            "PAN-OS 10.2.13-h16",
            "PAN-OS 10.2.13-h15",
            "PAN-OS 10.2.13-h10",
            "PAN-OS 10.2.13-h7",
            "PAN-OS 10.2.13-h5",
            "PAN-OS 10.2.13-h4",
            "PAN-OS 10.2.13-h3",
            "PAN-OS 10.2.13-h2",
            "PAN-OS 10.2.13-h1",
            "PAN-OS 10.2.13",
            "PAN-OS 10.2.12-h6",
            "PAN-OS 10.2.12-h5",
            "PAN-OS 10.2.12-h4",
            "PAN-OS 10.2.12-h3",
            "PAN-OS 10.2.12-h2",
            "PAN-OS 10.2.12-h1",
            "PAN-OS 10.2.12",
            "PAN-OS 10.2.11-h13",
            "PAN-OS 10.2.11-h12",
            "PAN-OS 10.2.11-h11",
            "PAN-OS 10.2.11-h10",
            "PAN-OS 10.2.11-h9",
            "PAN-OS 10.2.11-h8",
            "PAN-OS 10.2.11-h7",
            "PAN-OS 10.2.11-h6",
            "PAN-OS 10.2.11-h5",
            "PAN-OS 10.2.11-h4",
            "PAN-OS 10.2.11-h3",
            "PAN-OS 10.2.11-h2",
            "PAN-OS 10.2.11-h1",
            "PAN-OS 10.2.11",
            "PAN-OS 10.2.10-h36",
            "PAN-OS 10.2.10-h31",
            "PAN-OS 10.2.10-h30",
            "PAN-OS 10.2.10-h27",
            "PAN-OS 10.2.10-h26",
            "PAN-OS 10.2.10-h23",
            "PAN-OS 10.2.10-h21",
            "PAN-OS 10.2.10-h18",
            "PAN-OS 10.2.10-h17",
            "PAN-OS 10.2.10-h14",
            "PAN-OS 10.2.10-h13",
            "PAN-OS 10.2.10-h12",
            "PAN-OS 10.2.10-h11",
            "PAN-OS 10.2.10-h10",
            "PAN-OS 10.2.10-h9",
            "PAN-OS 10.2.10-h8",
            "PAN-OS 10.2.10-h7",
            "PAN-OS 10.2.10-h6",
            "PAN-OS 10.2.10-h5",
            "PAN-OS 10.2.10-h4",
            "PAN-OS 10.2.10-h3",
            "PAN-OS 10.2.10-h2",
            "PAN-OS 10.2.10-h1",
            "PAN-OS 10.2.10",
            "PAN-OS 10.2.9-h21",
            "PAN-OS 10.2.9-h20",
            "PAN-OS 10.2.9-h19",
            "PAN-OS 10.2.9-h18",
            "PAN-OS 10.2.9-h17",
            "PAN-OS 10.2.9-h16",
            "PAN-OS 10.2.9-h15",
            "PAN-OS 10.2.9-h14",
            "PAN-OS 10.2.9-h13",
            "PAN-OS 10.2.9-h12",
            "PAN-OS 10.2.9-h11",
            "PAN-OS 10.2.9-h10",
            "PAN-OS 10.2.9-h9",
            "PAN-OS 10.2.9-h8",
            "PAN-OS 10.2.9-h7",
            "PAN-OS 10.2.9-h6",
            "PAN-OS 10.2.9-h5",
            "PAN-OS 10.2.9-h4",
            "PAN-OS 10.2.9-h3",
            "PAN-OS 10.2.9-h2",
            "PAN-OS 10.2.9-h1",
            "PAN-OS 10.2.9",
            "PAN-OS 10.2.8-h21",
            "PAN-OS 10.2.8-h20",
            "PAN-OS 10.2.8-h19",
            "PAN-OS 10.2.8-h18",
            "PAN-OS 10.2.8-h17",
            "PAN-OS 10.2.8-h16",
            "PAN-OS 10.2.8-h15",
            "PAN-OS 10.2.8-h14",
            "PAN-OS 10.2.8-h13",
            "PAN-OS 10.2.8-h12",
            "PAN-OS 10.2.8-h11",
            "PAN-OS 10.2.8-h10",
            "PAN-OS 10.2.8-h9",
            "PAN-OS 10.2.8-h8",
            "PAN-OS 10.2.8-h7",
            "PAN-OS 10.2.8-h6",
            "PAN-OS 10.2.8-h5",
            "PAN-OS 10.2.8-h4",
            "PAN-OS 10.2.8-h3",
            "PAN-OS 10.2.8-h2",
            "PAN-OS 10.2.8-h1",
            "PAN-OS 10.2.8",
            "PAN-OS 10.2.7-h34",
            "PAN-OS 10.2.7-h32",
            "PAN-OS 10.2.7-h24",
            "PAN-OS 10.2.7-h23",
            "PAN-OS 10.2.7-h22",
            "PAN-OS 10.2.7-h21",
            "PAN-OS 10.2.7-h20",
            "PAN-OS 10.2.7-h19",
            "PAN-OS 10.2.7-h18",
            "PAN-OS 10.2.7-h17",
            "PAN-OS 10.2.7-h16",
            "PAN-OS 10.2.7-h15",
            "PAN-OS 10.2.7-h14",
            "PAN-OS 10.2.7-h13",
            "PAN-OS 10.2.7-h12",
            "PAN-OS 10.2.7-h11",
            "PAN-OS 10.2.7-h10",
            "PAN-OS 10.2.7-h9",
            "PAN-OS 10.2.7-h8",
            "PAN-OS 10.2.7-h7",
            "PAN-OS 10.2.7-h6",
            "PAN-OS 10.2.7-h5",
            "PAN-OS 10.2.7-h4",
            "PAN-OS 10.2.7-h3",
            "PAN-OS 10.2.7-h2",
            "PAN-OS 10.2.7-h1",
            "PAN-OS 10.2.7",
            "PAN-OS 10.2.6-h6",
            "PAN-OS 10.2.6-h5",
            "PAN-OS 10.2.6-h4",
            "PAN-OS 10.2.6-h3",
            "PAN-OS 10.2.6-h2",
            "PAN-OS 10.2.6-h1",
            "PAN-OS 10.2.6",
            "PAN-OS 10.2.5-h9",
            "PAN-OS 10.2.5-h8",
            "PAN-OS 10.2.5-h7",
            "PAN-OS 10.2.5-h6",
            "PAN-OS 10.2.5-h5",
            "PAN-OS 10.2.5-h4",
            "PAN-OS 10.2.5-h3",
            "PAN-OS 10.2.5-h2",
            "PAN-OS 10.2.5-h1",
            "PAN-OS 10.2.5",
            "PAN-OS 10.2.4-h32",
            "PAN-OS 10.2.4-h31",
            "PAN-OS 10.2.4-h30",
            "PAN-OS 10.2.4-h29",
            "PAN-OS 10.2.4-h28",
            "PAN-OS 10.2.4-h27",
            "PAN-OS 10.2.4-h26",
            "PAN-OS 10.2.4-h25",
            "PAN-OS 10.2.4-h24",
            "PAN-OS 10.2.4-h23",
            "PAN-OS 10.2.4-h22",
            "PAN-OS 10.2.4-h21",
            "PAN-OS 10.2.4-h20",
            "PAN-OS 10.2.4-h19",
            "PAN-OS 10.2.4-h18",
            "PAN-OS 10.2.4-h17",
            "PAN-OS 10.2.4-h16",
            "PAN-OS 10.2.4-h15",
            "PAN-OS 10.2.4-h14",
            "PAN-OS 10.2.4-h13",
            "PAN-OS 10.2.4-h12",
            "PAN-OS 10.2.4-h11",
            "PAN-OS 10.2.4-h10",
            "PAN-OS 10.2.4-h9",
            "PAN-OS 10.2.4-h8",
            "PAN-OS 10.2.4-h7",
            "PAN-OS 10.2.4-h6",
            "PAN-OS 10.2.4-h5",
            "PAN-OS 10.2.4-h4",
            "PAN-OS 10.2.4-h3",
            "PAN-OS 10.2.4-h2",
            "PAN-OS 10.2.4-h1",
            "PAN-OS 10.2.4",
            "PAN-OS 10.2.3-h14",
            "PAN-OS 10.2.3-h13",
            "PAN-OS 10.2.3-h12",
            "PAN-OS 10.2.3-h11",
            "PAN-OS 10.2.3-h10",
            "PAN-OS 10.2.3-h9",
            "PAN-OS 10.2.3-h8",
            "PAN-OS 10.2.3-h7",
            "PAN-OS 10.2.3-h6",
            "PAN-OS 10.2.3-h5",
            "PAN-OS 10.2.3-h4",
            "PAN-OS 10.2.3-h3",
            "PAN-OS 10.2.3-h2",
            "PAN-OS 10.2.3-h1",
            "PAN-OS 10.2.3",
            "PAN-OS 10.2.2-h6",
            "PAN-OS 10.2.2-h5",
            "PAN-OS 10.2.2-h4",
            "PAN-OS 10.2.2-h3",
            "PAN-OS 10.2.2-h2",
            "PAN-OS 10.2.2-h1",
            "PAN-OS 10.2.2",
            "PAN-OS 10.2.1-h3",
            "PAN-OS 10.2.1-h2",
            "PAN-OS 10.2.1-h1",
            "PAN-OS 10.2.1",
            "PAN-OS 10.2.0-h4",
            "PAN-OS 10.2.0-h3",
            "PAN-OS 10.2.0-h2",
            "PAN-OS 10.2.0-h1",
            "PAN-OS 10.2.0"
          ],
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "assignerShortName": "palo_alto",
        "cveId": "CVE-2026-0281",
        "datePublished": "2026-07-09T19:03:44.381Z",
        "dateReserved": "2025-11-03T20:44:40.071Z",
        "dateUpdated": "2026-07-09T19:24:18.136Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-0282 (GCVE-0-2026-0282)

    Vulnerability from cvelistv5 – Published: 2026-07-09 19:02 – Updated: 2026-07-09 19:24
    VLAI
    Title
    PAN-OS: File Deletion Vulnerability in Management Web Interface
    Summary
    A file deletion vulnerability in Palo Alto Networks PAN-OS® software enables an unauthenticated attacker with network access to the management web interface to delete files from a temporary directory. The security risk posed by this issue is minimized by restricting access to the management web interface to only trusted internal IP addresses according to our recommended best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 . This issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series). Cloud NGFW and Prisma® Access are not impacted by this vulnerability.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    References
    Impacted products
    Vendor Product Version
    Palo Alto Networks Cloud NGFW Unaffected: All (custom)
    Create a notification for this product.
    Palo Alto Networks PAN-OS Affected: 12.1.0 , < 12.1.8 (custom)
    Affected: 11.2.0 , < 11.2.13 (custom)
    Affected: 11.1.0 , < 11.1.16 (custom)
    Affected: 10.2.0 , < 10.2.18-h8 (custom)
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.7:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.15:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.14:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.17:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.15:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.14:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Palo Alto Networks Prisma Access Unaffected: All (custom)
    Create a notification for this product.
    Date Public
    2026-07-08 16:00
    Credits
    our internal security research teams
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-0282",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-09T19:24:34.179840Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-09T19:24:40.688Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Cloud NGFW",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "All",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.7:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.15:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.14:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.17:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.15:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.14:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "PAN-OS",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "12.1.8",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "12.1.8",
                  "status": "affected",
                  "version": "12.1.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "11.2.13",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "11.2.13",
                  "status": "affected",
                  "version": "11.2.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "11.1.16",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "11.1.16",
                  "status": "affected",
                  "version": "11.1.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "10.2.18-h8",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.16-h9",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.13-h23",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.10-h39",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.7-h36",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "10.2.18-h8",
                  "status": "affected",
                  "version": "10.2.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Prisma Access",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "All",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "configurations": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "No special configuration is required to be affected by this issue."
                }
              ],
              "value": "No special configuration is required to be affected by this issue."
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "12.1.8",
                      "versionStartIncluding": "12.1.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.13",
                      "versionStartIncluding": "11.2.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.16",
                      "versionStartIncluding": "11.1.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionStartIncluding": "10.2.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "our internal security research teams"
            }
          ],
          "datePublic": "2026-07-08T16:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A file deletion vulnerability in Palo Alto Networks PAN-OS\u00ae software enables an unauthenticated attacker with network access to the management web interface to delete files from a temporary directory.\u003cbr\u003e\u003cbr\u003eThe security risk posed by this issue is minimized by restricting access to the management web interface to only trusted internal IP addresses according to our recommended \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431\"\u003ebest practice deployment guidelines\u003c/a\u003e.\u003cbr\u003e\u003cbr\u003eThis issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series).\u003cbr\u003e\u003cbr\u003eCloud NGFW and Prisma\u00ae Access are not impacted by this vulnerability."
                }
              ],
              "value": "A file deletion vulnerability in Palo Alto Networks PAN-OS\u00ae software enables an unauthenticated attacker with network access to the management web interface to delete files from a temporary directory.\n\nThe security risk posed by this issue is minimized by restricting access to the management web interface to only trusted internal IP addresses according to our recommended  best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 .\n\nThis issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series).\n\nCloud NGFW and Prisma\u00ae Access are not impacted by this vulnerability."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
                }
              ],
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-165",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-165 File Manipulation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NO",
                "Recovery": "USER",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 2.7,
                "baseSeverity": "LOW",
                "exploitMaturity": "UNREPORTED",
                "privilegesRequired": "NONE",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "DIFFUSE",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "LOW",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "MODERATE"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "The risk is highest when you allow access to the management interface from external IP addresses on the internet."
                }
              ]
            },
            {
              "cvssV4_0": {
                "Automatable": "NO",
                "Recovery": "USER",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 1.2,
                "baseSeverity": "LOW",
                "exploitMaturity": "UNREPORTED",
                "privilegesRequired": "NONE",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "DIFFUSE",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "LOW",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "MODERATE"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "You can reduce the risk of exploitation by restricting management access to a jump box that is the only system allowed to access the management interface."
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-09T19:02:26.722Z",
            "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
            "shortName": "palo_alto"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://security.paloaltonetworks.com/CVE-2026-0282"
            }
          ],
          "solutions": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003ctable\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eVersion\u003cbr\u003e\u003c/th\u003e\u003cth\u003eMinor Version Range\u003cbr\u003e\u003c/th\u003e\u003cth\u003eSuggested Solution\u003cbr\u003e\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003eCloud NGFW All\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePAN-OS 12.1\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e12.1.0 through 12.1.7-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 12.1.8 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePAN-OS 11.2\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.2.0 through 11.2.12\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.2.13 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePAN-OS 11.1\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.0 through 11.1.15-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.16 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 10.2\u003c/td\u003e\u003ctd\u003e10.2.0 through 10.2*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.16 or 11.2.13 or 12.1.8 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eAll older\u003cbr\u003eunsupported\u003cbr\u003ePAN-OS versions\u003c/td\u003e\u003ctd\u003e\u0026nbsp;\u003c/td\u003e\u003ctd\u003eUpgrade to a supported fixed version.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePrisma Access All\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e"
                }
              ],
              "value": "Version\nMinor Version Range\nSuggested Solution\nCloud NGFW All\nNo action needed.\n                                PAN-OS 12.1\n\n                                12.1.0 through 12.1.7-h*\n                                Upgrade to 12.1.8 or later.\n                            \n                                PAN-OS 11.2\n\n                                11.2.0 through 11.2.12\n                                Upgrade to 11.2.13 or later.\n                            \n                                PAN-OS 11.1\n\n                                11.1.0 through 11.1.15-h*\n                                Upgrade to 11.1.16 or later.\n                            PAN-OS 10.210.2.0 through 10.2*Upgrade to 11.1.16 or 11.2.13 or 12.1.8 or later.All older\nunsupported\nPAN-OS versions\u00a0Upgrade to a supported fixed version.Prisma Access All\nNo action needed."
            }
          ],
          "source": {
            "discovery": "INTERNAL"
          },
          "timeline": [
            {
              "lang": "en",
              "time": "2026-07-08T16:00:00.000Z",
              "value": "Initial publication"
            }
          ],
          "title": "PAN-OS: File Deletion Vulnerability in Management Web Interface",
          "workarounds": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "The vast majority of firewalls already follow Palo Alto Networks\u0027 and industry best practices. However, if you have not already, we strongly recommend that you secure access to your management interface according to our \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431\"\u003ebest practice deployment guidelines\u003c/a\u003e. Specifically, you should restrict management interface access to only trusted internal IP addresses.\u003cbr\u003e\u003cbr\u003eReview information about how to secure management access to your Palo Alto Networks firewalls:\u003cul\u003e\u003cli\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431\"\u003ePalo Alto Networks LIVEcommunity article\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices\"\u003ePalo Alto Networks official and detailed technical documentation\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e"
                }
              ],
              "value": "The vast majority of firewalls already follow Palo Alto Networks\u0027 and industry best practices. However, if you have not already, we strongly recommend that you secure access to your management interface according to our  best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 . Specifically, you should restrict management interface access to only trusted internal IP addresses.\n\nReview information about how to secure management access to your Palo Alto Networks firewalls:  *   Palo Alto Networks LIVEcommunity article https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 \n  *   Palo Alto Networks official and detailed technical documentation https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices"
            }
          ],
          "x_affectedList": [
            "PAN-OS 12.1.7",
            "PAN-OS 12.1.6",
            "PAN-OS 12.1.5",
            "PAN-OS 12.1.4-h6",
            "PAN-OS 12.1.4-h5",
            "PAN-OS 12.1.4-h3",
            "PAN-OS 12.1.4-h2",
            "PAN-OS 12.1.4",
            "PAN-OS 12.1.3-h3",
            "PAN-OS 12.1.3-h1",
            "PAN-OS 12.1.3",
            "PAN-OS 12.1.2",
            "PAN-OS 11.2.12",
            "PAN-OS 11.2.11",
            "PAN-OS 11.2.10-h8",
            "PAN-OS 11.2.10-h7",
            "PAN-OS 11.2.10-h6",
            "PAN-OS 11.2.10-h5",
            "PAN-OS 11.2.10-h4",
            "PAN-OS 11.2.10-h3",
            "PAN-OS 11.2.10-h2",
            "PAN-OS 11.2.10-h1",
            "PAN-OS 11.2.10",
            "PAN-OS 11.2.9",
            "PAN-OS 11.2.8",
            "PAN-OS 11.2.7-h15",
            "PAN-OS 11.2.7-h14",
            "PAN-OS 11.2.7-h13",
            "PAN-OS 11.2.7-h12",
            "PAN-OS 11.2.7-h11",
            "PAN-OS 11.2.7-h10",
            "PAN-OS 11.2.7-h8",
            "PAN-OS 11.2.7-h7",
            "PAN-OS 11.2.7-h4",
            "PAN-OS 11.2.7-h3",
            "PAN-OS 11.2.7-h2",
            "PAN-OS 11.2.7-h1",
            "PAN-OS 11.2.7",
            "PAN-OS 11.2.6",
            "PAN-OS 11.2.5",
            "PAN-OS 11.2.4-h17",
            "PAN-OS 11.2.4-h15",
            "PAN-OS 11.2.4-h14",
            "PAN-OS 11.2.4-h12",
            "PAN-OS 11.2.4-h11",
            "PAN-OS 11.2.4-h10",
            "PAN-OS 11.2.4-h9",
            "PAN-OS 11.2.4-h8",
            "PAN-OS 11.2.4-h7",
            "PAN-OS 11.2.4-h6",
            "PAN-OS 11.2.4-h5",
            "PAN-OS 11.2.4-h4",
            "PAN-OS 11.2.4-h3",
            "PAN-OS 11.2.4-h2",
            "PAN-OS 11.2.4-h1",
            "PAN-OS 11.2.4",
            "PAN-OS 11.2.3-h5",
            "PAN-OS 11.2.3-h4",
            "PAN-OS 11.2.3-h3",
            "PAN-OS 11.2.3-h2",
            "PAN-OS 11.2.3-h1",
            "PAN-OS 11.2.3",
            "PAN-OS 11.2.2-h2",
            "PAN-OS 11.2.2-h1",
            "PAN-OS 11.2.1-h1",
            "PAN-OS 11.2.1",
            "PAN-OS 11.2.0-h1",
            "PAN-OS 11.2.0",
            "PAN-OS 11.1.15",
            "PAN-OS 11.1.14",
            "PAN-OS 11.1.13-h6",
            "PAN-OS 11.1.13-h5",
            "PAN-OS 11.1.13-h3",
            "PAN-OS 11.1.13-h2",
            "PAN-OS 11.1.13-h1",
            "PAN-OS 11.1.13",
            "PAN-OS 11.1.12",
            "PAN-OS 11.1.11",
            "PAN-OS 11.1.10-h26",
            "PAN-OS 11.1.10-h25",
            "PAN-OS 11.1.10-h21",
            "PAN-OS 11.1.10-h12",
            "PAN-OS 11.1.10-h10",
            "PAN-OS 11.1.10-h9",
            "PAN-OS 11.1.10-h7",
            "PAN-OS 11.1.10-h5",
            "PAN-OS 11.1.10-h4",
            "PAN-OS 11.1.10-h1",
            "PAN-OS 11.1.10",
            "PAN-OS 11.1.9",
            "PAN-OS 11.1.8",
            "PAN-OS 11.1.6-h32",
            "PAN-OS 11.1.6-h29",
            "PAN-OS 11.1.6-h25",
            "PAN-OS 11.1.6-h23",
            "PAN-OS 11.1.6-h22",
            "PAN-OS 11.1.6-h21",
            "PAN-OS 11.1.6-h20",
            "PAN-OS 11.1.6-h19",
            "PAN-OS 11.1.6-h18",
            "PAN-OS 11.1.6-h17",
            "PAN-OS 11.1.6-h14",
            "PAN-OS 11.1.6-h10",
            "PAN-OS 11.1.6-h7",
            "PAN-OS 11.1.6-h6",
            "PAN-OS 11.1.6-h4",
            "PAN-OS 11.1.6-h3",
            "PAN-OS 11.1.6-h2",
            "PAN-OS 11.1.6-h1",
            "PAN-OS 11.1.6",
            "PAN-OS 11.1.5-h1",
            "PAN-OS 11.1.5",
            "PAN-OS 11.1.4-h33",
            "PAN-OS 11.1.4-h32",
            "PAN-OS 11.1.4-h27",
            "PAN-OS 11.1.4-h25",
            "PAN-OS 11.1.4-h18",
            "PAN-OS 11.1.4-h17",
            "PAN-OS 11.1.4-h15",
            "PAN-OS 11.1.4-h13",
            "PAN-OS 11.1.4-h12",
            "PAN-OS 11.1.4-h11",
            "PAN-OS 11.1.4-h10",
            "PAN-OS 11.1.4-h9",
            "PAN-OS 11.1.4-h8",
            "PAN-OS 11.1.4-h7",
            "PAN-OS 11.1.4-h6",
            "PAN-OS 11.1.4-h5",
            "PAN-OS 11.1.4-h4",
            "PAN-OS 11.1.4-h3",
            "PAN-OS 11.1.4-h2",
            "PAN-OS 11.1.4-h1",
            "PAN-OS 11.1.4",
            "PAN-OS 11.1.3-h13",
            "PAN-OS 11.1.3-h12",
            "PAN-OS 11.1.3-h11",
            "PAN-OS 11.1.3-h10",
            "PAN-OS 11.1.3-h9",
            "PAN-OS 11.1.3-h8",
            "PAN-OS 11.1.3-h7",
            "PAN-OS 11.1.3-h6",
            "PAN-OS 11.1.3-h5",
            "PAN-OS 11.1.3-h4",
            "PAN-OS 11.1.3-h3",
            "PAN-OS 11.1.3-h2",
            "PAN-OS 11.1.3-h1",
            "PAN-OS 11.1.3",
            "PAN-OS 11.1.2-h18",
            "PAN-OS 11.1.2-h17",
            "PAN-OS 11.1.2-h16",
            "PAN-OS 11.1.2-h15",
            "PAN-OS 11.1.2-h14",
            "PAN-OS 11.1.2-h13",
            "PAN-OS 11.1.2-h12",
            "PAN-OS 11.1.2-h11",
            "PAN-OS 11.1.2-h10",
            "PAN-OS 11.1.2-h9",
            "PAN-OS 11.1.2-h8",
            "PAN-OS 11.1.2-h7",
            "PAN-OS 11.1.2-h6",
            "PAN-OS 11.1.2-h5",
            "PAN-OS 11.1.2-h4",
            "PAN-OS 11.1.2-h3",
            "PAN-OS 11.1.2-h2",
            "PAN-OS 11.1.2-h1",
            "PAN-OS 11.1.2",
            "PAN-OS 11.1.1-h2",
            "PAN-OS 11.1.1-h1",
            "PAN-OS 11.1.1",
            "PAN-OS 11.1.0-h4",
            "PAN-OS 11.1.0-h3",
            "PAN-OS 11.1.0-h2",
            "PAN-OS 11.1.0-h1",
            "PAN-OS 11.1.0",
            "PAN-OS 10.2.18-h6",
            "PAN-OS 10.2.18-h5",
            "PAN-OS 10.2.18-h1",
            "PAN-OS 10.2.18",
            "PAN-OS 10.2.17",
            "PAN-OS 10.2.16-h7",
            "PAN-OS 10.2.16-h6",
            "PAN-OS 10.2.16-h4",
            "PAN-OS 10.2.16-h1",
            "PAN-OS 10.2.16",
            "PAN-OS 10.2.15",
            "PAN-OS 10.2.14-h1",
            "PAN-OS 10.2.14",
            "PAN-OS 10.2.13-h21",
            "PAN-OS 10.2.13-h18",
            "PAN-OS 10.2.13-h16",
            "PAN-OS 10.2.13-h15",
            "PAN-OS 10.2.13-h10",
            "PAN-OS 10.2.13-h7",
            "PAN-OS 10.2.13-h5",
            "PAN-OS 10.2.13-h4",
            "PAN-OS 10.2.13-h3",
            "PAN-OS 10.2.13-h2",
            "PAN-OS 10.2.13-h1",
            "PAN-OS 10.2.13",
            "PAN-OS 10.2.12-h6",
            "PAN-OS 10.2.12-h5",
            "PAN-OS 10.2.12-h4",
            "PAN-OS 10.2.12-h3",
            "PAN-OS 10.2.12-h2",
            "PAN-OS 10.2.12-h1",
            "PAN-OS 10.2.12",
            "PAN-OS 10.2.11-h13",
            "PAN-OS 10.2.11-h12",
            "PAN-OS 10.2.11-h11",
            "PAN-OS 10.2.11-h10",
            "PAN-OS 10.2.11-h9",
            "PAN-OS 10.2.11-h8",
            "PAN-OS 10.2.11-h7",
            "PAN-OS 10.2.11-h6",
            "PAN-OS 10.2.11-h5",
            "PAN-OS 10.2.11-h4",
            "PAN-OS 10.2.11-h3",
            "PAN-OS 10.2.11-h2",
            "PAN-OS 10.2.11-h1",
            "PAN-OS 10.2.11",
            "PAN-OS 10.2.10-h36",
            "PAN-OS 10.2.10-h31",
            "PAN-OS 10.2.10-h30",
            "PAN-OS 10.2.10-h27",
            "PAN-OS 10.2.10-h26",
            "PAN-OS 10.2.10-h23",
            "PAN-OS 10.2.10-h21",
            "PAN-OS 10.2.10-h18",
            "PAN-OS 10.2.10-h17",
            "PAN-OS 10.2.10-h14",
            "PAN-OS 10.2.10-h13",
            "PAN-OS 10.2.10-h12",
            "PAN-OS 10.2.10-h11",
            "PAN-OS 10.2.10-h10",
            "PAN-OS 10.2.10-h9",
            "PAN-OS 10.2.10-h8",
            "PAN-OS 10.2.10-h7",
            "PAN-OS 10.2.10-h6",
            "PAN-OS 10.2.10-h5",
            "PAN-OS 10.2.10-h4",
            "PAN-OS 10.2.10-h3",
            "PAN-OS 10.2.10-h2",
            "PAN-OS 10.2.10-h1",
            "PAN-OS 10.2.10",
            "PAN-OS 10.2.9-h21",
            "PAN-OS 10.2.9-h20",
            "PAN-OS 10.2.9-h19",
            "PAN-OS 10.2.9-h18",
            "PAN-OS 10.2.9-h17",
            "PAN-OS 10.2.9-h16",
            "PAN-OS 10.2.9-h15",
            "PAN-OS 10.2.9-h14",
            "PAN-OS 10.2.9-h13",
            "PAN-OS 10.2.9-h12",
            "PAN-OS 10.2.9-h11",
            "PAN-OS 10.2.9-h10",
            "PAN-OS 10.2.9-h9",
            "PAN-OS 10.2.9-h8",
            "PAN-OS 10.2.9-h7",
            "PAN-OS 10.2.9-h6",
            "PAN-OS 10.2.9-h5",
            "PAN-OS 10.2.9-h4",
            "PAN-OS 10.2.9-h3",
            "PAN-OS 10.2.9-h2",
            "PAN-OS 10.2.9-h1",
            "PAN-OS 10.2.9",
            "PAN-OS 10.2.8-h21",
            "PAN-OS 10.2.8-h20",
            "PAN-OS 10.2.8-h19",
            "PAN-OS 10.2.8-h18",
            "PAN-OS 10.2.8-h17",
            "PAN-OS 10.2.8-h16",
            "PAN-OS 10.2.8-h15",
            "PAN-OS 10.2.8-h14",
            "PAN-OS 10.2.8-h13",
            "PAN-OS 10.2.8-h12",
            "PAN-OS 10.2.8-h11",
            "PAN-OS 10.2.8-h10",
            "PAN-OS 10.2.8-h9",
            "PAN-OS 10.2.8-h8",
            "PAN-OS 10.2.8-h7",
            "PAN-OS 10.2.8-h6",
            "PAN-OS 10.2.8-h5",
            "PAN-OS 10.2.8-h4",
            "PAN-OS 10.2.8-h3",
            "PAN-OS 10.2.8-h2",
            "PAN-OS 10.2.8-h1",
            "PAN-OS 10.2.8",
            "PAN-OS 10.2.7-h34",
            "PAN-OS 10.2.7-h32",
            "PAN-OS 10.2.7-h24",
            "PAN-OS 10.2.7-h23",
            "PAN-OS 10.2.7-h22",
            "PAN-OS 10.2.7-h21",
            "PAN-OS 10.2.7-h20",
            "PAN-OS 10.2.7-h19",
            "PAN-OS 10.2.7-h18",
            "PAN-OS 10.2.7-h17",
            "PAN-OS 10.2.7-h16",
            "PAN-OS 10.2.7-h15",
            "PAN-OS 10.2.7-h14",
            "PAN-OS 10.2.7-h13",
            "PAN-OS 10.2.7-h12",
            "PAN-OS 10.2.7-h11",
            "PAN-OS 10.2.7-h10",
            "PAN-OS 10.2.7-h9",
            "PAN-OS 10.2.7-h8",
            "PAN-OS 10.2.7-h7",
            "PAN-OS 10.2.7-h6",
            "PAN-OS 10.2.7-h5",
            "PAN-OS 10.2.7-h4",
            "PAN-OS 10.2.7-h3",
            "PAN-OS 10.2.7-h2",
            "PAN-OS 10.2.7-h1",
            "PAN-OS 10.2.7",
            "PAN-OS 10.2.6-h6",
            "PAN-OS 10.2.6-h5",
            "PAN-OS 10.2.6-h4",
            "PAN-OS 10.2.6-h3",
            "PAN-OS 10.2.6-h2",
            "PAN-OS 10.2.6-h1",
            "PAN-OS 10.2.6",
            "PAN-OS 10.2.5-h9",
            "PAN-OS 10.2.5-h8",
            "PAN-OS 10.2.5-h7",
            "PAN-OS 10.2.5-h6",
            "PAN-OS 10.2.5-h5",
            "PAN-OS 10.2.5-h4",
            "PAN-OS 10.2.5-h3",
            "PAN-OS 10.2.5-h2",
            "PAN-OS 10.2.5-h1",
            "PAN-OS 10.2.5",
            "PAN-OS 10.2.4-h32",
            "PAN-OS 10.2.4-h31",
            "PAN-OS 10.2.4-h30",
            "PAN-OS 10.2.4-h29",
            "PAN-OS 10.2.4-h28",
            "PAN-OS 10.2.4-h27",
            "PAN-OS 10.2.4-h26",
            "PAN-OS 10.2.4-h25",
            "PAN-OS 10.2.4-h24",
            "PAN-OS 10.2.4-h23",
            "PAN-OS 10.2.4-h22",
            "PAN-OS 10.2.4-h21",
            "PAN-OS 10.2.4-h20",
            "PAN-OS 10.2.4-h19",
            "PAN-OS 10.2.4-h18",
            "PAN-OS 10.2.4-h17",
            "PAN-OS 10.2.4-h16",
            "PAN-OS 10.2.4-h15",
            "PAN-OS 10.2.4-h14",
            "PAN-OS 10.2.4-h13",
            "PAN-OS 10.2.4-h12",
            "PAN-OS 10.2.4-h11",
            "PAN-OS 10.2.4-h10",
            "PAN-OS 10.2.4-h9",
            "PAN-OS 10.2.4-h8",
            "PAN-OS 10.2.4-h7",
            "PAN-OS 10.2.4-h6",
            "PAN-OS 10.2.4-h5",
            "PAN-OS 10.2.4-h4",
            "PAN-OS 10.2.4-h3",
            "PAN-OS 10.2.4-h2",
            "PAN-OS 10.2.4-h1",
            "PAN-OS 10.2.4",
            "PAN-OS 10.2.3-h14",
            "PAN-OS 10.2.3-h13",
            "PAN-OS 10.2.3-h12",
            "PAN-OS 10.2.3-h11",
            "PAN-OS 10.2.3-h10",
            "PAN-OS 10.2.3-h9",
            "PAN-OS 10.2.3-h8",
            "PAN-OS 10.2.3-h7",
            "PAN-OS 10.2.3-h6",
            "PAN-OS 10.2.3-h5",
            "PAN-OS 10.2.3-h4",
            "PAN-OS 10.2.3-h3",
            "PAN-OS 10.2.3-h2",
            "PAN-OS 10.2.3-h1",
            "PAN-OS 10.2.3",
            "PAN-OS 10.2.2-h6",
            "PAN-OS 10.2.2-h5",
            "PAN-OS 10.2.2-h4",
            "PAN-OS 10.2.2-h3",
            "PAN-OS 10.2.2-h2",
            "PAN-OS 10.2.2-h1",
            "PAN-OS 10.2.2",
            "PAN-OS 10.2.1-h3",
            "PAN-OS 10.2.1-h2",
            "PAN-OS 10.2.1-h1",
            "PAN-OS 10.2.1",
            "PAN-OS 10.2.0-h4",
            "PAN-OS 10.2.0-h3",
            "PAN-OS 10.2.0-h2",
            "PAN-OS 10.2.0-h1",
            "PAN-OS 10.2.0"
          ],
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "assignerShortName": "palo_alto",
        "cveId": "CVE-2026-0282",
        "datePublished": "2026-07-09T19:02:26.722Z",
        "dateReserved": "2025-11-03T20:44:41.184Z",
        "dateUpdated": "2026-07-09T19:24:40.688Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-0283 (GCVE-0-2026-0283)

    Vulnerability from cvelistv5 – Published: 2026-07-09 19:01 – Updated: 2026-07-09 19:25
    VLAI
    Title
    PAN-OS: Authentication Bypass Vulnerability in Large Scale VPN (LSVPN)
    Summary
    An authentication bypass vulnerability in Large Scale VPN ( LSVPN) functionality of Palo Alto Networks PAN-OS software allows an attacker with network access to bypass security restrictions and establish an unauthorized site-to-site VPN connection. Panorama, Cloud NGFW, and Prisma® Access are not impacted by this vulnerability.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-306 - Missing Authentication for Critical Function
    Assigner
    References
    Impacted products
    Vendor Product Version
    Palo Alto Networks Cloud NGFW Unaffected: All (custom)
    Create a notification for this product.
    Palo Alto Networks PAN-OS Affected: 12.1.0 , < 12.1.8 (custom)
    Affected: 11.2.0 , < 11.2.13 (custom)
    Affected: 11.1.0 , < 11.1.16 (custom)
    Affected: 10.2.0 , < 10.2.18-h8 (custom)
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.7:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.7:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h16:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.15:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.14:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h28:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h27:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h26:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h25:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h34:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h33:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h32:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h29:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h25:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h23:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h22:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h20:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h19:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h34:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h33:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h32:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h27:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h25:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.17:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.15:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.14:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h22:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h16:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h37:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h36:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h31:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h30:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h27:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h26:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h23:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h35:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h34:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h32:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h24:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h23:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h22:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h20:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h19:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h16:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Palo Alto Networks Prisma Access Unaffected: All (custom)
    Create a notification for this product.
    Date Public
    2026-07-08 16:00
    Credits
    Vaibhav Nagar (internal reporter) and our internal security research teams
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-0283",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-09T19:24:57.850143Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-09T19:25:07.889Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Cloud NGFW",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "All",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.7:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.7:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h16:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.15:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.14:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h28:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h27:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h26:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h25:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h34:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h33:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h32:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h29:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h25:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h23:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h22:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h20:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h19:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h34:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h33:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h32:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h27:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h25:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.17:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.15:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.14:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h22:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h16:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h37:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h36:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h31:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h30:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h27:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h26:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h23:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h35:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h34:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h32:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h24:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h23:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h22:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h20:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h19:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h16:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "PAN-OS",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "12.1.8",
                      "status": "unaffected"
                    },
                    {
                      "at": "12.1.7-h2",
                      "status": "unaffected"
                    },
                    {
                      "at": "12.1.4-h8",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "12.1.8",
                  "status": "affected",
                  "version": "12.1.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "11.2.13",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.2.10-h12",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.2.7-h18",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.2.4-h20",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "11.2.13",
                  "status": "affected",
                  "version": "11.2.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "11.1.16",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.13-h9",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.10-h30",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.7-h8",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.6-h35",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.4-h35",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "11.1.16",
                  "status": "affected",
                  "version": "11.1.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "10.2.18-h8",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.16-h9",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.13-h23",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.10-h39",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.7-h36",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "10.2.18-h8",
                  "status": "affected",
                  "version": "10.2.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Prisma Access",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "All",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "configurations": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eThis issue is applicable only to firewalls using Large Scale VPN (LSVPN) with configured satellites.\u003cbr\u003e\u003c/p\u003e\u003cp\u003eTo check if your firewall has LSVPN satellites configured, run the following from the PAN-OS CLI:\u003cbr\u003e\u003c/p\u003eshow config running | match satellite\u003cp\u003eIf output is returned, LSVPN is in use.\u003c/p\u003e\u003cp\u003eYou can also verify in the web interface by navigating to\u0026nbsp;\u003cb\u003eNetwork\u003c/b\u003e\u003cb\u003e \u0026gt; \u003c/b\u003e\u003cb\u003eGlobalProtect\u003c/b\u003e\u003cb\u003e \u0026gt; \u003c/b\u003e\u003cb\u003ePortals\u003c/b\u003e, selecting each portal, and checking whether the Satellite tab contains any\u0026nbsp;\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/ngfw/administration/large-scale-vpn-lsvpn/configure-the-globalprotect-portal-for-lsvpn/define-the-satellite-configurations\"\u003econfigured satellites\u003c/a\u003e.\u003c/p\u003e"
                }
              ],
              "value": "This issue is applicable only to firewalls using Large Scale VPN (LSVPN) with configured satellites.\n\n\n\n\nTo check if your firewall has LSVPN satellites configured, run the following from the PAN-OS CLI:\n\n\nshow config running | match satellite\n\nIf output is returned, LSVPN is in use.\n\n\n\nYou can also verify in the web interface by navigating to\u00a0Network \u003e GlobalProtect \u003e Portals, selecting each portal, and checking whether the Satellite tab contains any\u00a0 configured satellites https://docs.paloaltonetworks.com/ngfw/administration/large-scale-vpn-lsvpn/configure-the-globalprotect-portal-for-lsvpn/define-the-satellite-configurations ."
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "12.1.8",
                      "versionStartIncluding": "12.1.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "12.1.7-h2",
                      "versionStartIncluding": "12.1.7",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "12.1.4-h8",
                      "versionStartIncluding": "12.1.4",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.13",
                      "versionStartIncluding": "11.2.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.10-h12",
                      "versionStartIncluding": "11.2.10",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.7-h18",
                      "versionStartIncluding": "11.2.7",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.4-h20",
                      "versionStartIncluding": "11.2.4",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.16",
                      "versionStartIncluding": "11.1.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.13-h9",
                      "versionStartIncluding": "11.1.13",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.10-h30",
                      "versionStartIncluding": "11.1.10",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.7-h8",
                      "versionStartIncluding": "11.1.7",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.6-h35",
                      "versionStartIncluding": "11.1.6",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.4-h35",
                      "versionStartIncluding": "11.1.4",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.18-h8",
                      "versionStartIncluding": "10.2.18",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.16-h9",
                      "versionStartIncluding": "10.2.16",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.13-h23",
                      "versionStartIncluding": "10.2.13",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.10-h39",
                      "versionStartIncluding": "10.2.10",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.7-h36",
                      "versionStartIncluding": "10.2.7",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Vaibhav Nagar (internal reporter)  and our internal security research teams"
            }
          ],
          "datePublic": "2026-07-08T16:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An authentication bypass vulnerability in Large Scale VPN ( LSVPN) functionality of Palo Alto Networks PAN-OS software allows an attacker with network access to bypass security restrictions and establish an unauthorized site-to-site VPN connection.\u003cbr\u003e\u003cbr\u003ePanorama, Cloud NGFW, and Prisma\u00ae Access are not impacted by this vulnerability."
                }
              ],
              "value": "An authentication bypass vulnerability in Large Scale VPN ( LSVPN) functionality of Palo Alto Networks PAN-OS software allows an attacker with network access to bypass security restrictions and establish an unauthorized site-to-site VPN connection.\n\nPanorama, Cloud NGFW, and Prisma\u00ae Access are not impacted by this vulnerability."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
                }
              ],
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-115",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-115 Authentication Bypass"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NO",
                "Recovery": "USER",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 4.5,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "UNREPORTED",
                "privilegesRequired": "NONE",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "HIGH",
                "subIntegrityImpact": "LOW",
                "userInteraction": "NONE",
                "valueDensity": "DIFFUSE",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:H/SI:L/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "LOW",
                "vulnConfidentialityImpact": "LOW",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "MODERATE"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "The risk is highest when you allow access to the management interface from external IP addresses on the internet."
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-306",
                  "description": "CWE-306 Missing Authentication for Critical Function",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-09T19:01:34.210Z",
            "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
            "shortName": "palo_alto"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://security.paloaltonetworks.com/CVE-2026-0283"
            }
          ],
          "solutions": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003ctable\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eVersion\u003cbr\u003e\u003c/th\u003e\u003cth\u003eMinor Version\u003cbr\u003e\u003c/th\u003e\u003cth\u003eSuggested Solution\u003cbr\u003e\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003eCloud NGFW All\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePAN-OS 12.1\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e12.1.5 through 12.1.7-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 12.1.7-h2 or 12.1.8 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e12.1.2 through 12.1.4-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 12.1.4-h8 or 12.1.8 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePAN-OS 11.2\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.2.11 through 11.2.12\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.2.13 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.2.8 through 11.2.10-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.2.10-h12 or 11.2.13 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.2.5 through 11.2.7-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.2.7-h18 or 11.2.13 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.2.0 through 11.2.4-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.2.4-h20 or 11.2.13 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePAN-OS 11.1\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.14 through 11.1.15\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.16 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.11 through 11.1.13-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.13-h9 or 11.1.16 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.8 through 11.1.10-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.10-h30 or 11.1.16 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.7 through 11.1.7-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.7-h8 or 11.1.16 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.5 through 11.1.6-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.6-h35 or 11.1.16 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.0 through 11.1.4-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.4-h35 or 11.1.16 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePAN-OS 10.2\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e10.2.17 through 10.2.18-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 10.2.18-h8 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e10.2.14 through 10.2.16-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 10.2.16-h9 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e10.2.11 through 10.2.13-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 10.2.13-h23 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e10.2.8 through 10.2.10-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 10.2.10-h39 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e10.2.0 through 10.2.7-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 10.2.7-h36 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eAll older\u003cbr\u003eunsupported\u003cbr\u003ePAN-OS versions\u003c/td\u003e\u003ctd\u003e\u0026nbsp;\u003c/td\u003e\u003ctd\u003eUpgrade to a supported fixed version.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePrisma Access All\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e"
                }
              ],
              "value": "Version\nMinor Version\nSuggested Solution\nCloud NGFW All\nNo action needed.\n                                PAN-OS 12.1\n\n                                12.1.5 through 12.1.7-h*\n                                Upgrade to 12.1.7-h2 or 12.1.8 or later.\n                            \n                                \n                                12.1.2 through 12.1.4-h*\n                                Upgrade to 12.1.4-h8 or 12.1.8 or later.\n                            \n                                PAN-OS 11.2\n\n                                11.2.11 through 11.2.12\n                                Upgrade to 11.2.13 or later.\n                            \n                                \n                                11.2.8 through 11.2.10-h*\n                                Upgrade to 11.2.10-h12 or 11.2.13 or later.\n                            \n                                \n                                11.2.5 through 11.2.7-h*\n                                Upgrade to 11.2.7-h18 or 11.2.13 or later.\n                            \n                                \n                                11.2.0 through 11.2.4-h*\n                                Upgrade to 11.2.4-h20 or 11.2.13 or later.\n                            \n                                PAN-OS 11.1\n\n                                11.1.14 through 11.1.15\n                                Upgrade to 11.1.16 or later.\n                            \n                                \n                                11.1.11 through 11.1.13-h*\n                                Upgrade to 11.1.13-h9 or 11.1.16 or later.\n                            \n                                \n                                11.1.8 through 11.1.10-h*\n                                Upgrade to 11.1.10-h30 or 11.1.16 or later.\n                            \n                                \n                                11.1.7 through 11.1.7-h*\n                                Upgrade to 11.1.7-h8 or 11.1.16 or later.\n                            \n                                \n                                11.1.5 through 11.1.6-h*\n                                Upgrade to 11.1.6-h35 or 11.1.16 or later.\n                            \n                                \n                                11.1.0 through 11.1.4-h*\n                                Upgrade to 11.1.4-h35 or 11.1.16 or later.\n                            \n                                PAN-OS 10.2\n\n                                10.2.17 through 10.2.18-h*\n                                Upgrade to 10.2.18-h8 or later.\n                            \n                                \n                                10.2.14 through 10.2.16-h*\n                                Upgrade to 10.2.16-h9 or later.\n                            \n                                \n                                10.2.11 through 10.2.13-h*\n                                Upgrade to 10.2.13-h23 or later.\n                            \n                                \n                                10.2.8 through 10.2.10-h*\n                                Upgrade to 10.2.10-h39 or later.\n                            \n                                \n                                10.2.0 through 10.2.7-h*\n                                Upgrade to 10.2.7-h36 or later.\n                            All older\nunsupported\nPAN-OS versions\u00a0Upgrade to a supported fixed version.Prisma Access All\nNo action needed."
            }
          ],
          "source": {
            "discovery": "INTERNAL"
          },
          "timeline": [
            {
              "lang": "en",
              "time": "2026-07-08T16:00:00.000Z",
              "value": "Initial publication"
            }
          ],
          "title": "PAN-OS: Authentication Bypass Vulnerability in Large Scale VPN (LSVPN)",
          "workarounds": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eCustomers with a Threat Prevention subscription are provided with limited coverage against this vulnerability when enabling Threat ID 510032 (from Applications and Threats content version\u0026nbsp;9122-10145 and later).\u0026nbsp;\u003cbr\u003e\u003cbr\u003eTo ensure the Threat ID provides effective protection against this vulnerability, ensure that \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/globalprotect-articles/applying-vulnerability-protection-to-globalprotect-interfaces/ta-p/340184\"\u003evulnerability protection security profile is applied to your GlobalProtect interface\u003c/a\u003e.\u003c/p\u003e"
                }
              ],
              "value": "Customers with a Threat Prevention subscription are provided with limited coverage against this vulnerability when enabling Threat ID 510032 (from Applications and Threats content version\u00a09122-10145 and later).\u00a0\n\nTo ensure the Threat ID provides effective protection against this vulnerability, ensure that  vulnerability protection security profile is applied to your GlobalProtect interface https://live.paloaltonetworks.com/t5/globalprotect-articles/applying-vulnerability-protection-to-globalprotect-interfaces/ta-p/340184 ."
            }
          ],
          "x_affectedList": [
            "PAN-OS 12.1.7-h1",
            "PAN-OS 12.1.7",
            "PAN-OS 12.1.6",
            "PAN-OS 12.1.5",
            "PAN-OS 12.1.4-h7",
            "PAN-OS 12.1.4-h6",
            "PAN-OS 12.1.4-h5",
            "PAN-OS 12.1.4-h3",
            "PAN-OS 12.1.4-h2",
            "PAN-OS 12.1.4",
            "PAN-OS 12.1.3-h3",
            "PAN-OS 12.1.3-h1",
            "PAN-OS 12.1.3",
            "PAN-OS 12.1.2",
            "PAN-OS 11.2.12",
            "PAN-OS 11.2.11",
            "PAN-OS 11.2.10-h10",
            "PAN-OS 11.2.10-h9",
            "PAN-OS 11.2.10-h8",
            "PAN-OS 11.2.10-h7",
            "PAN-OS 11.2.10-h6",
            "PAN-OS 11.2.10-h5",
            "PAN-OS 11.2.10-h4",
            "PAN-OS 11.2.10-h3",
            "PAN-OS 11.2.10-h2",
            "PAN-OS 11.2.10-h1",
            "PAN-OS 11.2.10",
            "PAN-OS 11.2.9",
            "PAN-OS 11.2.8",
            "PAN-OS 11.2.7-h17",
            "PAN-OS 11.2.7-h16",
            "PAN-OS 11.2.7-h15",
            "PAN-OS 11.2.7-h14",
            "PAN-OS 11.2.7-h13",
            "PAN-OS 11.2.7-h12",
            "PAN-OS 11.2.7-h11",
            "PAN-OS 11.2.7-h10",
            "PAN-OS 11.2.7-h8",
            "PAN-OS 11.2.7-h7",
            "PAN-OS 11.2.7-h4",
            "PAN-OS 11.2.7-h3",
            "PAN-OS 11.2.7-h2",
            "PAN-OS 11.2.7-h1",
            "PAN-OS 11.2.7",
            "PAN-OS 11.2.6",
            "PAN-OS 11.2.5",
            "PAN-OS 11.2.4-h18",
            "PAN-OS 11.2.4-h17",
            "PAN-OS 11.2.4-h15",
            "PAN-OS 11.2.4-h14",
            "PAN-OS 11.2.4-h12",
            "PAN-OS 11.2.4-h11",
            "PAN-OS 11.2.4-h10",
            "PAN-OS 11.2.4-h9",
            "PAN-OS 11.2.4-h8",
            "PAN-OS 11.2.4-h7",
            "PAN-OS 11.2.4-h6",
            "PAN-OS 11.2.4-h5",
            "PAN-OS 11.2.4-h4",
            "PAN-OS 11.2.4-h3",
            "PAN-OS 11.2.4-h2",
            "PAN-OS 11.2.4-h1",
            "PAN-OS 11.2.4",
            "PAN-OS 11.2.3-h5",
            "PAN-OS 11.2.3-h4",
            "PAN-OS 11.2.3-h3",
            "PAN-OS 11.2.3-h2",
            "PAN-OS 11.2.3-h1",
            "PAN-OS 11.2.3",
            "PAN-OS 11.2.2-h2",
            "PAN-OS 11.2.2-h1",
            "PAN-OS 11.2.1-h1",
            "PAN-OS 11.2.1",
            "PAN-OS 11.2.0-h1",
            "PAN-OS 11.2.0",
            "PAN-OS 11.1.15",
            "PAN-OS 11.1.14",
            "PAN-OS 11.1.13-h8",
            "PAN-OS 11.1.13-h7",
            "PAN-OS 11.1.13-h6",
            "PAN-OS 11.1.13-h5",
            "PAN-OS 11.1.13-h3",
            "PAN-OS 11.1.13-h2",
            "PAN-OS 11.1.13-h1",
            "PAN-OS 11.1.13",
            "PAN-OS 11.1.12",
            "PAN-OS 11.1.11",
            "PAN-OS 11.1.10-h28",
            "PAN-OS 11.1.10-h27",
            "PAN-OS 11.1.10-h26",
            "PAN-OS 11.1.10-h25",
            "PAN-OS 11.1.10-h21",
            "PAN-OS 11.1.10-h12",
            "PAN-OS 11.1.10-h10",
            "PAN-OS 11.1.10-h9",
            "PAN-OS 11.1.10-h7",
            "PAN-OS 11.1.10-h5",
            "PAN-OS 11.1.10-h4",
            "PAN-OS 11.1.10-h1",
            "PAN-OS 11.1.10",
            "PAN-OS 11.1.9",
            "PAN-OS 11.1.8",
            "PAN-OS 11.1.6-h34",
            "PAN-OS 11.1.6-h33",
            "PAN-OS 11.1.6-h32",
            "PAN-OS 11.1.6-h29",
            "PAN-OS 11.1.6-h25",
            "PAN-OS 11.1.6-h23",
            "PAN-OS 11.1.6-h22",
            "PAN-OS 11.1.6-h21",
            "PAN-OS 11.1.6-h20",
            "PAN-OS 11.1.6-h19",
            "PAN-OS 11.1.6-h18",
            "PAN-OS 11.1.6-h17",
            "PAN-OS 11.1.6-h14",
            "PAN-OS 11.1.6-h10",
            "PAN-OS 11.1.6-h7",
            "PAN-OS 11.1.6-h6",
            "PAN-OS 11.1.6-h4",
            "PAN-OS 11.1.6-h3",
            "PAN-OS 11.1.6-h2",
            "PAN-OS 11.1.6-h1",
            "PAN-OS 11.1.6",
            "PAN-OS 11.1.5-h1",
            "PAN-OS 11.1.5",
            "PAN-OS 11.1.4-h34",
            "PAN-OS 11.1.4-h33",
            "PAN-OS 11.1.4-h32",
            "PAN-OS 11.1.4-h27",
            "PAN-OS 11.1.4-h25",
            "PAN-OS 11.1.4-h18",
            "PAN-OS 11.1.4-h17",
            "PAN-OS 11.1.4-h15",
            "PAN-OS 11.1.4-h13",
            "PAN-OS 11.1.4-h12",
            "PAN-OS 11.1.4-h11",
            "PAN-OS 11.1.4-h10",
            "PAN-OS 11.1.4-h9",
            "PAN-OS 11.1.4-h8",
            "PAN-OS 11.1.4-h7",
            "PAN-OS 11.1.4-h6",
            "PAN-OS 11.1.4-h5",
            "PAN-OS 11.1.4-h4",
            "PAN-OS 11.1.4-h3",
            "PAN-OS 11.1.4-h2",
            "PAN-OS 11.1.4-h1",
            "PAN-OS 11.1.4",
            "PAN-OS 11.1.3-h13",
            "PAN-OS 11.1.3-h12",
            "PAN-OS 11.1.3-h11",
            "PAN-OS 11.1.3-h10",
            "PAN-OS 11.1.3-h9",
            "PAN-OS 11.1.3-h8",
            "PAN-OS 11.1.3-h7",
            "PAN-OS 11.1.3-h6",
            "PAN-OS 11.1.3-h5",
            "PAN-OS 11.1.3-h4",
            "PAN-OS 11.1.3-h3",
            "PAN-OS 11.1.3-h2",
            "PAN-OS 11.1.3-h1",
            "PAN-OS 11.1.3",
            "PAN-OS 11.1.2-h18",
            "PAN-OS 11.1.2-h17",
            "PAN-OS 11.1.2-h16",
            "PAN-OS 11.1.2-h15",
            "PAN-OS 11.1.2-h14",
            "PAN-OS 11.1.2-h13",
            "PAN-OS 11.1.2-h12",
            "PAN-OS 11.1.2-h11",
            "PAN-OS 11.1.2-h10",
            "PAN-OS 11.1.2-h9",
            "PAN-OS 11.1.2-h8",
            "PAN-OS 11.1.2-h7",
            "PAN-OS 11.1.2-h6",
            "PAN-OS 11.1.2-h5",
            "PAN-OS 11.1.2-h4",
            "PAN-OS 11.1.2-h3",
            "PAN-OS 11.1.2-h2",
            "PAN-OS 11.1.2-h1",
            "PAN-OS 11.1.2",
            "PAN-OS 11.1.1-h2",
            "PAN-OS 11.1.1-h1",
            "PAN-OS 11.1.1",
            "PAN-OS 11.1.0-h4",
            "PAN-OS 11.1.0-h3",
            "PAN-OS 11.1.0-h2",
            "PAN-OS 11.1.0-h1",
            "PAN-OS 11.1.0",
            "PAN-OS 10.2.18-h7",
            "PAN-OS 10.2.18-h6",
            "PAN-OS 10.2.18-h5",
            "PAN-OS 10.2.18-h1",
            "PAN-OS 10.2.18",
            "PAN-OS 10.2.17",
            "PAN-OS 10.2.16-h8",
            "PAN-OS 10.2.16-h7",
            "PAN-OS 10.2.16-h6",
            "PAN-OS 10.2.16-h4",
            "PAN-OS 10.2.16-h1",
            "PAN-OS 10.2.16",
            "PAN-OS 10.2.15",
            "PAN-OS 10.2.14-h1",
            "PAN-OS 10.2.14",
            "PAN-OS 10.2.13-h22",
            "PAN-OS 10.2.13-h21",
            "PAN-OS 10.2.13-h18",
            "PAN-OS 10.2.13-h16",
            "PAN-OS 10.2.13-h15",
            "PAN-OS 10.2.13-h10",
            "PAN-OS 10.2.13-h7",
            "PAN-OS 10.2.13-h5",
            "PAN-OS 10.2.13-h4",
            "PAN-OS 10.2.13-h3",
            "PAN-OS 10.2.13-h2",
            "PAN-OS 10.2.13-h1",
            "PAN-OS 10.2.13",
            "PAN-OS 10.2.12-h6",
            "PAN-OS 10.2.12-h5",
            "PAN-OS 10.2.12-h4",
            "PAN-OS 10.2.12-h3",
            "PAN-OS 10.2.12-h2",
            "PAN-OS 10.2.12-h1",
            "PAN-OS 10.2.12",
            "PAN-OS 10.2.11-h13",
            "PAN-OS 10.2.11-h12",
            "PAN-OS 10.2.11-h11",
            "PAN-OS 10.2.11-h10",
            "PAN-OS 10.2.11-h9",
            "PAN-OS 10.2.11-h8",
            "PAN-OS 10.2.11-h7",
            "PAN-OS 10.2.11-h6",
            "PAN-OS 10.2.11-h5",
            "PAN-OS 10.2.11-h4",
            "PAN-OS 10.2.11-h3",
            "PAN-OS 10.2.11-h2",
            "PAN-OS 10.2.11-h1",
            "PAN-OS 10.2.11",
            "PAN-OS 10.2.10-h37",
            "PAN-OS 10.2.10-h36",
            "PAN-OS 10.2.10-h31",
            "PAN-OS 10.2.10-h30",
            "PAN-OS 10.2.10-h27",
            "PAN-OS 10.2.10-h26",
            "PAN-OS 10.2.10-h23",
            "PAN-OS 10.2.10-h21",
            "PAN-OS 10.2.10-h18",
            "PAN-OS 10.2.10-h17",
            "PAN-OS 10.2.10-h14",
            "PAN-OS 10.2.10-h13",
            "PAN-OS 10.2.10-h12",
            "PAN-OS 10.2.10-h11",
            "PAN-OS 10.2.10-h10",
            "PAN-OS 10.2.10-h9",
            "PAN-OS 10.2.10-h8",
            "PAN-OS 10.2.10-h7",
            "PAN-OS 10.2.10-h6",
            "PAN-OS 10.2.10-h5",
            "PAN-OS 10.2.10-h4",
            "PAN-OS 10.2.10-h3",
            "PAN-OS 10.2.10-h2",
            "PAN-OS 10.2.10-h1",
            "PAN-OS 10.2.10",
            "PAN-OS 10.2.9-h21",
            "PAN-OS 10.2.9-h20",
            "PAN-OS 10.2.9-h19",
            "PAN-OS 10.2.9-h18",
            "PAN-OS 10.2.9-h17",
            "PAN-OS 10.2.9-h16",
            "PAN-OS 10.2.9-h15",
            "PAN-OS 10.2.9-h14",
            "PAN-OS 10.2.9-h13",
            "PAN-OS 10.2.9-h12",
            "PAN-OS 10.2.9-h11",
            "PAN-OS 10.2.9-h10",
            "PAN-OS 10.2.9-h9",
            "PAN-OS 10.2.9-h8",
            "PAN-OS 10.2.9-h7",
            "PAN-OS 10.2.9-h6",
            "PAN-OS 10.2.9-h5",
            "PAN-OS 10.2.9-h4",
            "PAN-OS 10.2.9-h3",
            "PAN-OS 10.2.9-h2",
            "PAN-OS 10.2.9-h1",
            "PAN-OS 10.2.9",
            "PAN-OS 10.2.8-h21",
            "PAN-OS 10.2.8-h20",
            "PAN-OS 10.2.8-h19",
            "PAN-OS 10.2.8-h18",
            "PAN-OS 10.2.8-h17",
            "PAN-OS 10.2.8-h16",
            "PAN-OS 10.2.8-h15",
            "PAN-OS 10.2.8-h14",
            "PAN-OS 10.2.8-h13",
            "PAN-OS 10.2.8-h12",
            "PAN-OS 10.2.8-h11",
            "PAN-OS 10.2.8-h10",
            "PAN-OS 10.2.8-h9",
            "PAN-OS 10.2.8-h8",
            "PAN-OS 10.2.8-h7",
            "PAN-OS 10.2.8-h6",
            "PAN-OS 10.2.8-h5",
            "PAN-OS 10.2.8-h4",
            "PAN-OS 10.2.8-h3",
            "PAN-OS 10.2.8-h2",
            "PAN-OS 10.2.8-h1",
            "PAN-OS 10.2.8",
            "PAN-OS 10.2.7-h35",
            "PAN-OS 10.2.7-h34",
            "PAN-OS 10.2.7-h32",
            "PAN-OS 10.2.7-h24",
            "PAN-OS 10.2.7-h23",
            "PAN-OS 10.2.7-h22",
            "PAN-OS 10.2.7-h21",
            "PAN-OS 10.2.7-h20",
            "PAN-OS 10.2.7-h19",
            "PAN-OS 10.2.7-h18",
            "PAN-OS 10.2.7-h17",
            "PAN-OS 10.2.7-h16",
            "PAN-OS 10.2.7-h15",
            "PAN-OS 10.2.7-h14",
            "PAN-OS 10.2.7-h13",
            "PAN-OS 10.2.7-h12",
            "PAN-OS 10.2.7-h11",
            "PAN-OS 10.2.7-h10",
            "PAN-OS 10.2.7-h9",
            "PAN-OS 10.2.7-h8",
            "PAN-OS 10.2.7-h7",
            "PAN-OS 10.2.7-h6",
            "PAN-OS 10.2.7-h5",
            "PAN-OS 10.2.7-h4",
            "PAN-OS 10.2.7-h3",
            "PAN-OS 10.2.7-h2",
            "PAN-OS 10.2.7-h1",
            "PAN-OS 10.2.7",
            "PAN-OS 10.2.6-h6",
            "PAN-OS 10.2.6-h5",
            "PAN-OS 10.2.6-h4",
            "PAN-OS 10.2.6-h3",
            "PAN-OS 10.2.6-h2",
            "PAN-OS 10.2.6-h1",
            "PAN-OS 10.2.6",
            "PAN-OS 10.2.5-h9",
            "PAN-OS 10.2.5-h8",
            "PAN-OS 10.2.5-h7",
            "PAN-OS 10.2.5-h6",
            "PAN-OS 10.2.5-h5",
            "PAN-OS 10.2.5-h4",
            "PAN-OS 10.2.5-h3",
            "PAN-OS 10.2.5-h2",
            "PAN-OS 10.2.5-h1",
            "PAN-OS 10.2.5",
            "PAN-OS 10.2.4-h32",
            "PAN-OS 10.2.4-h31",
            "PAN-OS 10.2.4-h30",
            "PAN-OS 10.2.4-h29",
            "PAN-OS 10.2.4-h28",
            "PAN-OS 10.2.4-h27",
            "PAN-OS 10.2.4-h26",
            "PAN-OS 10.2.4-h25",
            "PAN-OS 10.2.4-h24",
            "PAN-OS 10.2.4-h23",
            "PAN-OS 10.2.4-h22",
            "PAN-OS 10.2.4-h21",
            "PAN-OS 10.2.4-h20",
            "PAN-OS 10.2.4-h19",
            "PAN-OS 10.2.4-h18",
            "PAN-OS 10.2.4-h17",
            "PAN-OS 10.2.4-h16",
            "PAN-OS 10.2.4-h15",
            "PAN-OS 10.2.4-h14",
            "PAN-OS 10.2.4-h13",
            "PAN-OS 10.2.4-h12",
            "PAN-OS 10.2.4-h11",
            "PAN-OS 10.2.4-h10",
            "PAN-OS 10.2.4-h9",
            "PAN-OS 10.2.4-h8",
            "PAN-OS 10.2.4-h7",
            "PAN-OS 10.2.4-h6",
            "PAN-OS 10.2.4-h5",
            "PAN-OS 10.2.4-h4",
            "PAN-OS 10.2.4-h3",
            "PAN-OS 10.2.4-h2",
            "PAN-OS 10.2.4-h1",
            "PAN-OS 10.2.4",
            "PAN-OS 10.2.3-h14",
            "PAN-OS 10.2.3-h13",
            "PAN-OS 10.2.3-h12",
            "PAN-OS 10.2.3-h11",
            "PAN-OS 10.2.3-h10",
            "PAN-OS 10.2.3-h9",
            "PAN-OS 10.2.3-h8",
            "PAN-OS 10.2.3-h7",
            "PAN-OS 10.2.3-h6",
            "PAN-OS 10.2.3-h5",
            "PAN-OS 10.2.3-h4",
            "PAN-OS 10.2.3-h3",
            "PAN-OS 10.2.3-h2",
            "PAN-OS 10.2.3-h1",
            "PAN-OS 10.2.3",
            "PAN-OS 10.2.2-h6",
            "PAN-OS 10.2.2-h5",
            "PAN-OS 10.2.2-h4",
            "PAN-OS 10.2.2-h3",
            "PAN-OS 10.2.2-h2",
            "PAN-OS 10.2.2-h1",
            "PAN-OS 10.2.2",
            "PAN-OS 10.2.1-h3",
            "PAN-OS 10.2.1-h2",
            "PAN-OS 10.2.1-h1",
            "PAN-OS 10.2.1",
            "PAN-OS 10.2.0-h4",
            "PAN-OS 10.2.0-h3",
            "PAN-OS 10.2.0-h2",
            "PAN-OS 10.2.0-h1",
            "PAN-OS 10.2.0"
          ],
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "assignerShortName": "palo_alto",
        "cveId": "CVE-2026-0283",
        "datePublished": "2026-07-09T19:01:34.210Z",
        "dateReserved": "2025-11-03T20:44:41.929Z",
        "dateUpdated": "2026-07-09T19:25:07.889Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-0284 (GCVE-0-2026-0284)

    Vulnerability from cvelistv5 – Published: 2026-07-09 18:59 – Updated: 2026-07-09 19:25
    VLAI
    Title
    PAN-OS: XML Injection Vulnerability in Large Scale VPN (LSVPN)
    Summary
    An XML injection vulnerability in the Large Scale VPN (LSVPN) functionality of Palo Alto Networks PAN-OS® software enables an unauthenticated attacker with network access to inject malicious XML content, potentially leading to information disclosure or corruption of internal LSVPN satellite data. Panorama, Cloud NGFW, and Prisma® Access are not impacted by this vulnerability.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
    Assigner
    References
    Impacted products
    Vendor Product Version
    Palo Alto Networks Cloud NGFW Unaffected: All (custom)
    Create a notification for this product.
    Palo Alto Networks PAN-OS Affected: 12.1.0 , < 12.1.4-h8 (custom)
    Affected: 11.2.0 , < 11.2.4-h20 (custom)
    Affected: 11.1.0 , < 11.1.4-h35 (custom)
    Affected: 10.2.0 , < 10.2.7-h36 (custom)
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.7:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.15:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.14:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h26:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h25:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h32:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h29:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h25:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h23:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h22:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h20:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h19:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h33:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h32:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h27:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h25:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.17:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.15:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.14:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h16:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h36:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h31:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h30:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h27:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h26:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h23:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h34:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h32:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h24:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h23:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h22:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h20:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h19:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h16:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Palo Alto Networks Prisma Access Unaffected: All (custom)
    Create a notification for this product.
    Date Public
    2026-07-08 16:00
    Credits
    our internal security research teams
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-0284",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-09T19:25:21.473868Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-09T19:25:27.319Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Cloud NGFW",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "All",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.7:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.15:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.14:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h26:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h25:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h32:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h29:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h25:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h23:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h22:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h20:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h19:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h33:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h32:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h27:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h25:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.17:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.15:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.14:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h16:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h36:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h31:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h30:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h27:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h26:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h23:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h34:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h32:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h24:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h23:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h22:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h20:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h19:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h16:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "PAN-OS",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "12.1.4-h8",
                      "status": "unaffected"
                    },
                    {
                      "at": "12.1.7-h2",
                      "status": "unaffected"
                    },
                    {
                      "at": "12.1.8",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "12.1.4-h8",
                  "status": "affected",
                  "version": "12.1.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "11.2.4-h20",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.2.7-h18",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.2.10-h12",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.2.13",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "11.2.4-h20",
                  "status": "affected",
                  "version": "11.2.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "11.1.4-h35",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.6-h35",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.7-h8",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.10-h30",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.13-h9",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.16",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "11.1.4-h35",
                  "status": "affected",
                  "version": "11.1.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "10.2.7-h36",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.10-h39",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.13-h23",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.16-h9",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.18-h8",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "10.2.7-h36",
                  "status": "affected",
                  "version": "10.2.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Prisma Access",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "All",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "configurations": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "This issue is applicable only to firewalls using Large Scale VPN (LSVPN) with configured satellites.\u003cbr\u003e\u003cbr\u003eTo check if your firewall has LSVPN satellites configured, run the following from the PAN-OS CLI:\u003cbr\u003e\u003ccode\u003eshow config running | match satellite\u003c/code\u003e\u003cbr\u003e\u003cbr\u003eIf output is returned, LSVPN is in use.\u003cbr\u003e\u003cp\u003eYou can also verify in the web interface by navigating to \u003cb\u003eNetwork \u0026gt; GlobalProtect \u0026gt; Portals\u003c/b\u003e, selecting each portal, and checking whether the \u003cb\u003eSatellite\u003c/b\u003e tab contains any \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/ngfw/administration/large-scale-vpn-lsvpn/configure-the-globalprotect-portal-for-lsvpn/define-the-satellite-configurations\"\u003econfigured satellites\u003c/a\u003e.\u003c/p\u003e"
                }
              ],
              "value": "This issue is applicable only to firewalls using Large Scale VPN (LSVPN) with configured satellites.\n\nTo check if your firewall has LSVPN satellites configured, run the following from the PAN-OS CLI:\nshow config running | match satellite\n\nIf output is returned, LSVPN is in use.\n\n\nYou can also verify in the web interface by navigating to Network \u003e GlobalProtect \u003e Portals, selecting each portal, and checking whether the Satellite tab contains any  configured satellites https://docs.paloaltonetworks.com/ngfw/administration/large-scale-vpn-lsvpn/configure-the-globalprotect-portal-for-lsvpn/define-the-satellite-configurations ."
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "12.1.4-h8",
                      "versionStartIncluding": "12.1.4",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "12.1.7-h2",
                      "versionStartIncluding": "12.1.7",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "12.1.8",
                      "versionStartIncluding": "12.1.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.4-h20",
                      "versionStartIncluding": "11.2.4",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.7-h18",
                      "versionStartIncluding": "11.2.7",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.10-h12",
                      "versionStartIncluding": "11.2.10",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.13",
                      "versionStartIncluding": "11.2.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.4-h35",
                      "versionStartIncluding": "11.1.4",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.6-h35",
                      "versionStartIncluding": "11.1.6",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.7-h8",
                      "versionStartIncluding": "11.1.7",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.10-h30",
                      "versionStartIncluding": "11.1.10",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.13-h9",
                      "versionStartIncluding": "11.1.13",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.16",
                      "versionStartIncluding": "11.1.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.7-h36",
                      "versionStartIncluding": "10.2.7",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.10-h39",
                      "versionStartIncluding": "10.2.10",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.13-h23",
                      "versionStartIncluding": "10.2.13",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.16-h9",
                      "versionStartIncluding": "10.2.16",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.18-h8",
                      "versionStartIncluding": "10.2.18",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "our internal security research teams"
            }
          ],
          "datePublic": "2026-07-08T16:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An XML injection vulnerability in the Large Scale VPN (LSVPN) functionality of Palo Alto Networks PAN-OS\u00ae software enables an unauthenticated attacker with network access to inject malicious XML content, potentially leading to information disclosure or corruption of internal LSVPN satellite data.\u003cbr\u003e\u003cbr\u003ePanorama, Cloud NGFW, and Prisma\u00ae Access are not impacted by this vulnerability."
                }
              ],
              "value": "An XML injection vulnerability in the Large Scale VPN (LSVPN) functionality of Palo Alto Networks PAN-OS\u00ae software enables an unauthenticated attacker with network access to inject malicious XML content, potentially leading to information disclosure or corruption of internal LSVPN satellite data.\n\nPanorama, Cloud NGFW, and Prisma\u00ae Access are not impacted by this vulnerability."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
                }
              ],
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-250",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-250 XML Injection"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NO",
                "Recovery": "AUTOMATIC",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 4.7,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "UNREPORTED",
                "privilegesRequired": "NONE",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "LOW",
                "subConfidentialityImpact": "HIGH",
                "subIntegrityImpact": "LOW",
                "userInteraction": "NONE",
                "valueDensity": "DIFFUSE",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:H/SI:L/SA:L/E:U/AU:N/R:A/V:D/RE:M/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "LOW",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "MODERATE"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-74",
                  "description": "CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-09T18:59:57.586Z",
            "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
            "shortName": "palo_alto"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://security.paloaltonetworks.com/CVE-2026-0284"
            }
          ],
          "solutions": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003ctable\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eVersion\u003c/th\u003e\u003cth\u003eMinor Version Range\u003c/th\u003e\u003cth\u003eSuggested Solution\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003eCloud NGFW\u003c/td\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 12.1\u003c/td\u003e\u003ctd\u003e12.1.5 through 12.1.7-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 12.1.7-h2 or 12.1.8 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e12.1.2 through 12.1.4-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 12.1.4-h8 or 12.1.8 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 11.2\u003c/td\u003e\u003ctd\u003e11.2.11 through 11.2.12\u003c/td\u003e\u003ctd\u003eUpgrade to 11.2.13 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.2.8 through 11.2.10-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.2.10-h12 or 11.2.13 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.2.5 through 11.2.7-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.2.7-h18 or 11.2.13 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.2.0 through 11.2.4-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.2.4-h20 or 11.2.13 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 11.1\u003c/td\u003e\u003ctd\u003e11.1.14 through 11.1.15\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.16 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.1.11 through 11.1.13-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.13-h9 or 11.1.16 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.1.8 through 11.1.10-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.10-h30 or 11.1.16 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.1.7 through 11.1.7-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.7-h8 or 11.1.16 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.1.5 through 11.1.6-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.6-h35 or 11.1.16 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.1.0 through 11.1.4-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.4-h35 or 11.1.16 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 10.2\u003c/td\u003e\u003ctd\u003e10.2.17 through 10.2.18-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.18-h8 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e10.2.14 through 10.2.16-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.16-h9 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e10.2.11 through 10.2.13-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.13-h23 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e10.2.8 through 10.2.10-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.10-h39 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e10.2.0 through 10.2.7-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.7-h36 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eAll other older\u003cbr\u003eunsupported\u003cbr\u003ePAN-OS versions\u003c/td\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003eUpgrade to a supported fixed version.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePrisma Access\u003c/td\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e"
                }
              ],
              "value": "VersionMinor Version RangeSuggested SolutionCloud NGFW\nNo action needed.PAN-OS 12.112.1.5 through 12.1.7-h*Upgrade to 12.1.7-h2 or 12.1.8 or later.\n12.1.2 through 12.1.4-h*Upgrade to 12.1.4-h8 or 12.1.8 or later.PAN-OS 11.211.2.11 through 11.2.12Upgrade to 11.2.13 or later.\n11.2.8 through 11.2.10-h*Upgrade to 11.2.10-h12 or 11.2.13 or later.\n11.2.5 through 11.2.7-h*Upgrade to 11.2.7-h18 or 11.2.13 or later.\n11.2.0 through 11.2.4-h*Upgrade to 11.2.4-h20 or 11.2.13 or later.PAN-OS 11.111.1.14 through 11.1.15Upgrade to 11.1.16 or later.\n11.1.11 through 11.1.13-h*Upgrade to 11.1.13-h9 or 11.1.16 or later.\n11.1.8 through 11.1.10-h*Upgrade to 11.1.10-h30 or 11.1.16 or later.\n11.1.7 through 11.1.7-h*Upgrade to 11.1.7-h8 or 11.1.16 or later.\n11.1.5 through 11.1.6-h*Upgrade to 11.1.6-h35 or 11.1.16 or later.\n11.1.0 through 11.1.4-h*Upgrade to 11.1.4-h35 or 11.1.16 or later.PAN-OS 10.210.2.17 through 10.2.18-h*Upgrade to 10.2.18-h8 or later.\n10.2.14 through 10.2.16-h*Upgrade to 10.2.16-h9 or later.\n10.2.11 through 10.2.13-h*Upgrade to 10.2.13-h23 or later.\n10.2.8 through 10.2.10-h*Upgrade to 10.2.10-h39 or later.\n10.2.0 through 10.2.7-h*Upgrade to 10.2.7-h36 or later.All other older\nunsupported\nPAN-OS versions\nUpgrade to a supported fixed version.Prisma Access\nNo action needed."
            }
          ],
          "source": {
            "discovery": "INTERNAL"
          },
          "timeline": [
            {
              "lang": "en",
              "time": "2026-07-08T16:00:00.000Z",
              "value": "Initial publication"
            }
          ],
          "title": "PAN-OS: XML Injection Vulnerability in Large Scale VPN (LSVPN)",
          "workarounds": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "No known workarounds exist for this issue.\u003cbr\u003e\u003cbr\u003eCustomers with a Threat Prevention subscription are provided with limited coverage against this vulnerability by enabling Threat ID 510031 (from Applications and Threats content version\u0026nbsp;9122-10145 and later).\u003cbr\u003e\u003cp\u003eTo ensure the Threat ID provides effective protection against this vulnerability, ensure that \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/globalprotect-articles/applying-vulnerability-protection-to-globalprotect-interfaces/ta-p/340184\"\u003evulnerability protection security profile is applied to your GlobalProtect interface\u003c/a\u003e.\u003c/p\u003e"
                }
              ],
              "value": "No known workarounds exist for this issue.\n\nCustomers with a Threat Prevention subscription are provided with limited coverage against this vulnerability by enabling Threat ID 510031 (from Applications and Threats content version\u00a09122-10145 and later).\n\n\nTo ensure the Threat ID provides effective protection against this vulnerability, ensure that  vulnerability protection security profile is applied to your GlobalProtect interface https://live.paloaltonetworks.com/t5/globalprotect-articles/applying-vulnerability-protection-to-globalprotect-interfaces/ta-p/340184 ."
            }
          ],
          "x_affectedList": [
            "PAN-OS 12.1.7",
            "PAN-OS 12.1.6",
            "PAN-OS 12.1.5",
            "PAN-OS 12.1.4-h6",
            "PAN-OS 12.1.4-h5",
            "PAN-OS 12.1.4-h3",
            "PAN-OS 12.1.4-h2",
            "PAN-OS 12.1.4",
            "PAN-OS 12.1.3-h3",
            "PAN-OS 12.1.3-h1",
            "PAN-OS 12.1.3",
            "PAN-OS 12.1.2",
            "PAN-OS 11.2.12",
            "PAN-OS 11.2.11",
            "PAN-OS 11.2.10-h8",
            "PAN-OS 11.2.10-h7",
            "PAN-OS 11.2.10-h6",
            "PAN-OS 11.2.10-h5",
            "PAN-OS 11.2.10-h4",
            "PAN-OS 11.2.10-h3",
            "PAN-OS 11.2.10-h2",
            "PAN-OS 11.2.10-h1",
            "PAN-OS 11.2.10",
            "PAN-OS 11.2.9",
            "PAN-OS 11.2.8",
            "PAN-OS 11.2.7-h15",
            "PAN-OS 11.2.7-h14",
            "PAN-OS 11.2.7-h13",
            "PAN-OS 11.2.7-h12",
            "PAN-OS 11.2.7-h11",
            "PAN-OS 11.2.7-h10",
            "PAN-OS 11.2.7-h8",
            "PAN-OS 11.2.7-h7",
            "PAN-OS 11.2.7-h4",
            "PAN-OS 11.2.7-h3",
            "PAN-OS 11.2.7-h2",
            "PAN-OS 11.2.7-h1",
            "PAN-OS 11.2.7",
            "PAN-OS 11.2.6",
            "PAN-OS 11.2.5",
            "PAN-OS 11.2.4-h17",
            "PAN-OS 11.2.4-h15",
            "PAN-OS 11.2.4-h14",
            "PAN-OS 11.2.4-h12",
            "PAN-OS 11.2.4-h11",
            "PAN-OS 11.2.4-h10",
            "PAN-OS 11.2.4-h9",
            "PAN-OS 11.2.4-h8",
            "PAN-OS 11.2.4-h7",
            "PAN-OS 11.2.4-h6",
            "PAN-OS 11.2.4-h5",
            "PAN-OS 11.2.4-h4",
            "PAN-OS 11.2.4-h3",
            "PAN-OS 11.2.4-h2",
            "PAN-OS 11.2.4-h1",
            "PAN-OS 11.2.4",
            "PAN-OS 11.2.3-h5",
            "PAN-OS 11.2.3-h4",
            "PAN-OS 11.2.3-h3",
            "PAN-OS 11.2.3-h2",
            "PAN-OS 11.2.3-h1",
            "PAN-OS 11.2.3",
            "PAN-OS 11.2.2-h2",
            "PAN-OS 11.2.2-h1",
            "PAN-OS 11.2.1-h1",
            "PAN-OS 11.2.1",
            "PAN-OS 11.2.0-h1",
            "PAN-OS 11.2.0",
            "PAN-OS 11.1.15",
            "PAN-OS 11.1.14",
            "PAN-OS 11.1.13-h6",
            "PAN-OS 11.1.13-h5",
            "PAN-OS 11.1.13-h3",
            "PAN-OS 11.1.13-h2",
            "PAN-OS 11.1.13-h1",
            "PAN-OS 11.1.13",
            "PAN-OS 11.1.12",
            "PAN-OS 11.1.11",
            "PAN-OS 11.1.10-h26",
            "PAN-OS 11.1.10-h25",
            "PAN-OS 11.1.10-h21",
            "PAN-OS 11.1.10-h12",
            "PAN-OS 11.1.10-h10",
            "PAN-OS 11.1.10-h9",
            "PAN-OS 11.1.10-h7",
            "PAN-OS 11.1.10-h5",
            "PAN-OS 11.1.10-h4",
            "PAN-OS 11.1.10-h1",
            "PAN-OS 11.1.10",
            "PAN-OS 11.1.9",
            "PAN-OS 11.1.8",
            "PAN-OS 11.1.6-h32",
            "PAN-OS 11.1.6-h29",
            "PAN-OS 11.1.6-h25",
            "PAN-OS 11.1.6-h23",
            "PAN-OS 11.1.6-h22",
            "PAN-OS 11.1.6-h21",
            "PAN-OS 11.1.6-h20",
            "PAN-OS 11.1.6-h19",
            "PAN-OS 11.1.6-h18",
            "PAN-OS 11.1.6-h17",
            "PAN-OS 11.1.6-h14",
            "PAN-OS 11.1.6-h10",
            "PAN-OS 11.1.6-h7",
            "PAN-OS 11.1.6-h6",
            "PAN-OS 11.1.6-h4",
            "PAN-OS 11.1.6-h3",
            "PAN-OS 11.1.6-h2",
            "PAN-OS 11.1.6-h1",
            "PAN-OS 11.1.6",
            "PAN-OS 11.1.5-h1",
            "PAN-OS 11.1.5",
            "PAN-OS 11.1.4-h33",
            "PAN-OS 11.1.4-h32",
            "PAN-OS 11.1.4-h27",
            "PAN-OS 11.1.4-h25",
            "PAN-OS 11.1.4-h18",
            "PAN-OS 11.1.4-h17",
            "PAN-OS 11.1.4-h15",
            "PAN-OS 11.1.4-h13",
            "PAN-OS 11.1.4-h12",
            "PAN-OS 11.1.4-h11",
            "PAN-OS 11.1.4-h10",
            "PAN-OS 11.1.4-h9",
            "PAN-OS 11.1.4-h8",
            "PAN-OS 11.1.4-h7",
            "PAN-OS 11.1.4-h6",
            "PAN-OS 11.1.4-h5",
            "PAN-OS 11.1.4-h4",
            "PAN-OS 11.1.4-h3",
            "PAN-OS 11.1.4-h2",
            "PAN-OS 11.1.4-h1",
            "PAN-OS 11.1.4",
            "PAN-OS 11.1.3-h13",
            "PAN-OS 11.1.3-h12",
            "PAN-OS 11.1.3-h11",
            "PAN-OS 11.1.3-h10",
            "PAN-OS 11.1.3-h9",
            "PAN-OS 11.1.3-h8",
            "PAN-OS 11.1.3-h7",
            "PAN-OS 11.1.3-h6",
            "PAN-OS 11.1.3-h5",
            "PAN-OS 11.1.3-h4",
            "PAN-OS 11.1.3-h3",
            "PAN-OS 11.1.3-h2",
            "PAN-OS 11.1.3-h1",
            "PAN-OS 11.1.3",
            "PAN-OS 11.1.2-h18",
            "PAN-OS 11.1.2-h17",
            "PAN-OS 11.1.2-h16",
            "PAN-OS 11.1.2-h15",
            "PAN-OS 11.1.2-h14",
            "PAN-OS 11.1.2-h13",
            "PAN-OS 11.1.2-h12",
            "PAN-OS 11.1.2-h11",
            "PAN-OS 11.1.2-h10",
            "PAN-OS 11.1.2-h9",
            "PAN-OS 11.1.2-h8",
            "PAN-OS 11.1.2-h7",
            "PAN-OS 11.1.2-h6",
            "PAN-OS 11.1.2-h5",
            "PAN-OS 11.1.2-h4",
            "PAN-OS 11.1.2-h3",
            "PAN-OS 11.1.2-h2",
            "PAN-OS 11.1.2-h1",
            "PAN-OS 11.1.2",
            "PAN-OS 11.1.1-h2",
            "PAN-OS 11.1.1-h1",
            "PAN-OS 11.1.1",
            "PAN-OS 11.1.0-h4",
            "PAN-OS 11.1.0-h3",
            "PAN-OS 11.1.0-h2",
            "PAN-OS 11.1.0-h1",
            "PAN-OS 11.1.0",
            "PAN-OS 10.2.18-h6",
            "PAN-OS 10.2.18-h5",
            "PAN-OS 10.2.18-h1",
            "PAN-OS 10.2.18",
            "PAN-OS 10.2.17",
            "PAN-OS 10.2.16-h7",
            "PAN-OS 10.2.16-h6",
            "PAN-OS 10.2.16-h4",
            "PAN-OS 10.2.16-h1",
            "PAN-OS 10.2.16",
            "PAN-OS 10.2.15",
            "PAN-OS 10.2.14-h1",
            "PAN-OS 10.2.14",
            "PAN-OS 10.2.13-h21",
            "PAN-OS 10.2.13-h18",
            "PAN-OS 10.2.13-h16",
            "PAN-OS 10.2.13-h15",
            "PAN-OS 10.2.13-h10",
            "PAN-OS 10.2.13-h7",
            "PAN-OS 10.2.13-h5",
            "PAN-OS 10.2.13-h4",
            "PAN-OS 10.2.13-h3",
            "PAN-OS 10.2.13-h2",
            "PAN-OS 10.2.13-h1",
            "PAN-OS 10.2.13",
            "PAN-OS 10.2.12-h6",
            "PAN-OS 10.2.12-h5",
            "PAN-OS 10.2.12-h4",
            "PAN-OS 10.2.12-h3",
            "PAN-OS 10.2.12-h2",
            "PAN-OS 10.2.12-h1",
            "PAN-OS 10.2.12",
            "PAN-OS 10.2.11-h13",
            "PAN-OS 10.2.11-h12",
            "PAN-OS 10.2.11-h11",
            "PAN-OS 10.2.11-h10",
            "PAN-OS 10.2.11-h9",
            "PAN-OS 10.2.11-h8",
            "PAN-OS 10.2.11-h7",
            "PAN-OS 10.2.11-h6",
            "PAN-OS 10.2.11-h5",
            "PAN-OS 10.2.11-h4",
            "PAN-OS 10.2.11-h3",
            "PAN-OS 10.2.11-h2",
            "PAN-OS 10.2.11-h1",
            "PAN-OS 10.2.11",
            "PAN-OS 10.2.10-h36",
            "PAN-OS 10.2.10-h31",
            "PAN-OS 10.2.10-h30",
            "PAN-OS 10.2.10-h27",
            "PAN-OS 10.2.10-h26",
            "PAN-OS 10.2.10-h23",
            "PAN-OS 10.2.10-h21",
            "PAN-OS 10.2.10-h18",
            "PAN-OS 10.2.10-h17",
            "PAN-OS 10.2.10-h14",
            "PAN-OS 10.2.10-h13",
            "PAN-OS 10.2.10-h12",
            "PAN-OS 10.2.10-h11",
            "PAN-OS 10.2.10-h10",
            "PAN-OS 10.2.10-h9",
            "PAN-OS 10.2.10-h8",
            "PAN-OS 10.2.10-h7",
            "PAN-OS 10.2.10-h6",
            "PAN-OS 10.2.10-h5",
            "PAN-OS 10.2.10-h4",
            "PAN-OS 10.2.10-h3",
            "PAN-OS 10.2.10-h2",
            "PAN-OS 10.2.10-h1",
            "PAN-OS 10.2.10",
            "PAN-OS 10.2.9-h21",
            "PAN-OS 10.2.9-h20",
            "PAN-OS 10.2.9-h19",
            "PAN-OS 10.2.9-h18",
            "PAN-OS 10.2.9-h17",
            "PAN-OS 10.2.9-h16",
            "PAN-OS 10.2.9-h15",
            "PAN-OS 10.2.9-h14",
            "PAN-OS 10.2.9-h13",
            "PAN-OS 10.2.9-h12",
            "PAN-OS 10.2.9-h11",
            "PAN-OS 10.2.9-h10",
            "PAN-OS 10.2.9-h9",
            "PAN-OS 10.2.9-h8",
            "PAN-OS 10.2.9-h7",
            "PAN-OS 10.2.9-h6",
            "PAN-OS 10.2.9-h5",
            "PAN-OS 10.2.9-h4",
            "PAN-OS 10.2.9-h3",
            "PAN-OS 10.2.9-h2",
            "PAN-OS 10.2.9-h1",
            "PAN-OS 10.2.9",
            "PAN-OS 10.2.8-h21",
            "PAN-OS 10.2.8-h20",
            "PAN-OS 10.2.8-h19",
            "PAN-OS 10.2.8-h18",
            "PAN-OS 10.2.8-h17",
            "PAN-OS 10.2.8-h16",
            "PAN-OS 10.2.8-h15",
            "PAN-OS 10.2.8-h14",
            "PAN-OS 10.2.8-h13",
            "PAN-OS 10.2.8-h12",
            "PAN-OS 10.2.8-h11",
            "PAN-OS 10.2.8-h10",
            "PAN-OS 10.2.8-h9",
            "PAN-OS 10.2.8-h8",
            "PAN-OS 10.2.8-h7",
            "PAN-OS 10.2.8-h6",
            "PAN-OS 10.2.8-h5",
            "PAN-OS 10.2.8-h4",
            "PAN-OS 10.2.8-h3",
            "PAN-OS 10.2.8-h2",
            "PAN-OS 10.2.8-h1",
            "PAN-OS 10.2.8",
            "PAN-OS 10.2.7-h34",
            "PAN-OS 10.2.7-h32",
            "PAN-OS 10.2.7-h24",
            "PAN-OS 10.2.7-h23",
            "PAN-OS 10.2.7-h22",
            "PAN-OS 10.2.7-h21",
            "PAN-OS 10.2.7-h20",
            "PAN-OS 10.2.7-h19",
            "PAN-OS 10.2.7-h18",
            "PAN-OS 10.2.7-h17",
            "PAN-OS 10.2.7-h16",
            "PAN-OS 10.2.7-h15",
            "PAN-OS 10.2.7-h14",
            "PAN-OS 10.2.7-h13",
            "PAN-OS 10.2.7-h12",
            "PAN-OS 10.2.7-h11",
            "PAN-OS 10.2.7-h10",
            "PAN-OS 10.2.7-h9",
            "PAN-OS 10.2.7-h8",
            "PAN-OS 10.2.7-h7",
            "PAN-OS 10.2.7-h6",
            "PAN-OS 10.2.7-h5",
            "PAN-OS 10.2.7-h4",
            "PAN-OS 10.2.7-h3",
            "PAN-OS 10.2.7-h2",
            "PAN-OS 10.2.7-h1",
            "PAN-OS 10.2.7",
            "PAN-OS 10.2.6-h6",
            "PAN-OS 10.2.6-h5",
            "PAN-OS 10.2.6-h4",
            "PAN-OS 10.2.6-h3",
            "PAN-OS 10.2.6-h2",
            "PAN-OS 10.2.6-h1",
            "PAN-OS 10.2.6",
            "PAN-OS 10.2.5-h9",
            "PAN-OS 10.2.5-h8",
            "PAN-OS 10.2.5-h7",
            "PAN-OS 10.2.5-h6",
            "PAN-OS 10.2.5-h5",
            "PAN-OS 10.2.5-h4",
            "PAN-OS 10.2.5-h3",
            "PAN-OS 10.2.5-h2",
            "PAN-OS 10.2.5-h1",
            "PAN-OS 10.2.5",
            "PAN-OS 10.2.4-h32",
            "PAN-OS 10.2.4-h31",
            "PAN-OS 10.2.4-h30",
            "PAN-OS 10.2.4-h29",
            "PAN-OS 10.2.4-h28",
            "PAN-OS 10.2.4-h27",
            "PAN-OS 10.2.4-h26",
            "PAN-OS 10.2.4-h25",
            "PAN-OS 10.2.4-h24",
            "PAN-OS 10.2.4-h23",
            "PAN-OS 10.2.4-h22",
            "PAN-OS 10.2.4-h21",
            "PAN-OS 10.2.4-h20",
            "PAN-OS 10.2.4-h19",
            "PAN-OS 10.2.4-h18",
            "PAN-OS 10.2.4-h17",
            "PAN-OS 10.2.4-h16",
            "PAN-OS 10.2.4-h15",
            "PAN-OS 10.2.4-h14",
            "PAN-OS 10.2.4-h13",
            "PAN-OS 10.2.4-h12",
            "PAN-OS 10.2.4-h11",
            "PAN-OS 10.2.4-h10",
            "PAN-OS 10.2.4-h9",
            "PAN-OS 10.2.4-h8",
            "PAN-OS 10.2.4-h7",
            "PAN-OS 10.2.4-h6",
            "PAN-OS 10.2.4-h5",
            "PAN-OS 10.2.4-h4",
            "PAN-OS 10.2.4-h3",
            "PAN-OS 10.2.4-h2",
            "PAN-OS 10.2.4-h1",
            "PAN-OS 10.2.4",
            "PAN-OS 10.2.3-h14",
            "PAN-OS 10.2.3-h13",
            "PAN-OS 10.2.3-h12",
            "PAN-OS 10.2.3-h11",
            "PAN-OS 10.2.3-h10",
            "PAN-OS 10.2.3-h9",
            "PAN-OS 10.2.3-h8",
            "PAN-OS 10.2.3-h7",
            "PAN-OS 10.2.3-h6",
            "PAN-OS 10.2.3-h5",
            "PAN-OS 10.2.3-h4",
            "PAN-OS 10.2.3-h3",
            "PAN-OS 10.2.3-h2",
            "PAN-OS 10.2.3-h1",
            "PAN-OS 10.2.3",
            "PAN-OS 10.2.2-h6",
            "PAN-OS 10.2.2-h5",
            "PAN-OS 10.2.2-h4",
            "PAN-OS 10.2.2-h3",
            "PAN-OS 10.2.2-h2",
            "PAN-OS 10.2.2-h1",
            "PAN-OS 10.2.2",
            "PAN-OS 10.2.1-h3",
            "PAN-OS 10.2.1-h2",
            "PAN-OS 10.2.1-h1",
            "PAN-OS 10.2.1",
            "PAN-OS 10.2.0-h4",
            "PAN-OS 10.2.0-h3",
            "PAN-OS 10.2.0-h2",
            "PAN-OS 10.2.0-h1",
            "PAN-OS 10.2.0"
          ],
          "x_faq": [
            {
              "answer": "Limited coverage in Threat Prevention means that while known attack patterns can be identified using the current Threat ID, variations may exist that cannot currently be detected. If this CVE and Required Configuration for Exposure impact your environment, we recommend upgrading to an unaffected version.",
              "question": "Why do Threat Prevention signatures provide limited coverage?"
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "assignerShortName": "palo_alto",
        "cveId": "CVE-2026-0284",
        "datePublished": "2026-07-09T18:59:57.586Z",
        "dateReserved": "2025-11-03T20:44:42.748Z",
        "dateUpdated": "2026-07-09T19:25:27.319Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-0285 (GCVE-0-2026-0285)

    Vulnerability from cvelistv5 – Published: 2026-07-09 18:58 – Updated: 2026-07-09 19:25
    VLAI
    Title
    PAN-OS: Server-Side Request Forgery Vulnerability in Management Web Interface
    Summary
    A server-side request forgery (SSRF) vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator with network access to the management web interface to make unauthorized requests from the firewall to internal services. The security risk posed by this issue is minimized when the management interface is restricted to only trusted internal IP addresses according to our recommended  best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 .  Panorama, Cloud NGFW, and Prisma® Access are not impacted by this vulnerability.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-918 - Server-Side Request Forgery (SSRF)
    Assigner
    References
    Impacted products
    Vendor Product Version
    Palo Alto Networks Cloud NGFW Unaffected: All (custom)
    Create a notification for this product.
    Palo Alto Networks PAN-OS Affected: 12.1.0 , < 12.1.8 (custom)
    Affected: 11.2.0 , < 11.2.13 (custom)
    Affected: 11.1.0 , < 11.1.16 (custom)
    Affected: 10.2.0 , < 10.2.18-h8 (custom)
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.7:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.15:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.14:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h26:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h25:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h32:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h29:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h25:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h23:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h22:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h20:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h19:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h33:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h32:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h27:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h25:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.17:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.15:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.14:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h16:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h36:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h31:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h30:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h27:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h26:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h23:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h34:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h32:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h24:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h23:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h22:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h20:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h19:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h16:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Palo Alto Networks Prisma Access Unaffected: All (custom)
    Create a notification for this product.
    Date Public
    2026-07-08 16:00
    Credits
    our internal security research teams
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-0285",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-09T19:25:38.612302Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-09T19:25:44.255Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Cloud NGFW",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "All",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.7:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.15:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.14:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h26:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h25:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h32:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h29:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h25:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h23:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h22:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h20:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h19:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h33:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h32:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h27:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h25:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.17:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.15:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.14:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h16:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h36:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h31:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h30:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h27:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h26:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h23:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h34:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h32:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h24:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h23:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h22:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h20:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h19:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h16:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "PAN-OS",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "12.1.8",
                      "status": "unaffected"
                    },
                    {
                      "at": "12.1.7-h2",
                      "status": "unaffected"
                    },
                    {
                      "at": "12.1.4-h8",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "12.1.8",
                  "status": "affected",
                  "version": "12.1.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "11.2.13",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.2.10-h11",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.2.7-h18",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.2.4-h20",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "11.2.13",
                  "status": "affected",
                  "version": "11.2.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "11.1.16",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.13-h9",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.10-h30",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.7-h8",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.6-h35",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.4-h35",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "11.1.16",
                  "status": "affected",
                  "version": "11.1.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "10.2.18-h8",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.16-h9",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.13-h23",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.10-h39",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.7-h36",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "10.2.18-h8",
                  "status": "affected",
                  "version": "10.2.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Prisma Access",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "All",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "configurations": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003e\u003c/p\u003e\u003cp\u003eThe risk is greatest if you enabled access to the management interface from the internet or any untrusted network either:\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003col\u003e\u003cli\u003eDirectly; or\u003c/li\u003e\u003cli\u003eThrough a dataplane interface that includes a management interface profile.\u003c/li\u003e\u003c/ol\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003eYou reduce the risk if you ensure that you allow only trusted internal IP addresses to access the management interface.\u003c/p\u003e\u003cp\u003e\u003c/p\u003e"
                }
              ],
              "value": "The risk is greatest if you enabled access to the management interface from the internet or any untrusted network either:\n\n\n\n\n\n  *  Directly; or\n  *  Through a dataplane interface that includes a management interface profile.\n\n\n\n\n\n\nYou reduce the risk if you ensure that you allow only trusted internal IP addresses to access the management interface."
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "12.1.4-h8",
                      "versionStartIncluding": "12.1.4",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "12.1.7-h2",
                      "versionStartIncluding": "12.1.7",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "12.1.8",
                      "versionStartIncluding": "12.1.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.4-h20",
                      "versionStartIncluding": "11.2.4",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.7-h18",
                      "versionStartIncluding": "11.2.7",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.10-h11",
                      "versionStartIncluding": "11.2.10",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.13",
                      "versionStartIncluding": "11.2.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.4-h35",
                      "versionStartIncluding": "11.1.4",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.6-h35",
                      "versionStartIncluding": "11.1.6",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.7-h8",
                      "versionStartIncluding": "11.1.7",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.10-h30",
                      "versionStartIncluding": "11.1.10",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.13-h9",
                      "versionStartIncluding": "11.1.13",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.16",
                      "versionStartIncluding": "11.1.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.7-h36",
                      "versionStartIncluding": "10.2.7",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.10-h39",
                      "versionStartIncluding": "10.2.10",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.13-h23",
                      "versionStartIncluding": "10.2.13",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.16-h9",
                      "versionStartIncluding": "10.2.16",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.18-h8",
                      "versionStartIncluding": "10.2.18",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "our internal security research teams"
            }
          ],
          "datePublic": "2026-07-08T16:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003e\u003cspan\u003eA server-side request forgery (SSRF) vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator with network access to the management web interface to make unauthorized requests from the firewall to internal services.\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan\u003eThe security risk posed by this issue is minimized when the management interface is restricted to only trusted internal IP addresses according to our recommended\u0026nbsp;\u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431\"\u003e\u003cspan\u003ebest practice deployment guidelines\u003c/span\u003e\u003c/a\u003e\u003cspan\u003e.\u0026nbsp;\u003cbr\u003e\u003c/span\u003e\u003cspan\u003e\u003cbr\u003ePanorama, Cloud NGFW, and Prisma\u00ae Access are not impacted by this vulnerability.\u003c/span\u003e\u003c/p\u003e"
                }
              ],
              "value": "A server-side request forgery (SSRF) vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator with network access to the management web interface to make unauthorized requests from the firewall to internal services.\n\n\n\nThe security risk posed by this issue is minimized when the management interface is restricted to only trusted internal IP addresses according to our recommended\u00a0 best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 .\u00a0\n\nPanorama, Cloud NGFW, and Prisma\u00ae Access are not impacted by this vulnerability."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
                }
              ],
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-664",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-664 Server-Side Request Forgery"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NO",
                "Recovery": "USER",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 4.7,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "UNREPORTED",
                "privilegesRequired": "HIGH",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "DIFFUSE",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "LOW",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "MODERATE"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "The risk is highest when you allow access to the management interface from external IP addresses on the internet."
                }
              ]
            },
            {
              "cvssV4_0": {
                "Automatable": "NO",
                "Recovery": "USER",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "ADJACENT",
                "baseScore": 4.4,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "UNREPORTED",
                "privilegesRequired": "HIGH",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "DIFFUSE",
                "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "LOW",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "MODERATE"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "You can reduce the risk of exploitation by restricting access to a jump box that is the only system allowed to access the management interface."
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-918",
                  "description": "CWE-918 Server-Side Request Forgery (SSRF)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-09T18:58:14.563Z",
            "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
            "shortName": "palo_alto"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://security.paloaltonetworks.com/CVE-2026-0285"
            }
          ],
          "solutions": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003ctable class=\"tbl\"\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eVersion\u003cbr\u003e\u003c/th\u003e\u003cth\u003eMinor Version\u003cbr\u003e\u003c/th\u003e\u003cth\u003eSuggested Solution\u003cbr\u003e\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003eCloud NGFW\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePAN-OS 12.1\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e12.1.5 through 12.1.7\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 12.1.7-h2 or 12.1.8 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e12.1.2 through 12.1.4\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 12.1.4-h8 or 12.1.8 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePAN-OS 11.2\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.2.11 through 11.2.12\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.2.13 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.2.8 through 11.2.10\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.2.10-h11 or 11.2.13 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.2.5 through 11.2.7\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.2.7-h18 or 11.2.13 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.2.0 through 11.2.4\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.2.4-h20 or 11.2.13 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePAN-OS 11.1\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.14 through 11.1.15\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.16 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.11 through 11.1.13\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.13-h9 or 11.1.16 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.8 through 11.1.10\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.10-h30 or 11.1.16 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.7 through 11.1.7\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.7-h8 or 11.1.16 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.5 through 11.1.6\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.6-h35 or 11.1.16 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.0 through 11.1.4\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.4-h35 or 11.1.16 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePAN-OS 10.2\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e10.2.17 through 10.2.18\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 10.2.18-h8 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e10.2.14 through 10.2.16\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 10.2.16-h9 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e10.2.11 through 10.2.13\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 10.2.13-h23 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e10.2.8 through 10.2.10\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 10.2.10-h39 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e10.2.0 through 10.2.7\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 10.2.7-h36 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eAll older\u003cbr\u003eunsupported\u003cbr\u003ePAN-OS versions\u003c/td\u003e\u003ctd\u003e\u0026nbsp;\u003c/td\u003e\u003ctd\u003eUpgrade to a supported fixed version.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePrisma Access\u0026nbsp;\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e"
                }
              ],
              "value": "Version\nMinor Version\nSuggested Solution\nCloud NGFW\nNo action needed.\n                                PAN-OS 12.1\n\n                                12.1.5 through 12.1.7-h*\n                                Upgrade to 12.1.7-h2 or 12.1.8 or later.\n                            \n                                \n                                12.1.2 through 12.1.4-h*\n                                Upgrade to 12.1.4-h8 or 12.1.8 or later.\n                            \n                                PAN-OS 11.2\n\n                                11.2.11 through 11.2.12\n                                Upgrade to 11.2.13 or later.\n                            \n                                \n                                11.2.8 through 11.2.10-h*\n                                Upgrade to 11.2.10-h11 or 11.2.13 or later.\n                            \n                                \n                                11.2.5 through 11.2.7-h*\n                                Upgrade to 11.2.7-h18 or 11.2.13 or later.\n                            \n                                \n                                11.2.0 through 11.2.4-h*\n                                Upgrade to 11.2.4-h20 or 11.2.13 or later.\n                            \n                                PAN-OS 11.1\n\n                                11.1.14 through 11.1.15\n                                Upgrade to 11.1.16 or later.\n                            \n                                \n                                11.1.11 through 11.1.13-h*\n                                Upgrade to 11.1.13-h9 or 11.1.16 or later.\n                            \n                                \n                                11.1.8 through 11.1.10-h*\n                                Upgrade to 11.1.10-h30 or 11.1.16 or later.\n                            \n                                \n                                11.1.7 through 11.1.7-h*\n                                Upgrade to 11.1.7-h8 or 11.1.16 or later.\n                            \n                                \n                                11.1.5 through 11.1.6-h*\n                                Upgrade to 11.1.6-h35 or 11.1.16 or later.\n                            \n                                \n                                11.1.0 through 11.1.4-h*\n                                Upgrade to 11.1.4-h35 or 11.1.16 or later.\n                            \n                                PAN-OS 10.2\n\n                                10.2.17 through 10.2.18-h*\n                                Upgrade to 10.2.18-h8 or later.\n                            \n                                \n                                10.2.14 through 10.2.16-h*\n                                Upgrade to 10.2.16-h9 or later.\n                            \n                                \n                                10.2.11 through 10.2.13-h*\n                                Upgrade to 10.2.13-h23 or later.\n                            \n                                \n                                10.2.8 through 10.2.10-h*\n                                Upgrade to 10.2.10-h39 or later.\n                            \n                                \n                                10.2.0 through 10.2.7-h*\n                                Upgrade to 10.2.7-h36 or later.\n                            All older\nunsupported\nPAN-OS versions\u00a0Upgrade to a supported fixed version.Prisma Access\u00a0\nNo action needed."
            }
          ],
          "source": {
            "discovery": "INTERNAL"
          },
          "timeline": [
            {
              "lang": "en",
              "time": "2026-07-08T16:00:00.000Z",
              "value": "Initial publication"
            }
          ],
          "title": "PAN-OS: Server-Side Request Forgery Vulnerability in Management Web Interface",
          "workarounds": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003e\u003c/p\u003e\u003cp\u003eThe vast majority of firewalls already follow Palo Alto Networks\u0027 and industry best practices. However, if you have not already, we strongly recommend that you secure access to your management interface according to our \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431\"\u003ebest practice deployment guidelines\u003c/a\u003e. Specifically, you should restrict management interface access to only trusted internal IP addresses.\u003c/p\u003e\u003cp\u003eReview information about how to secure management access to your Palo Alto Networks firewalls:\u003c/p\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431\"\u003e\u003c/a\u003e\u003cul\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431\"\u003e\u003c/a\u003e\u003cli\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431\"\u003e\u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431\"\u003ePalo Alto Networks LIVEcommunity article\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices\"\u003ePalo Alto Networks official and detailed technical documentation\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eCustomers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat ID 510030 (from Applications and Threats content version 9122-10145 and later). For these Threat IDs to protect against attacks for this vulnerability:\u003c/p\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices#id59206398-3dab-4b2f-9b4b-7ea500d036ba\"\u003e\u003c/a\u003e\u003cul\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices#id59206398-3dab-4b2f-9b4b-7ea500d036ba\"\u003e\u003c/a\u003e\u003cli\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices#id59206398-3dab-4b2f-9b4b-7ea500d036ba\"\u003e\u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices#id59206398-3dab-4b2f-9b4b-7ea500d036ba\"\u003eRoute incoming traffic for the MGT port through a DP port\u003c/a\u003e\u0026nbsp;e.g., enabling management profile on a DP interface for management access\u003c/li\u003e\u003cli\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices#id112f7714-8995-4496-bbf9-781e63dec71c\"\u003eReplace the Certificate for Inbound Traffic Management\u003c/a\u003e.\u003c/li\u003e\u003cli\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices#idbbd82587-17a2-42b4-9245-d3714e1e13a2\"\u003eDecrypt inbound traffic to the management interface\u003c/a\u003e\u0026nbsp;so the firewall can inspect it.\u003c/li\u003e\u003cli\u003eEnable threat prevention on the inbound traffic to management services.\u003c/li\u003e\u003c/ul\u003e\u003cp\u003ePlease note that this Threat ID requires SSL Decryption.\u003c/p\u003e\u003cp\u003e\u003c/p\u003e"
                }
              ],
              "value": "The vast majority of firewalls already follow Palo Alto Networks\u0027 and industry best practices. However, if you have not already, we strongly recommend that you secure access to your management interface according to our  best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 . Specifically, you should restrict management interface access to only trusted internal IP addresses.\n\n\n\nReview information about how to secure management access to your Palo Alto Networks firewalls:\n\n  https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431   https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431   *    https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431  Palo Alto Networks LIVEcommunity article https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 \n  *   Palo Alto Networks official and detailed technical documentation https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices \n\n\n\n\nCustomers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat ID 510030 (from Applications and Threats content version 9122-10145 and later). For these Threat IDs to protect against attacks for this vulnerability:\n\n  https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices#id59206398-3dab-4b2f-9b4b-7ea500d036ba   https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices#id59206398-3dab-4b2f-9b4b-7ea500d036ba   *    https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices#id59206398-3dab-4b2f-9b4b-7ea500d036ba  Route incoming traffic for the MGT port through a DP port https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices#id59206398-3dab-4b2f-9b4b-7ea500d036ba \u00a0e.g., enabling management profile on a DP interface for management access\n  *   Replace the Certificate for Inbound Traffic Management https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices#id112f7714-8995-4496-bbf9-781e63dec71c .\n  *   Decrypt inbound traffic to the management interface https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices#idbbd82587-17a2-42b4-9245-d3714e1e13a2 \u00a0so the firewall can inspect it.\n  *  Enable threat prevention on the inbound traffic to management services.\n\n\n\n\nPlease note that this Threat ID requires SSL Decryption."
            }
          ],
          "x_affectedList": [
            "PAN-OS 12.1.7",
            "PAN-OS 12.1.6",
            "PAN-OS 12.1.5",
            "PAN-OS 12.1.4-h6",
            "PAN-OS 12.1.4-h5",
            "PAN-OS 12.1.4-h3",
            "PAN-OS 12.1.4-h2",
            "PAN-OS 12.1.4",
            "PAN-OS 12.1.3-h3",
            "PAN-OS 12.1.3-h1",
            "PAN-OS 12.1.3",
            "PAN-OS 12.1.2",
            "PAN-OS 11.2.12",
            "PAN-OS 11.2.11",
            "PAN-OS 11.2.10-h8",
            "PAN-OS 11.2.10-h7",
            "PAN-OS 11.2.10-h6",
            "PAN-OS 11.2.10-h5",
            "PAN-OS 11.2.10-h4",
            "PAN-OS 11.2.10-h3",
            "PAN-OS 11.2.10-h2",
            "PAN-OS 11.2.10-h1",
            "PAN-OS 11.2.10",
            "PAN-OS 11.2.9",
            "PAN-OS 11.2.8",
            "PAN-OS 11.2.7-h15",
            "PAN-OS 11.2.7-h14",
            "PAN-OS 11.2.7-h13",
            "PAN-OS 11.2.7-h12",
            "PAN-OS 11.2.7-h11",
            "PAN-OS 11.2.7-h10",
            "PAN-OS 11.2.7-h8",
            "PAN-OS 11.2.7-h7",
            "PAN-OS 11.2.7-h4",
            "PAN-OS 11.2.7-h3",
            "PAN-OS 11.2.7-h2",
            "PAN-OS 11.2.7-h1",
            "PAN-OS 11.2.7",
            "PAN-OS 11.2.6",
            "PAN-OS 11.2.5",
            "PAN-OS 11.2.4-h17",
            "PAN-OS 11.2.4-h15",
            "PAN-OS 11.2.4-h14",
            "PAN-OS 11.2.4-h12",
            "PAN-OS 11.2.4-h11",
            "PAN-OS 11.2.4-h10",
            "PAN-OS 11.2.4-h9",
            "PAN-OS 11.2.4-h8",
            "PAN-OS 11.2.4-h7",
            "PAN-OS 11.2.4-h6",
            "PAN-OS 11.2.4-h5",
            "PAN-OS 11.2.4-h4",
            "PAN-OS 11.2.4-h3",
            "PAN-OS 11.2.4-h2",
            "PAN-OS 11.2.4-h1",
            "PAN-OS 11.2.4",
            "PAN-OS 11.2.3-h5",
            "PAN-OS 11.2.3-h4",
            "PAN-OS 11.2.3-h3",
            "PAN-OS 11.2.3-h2",
            "PAN-OS 11.2.3-h1",
            "PAN-OS 11.2.3",
            "PAN-OS 11.2.2-h2",
            "PAN-OS 11.2.2-h1",
            "PAN-OS 11.2.1-h1",
            "PAN-OS 11.2.1",
            "PAN-OS 11.2.0-h1",
            "PAN-OS 11.2.0",
            "PAN-OS 11.1.15",
            "PAN-OS 11.1.14",
            "PAN-OS 11.1.13-h6",
            "PAN-OS 11.1.13-h5",
            "PAN-OS 11.1.13-h3",
            "PAN-OS 11.1.13-h2",
            "PAN-OS 11.1.13-h1",
            "PAN-OS 11.1.13",
            "PAN-OS 11.1.12",
            "PAN-OS 11.1.11",
            "PAN-OS 11.1.10-h26",
            "PAN-OS 11.1.10-h25",
            "PAN-OS 11.1.10-h21",
            "PAN-OS 11.1.10-h12",
            "PAN-OS 11.1.10-h10",
            "PAN-OS 11.1.10-h9",
            "PAN-OS 11.1.10-h7",
            "PAN-OS 11.1.10-h5",
            "PAN-OS 11.1.10-h4",
            "PAN-OS 11.1.10-h1",
            "PAN-OS 11.1.10",
            "PAN-OS 11.1.9",
            "PAN-OS 11.1.8",
            "PAN-OS 11.1.6-h32",
            "PAN-OS 11.1.6-h29",
            "PAN-OS 11.1.6-h25",
            "PAN-OS 11.1.6-h23",
            "PAN-OS 11.1.6-h22",
            "PAN-OS 11.1.6-h21",
            "PAN-OS 11.1.6-h20",
            "PAN-OS 11.1.6-h19",
            "PAN-OS 11.1.6-h18",
            "PAN-OS 11.1.6-h17",
            "PAN-OS 11.1.6-h14",
            "PAN-OS 11.1.6-h10",
            "PAN-OS 11.1.6-h7",
            "PAN-OS 11.1.6-h6",
            "PAN-OS 11.1.6-h4",
            "PAN-OS 11.1.6-h3",
            "PAN-OS 11.1.6-h2",
            "PAN-OS 11.1.6-h1",
            "PAN-OS 11.1.6",
            "PAN-OS 11.1.5-h1",
            "PAN-OS 11.1.5",
            "PAN-OS 11.1.4-h33",
            "PAN-OS 11.1.4-h32",
            "PAN-OS 11.1.4-h27",
            "PAN-OS 11.1.4-h25",
            "PAN-OS 11.1.4-h18",
            "PAN-OS 11.1.4-h17",
            "PAN-OS 11.1.4-h15",
            "PAN-OS 11.1.4-h13",
            "PAN-OS 11.1.4-h12",
            "PAN-OS 11.1.4-h11",
            "PAN-OS 11.1.4-h10",
            "PAN-OS 11.1.4-h9",
            "PAN-OS 11.1.4-h8",
            "PAN-OS 11.1.4-h7",
            "PAN-OS 11.1.4-h6",
            "PAN-OS 11.1.4-h5",
            "PAN-OS 11.1.4-h4",
            "PAN-OS 11.1.4-h3",
            "PAN-OS 11.1.4-h2",
            "PAN-OS 11.1.4-h1",
            "PAN-OS 11.1.4",
            "PAN-OS 11.1.3-h13",
            "PAN-OS 11.1.3-h12",
            "PAN-OS 11.1.3-h11",
            "PAN-OS 11.1.3-h10",
            "PAN-OS 11.1.3-h9",
            "PAN-OS 11.1.3-h8",
            "PAN-OS 11.1.3-h7",
            "PAN-OS 11.1.3-h6",
            "PAN-OS 11.1.3-h5",
            "PAN-OS 11.1.3-h4",
            "PAN-OS 11.1.3-h3",
            "PAN-OS 11.1.3-h2",
            "PAN-OS 11.1.3-h1",
            "PAN-OS 11.1.3",
            "PAN-OS 11.1.2-h18",
            "PAN-OS 11.1.2-h17",
            "PAN-OS 11.1.2-h16",
            "PAN-OS 11.1.2-h15",
            "PAN-OS 11.1.2-h14",
            "PAN-OS 11.1.2-h13",
            "PAN-OS 11.1.2-h12",
            "PAN-OS 11.1.2-h11",
            "PAN-OS 11.1.2-h10",
            "PAN-OS 11.1.2-h9",
            "PAN-OS 11.1.2-h8",
            "PAN-OS 11.1.2-h7",
            "PAN-OS 11.1.2-h6",
            "PAN-OS 11.1.2-h5",
            "PAN-OS 11.1.2-h4",
            "PAN-OS 11.1.2-h3",
            "PAN-OS 11.1.2-h2",
            "PAN-OS 11.1.2-h1",
            "PAN-OS 11.1.2",
            "PAN-OS 11.1.1-h2",
            "PAN-OS 11.1.1-h1",
            "PAN-OS 11.1.1",
            "PAN-OS 11.1.0-h4",
            "PAN-OS 11.1.0-h3",
            "PAN-OS 11.1.0-h2",
            "PAN-OS 11.1.0-h1",
            "PAN-OS 11.1.0",
            "PAN-OS 10.2.18-h6",
            "PAN-OS 10.2.18-h5",
            "PAN-OS 10.2.18-h1",
            "PAN-OS 10.2.18",
            "PAN-OS 10.2.17",
            "PAN-OS 10.2.16-h7",
            "PAN-OS 10.2.16-h6",
            "PAN-OS 10.2.16-h4",
            "PAN-OS 10.2.16-h1",
            "PAN-OS 10.2.16",
            "PAN-OS 10.2.15",
            "PAN-OS 10.2.14-h1",
            "PAN-OS 10.2.14",
            "PAN-OS 10.2.13-h21",
            "PAN-OS 10.2.13-h18",
            "PAN-OS 10.2.13-h16",
            "PAN-OS 10.2.13-h15",
            "PAN-OS 10.2.13-h10",
            "PAN-OS 10.2.13-h7",
            "PAN-OS 10.2.13-h5",
            "PAN-OS 10.2.13-h4",
            "PAN-OS 10.2.13-h3",
            "PAN-OS 10.2.13-h2",
            "PAN-OS 10.2.13-h1",
            "PAN-OS 10.2.13",
            "PAN-OS 10.2.12-h6",
            "PAN-OS 10.2.12-h5",
            "PAN-OS 10.2.12-h4",
            "PAN-OS 10.2.12-h3",
            "PAN-OS 10.2.12-h2",
            "PAN-OS 10.2.12-h1",
            "PAN-OS 10.2.12",
            "PAN-OS 10.2.11-h13",
            "PAN-OS 10.2.11-h12",
            "PAN-OS 10.2.11-h11",
            "PAN-OS 10.2.11-h10",
            "PAN-OS 10.2.11-h9",
            "PAN-OS 10.2.11-h8",
            "PAN-OS 10.2.11-h7",
            "PAN-OS 10.2.11-h6",
            "PAN-OS 10.2.11-h5",
            "PAN-OS 10.2.11-h4",
            "PAN-OS 10.2.11-h3",
            "PAN-OS 10.2.11-h2",
            "PAN-OS 10.2.11-h1",
            "PAN-OS 10.2.11",
            "PAN-OS 10.2.10-h36",
            "PAN-OS 10.2.10-h31",
            "PAN-OS 10.2.10-h30",
            "PAN-OS 10.2.10-h27",
            "PAN-OS 10.2.10-h26",
            "PAN-OS 10.2.10-h23",
            "PAN-OS 10.2.10-h21",
            "PAN-OS 10.2.10-h18",
            "PAN-OS 10.2.10-h17",
            "PAN-OS 10.2.10-h14",
            "PAN-OS 10.2.10-h13",
            "PAN-OS 10.2.10-h12",
            "PAN-OS 10.2.10-h11",
            "PAN-OS 10.2.10-h10",
            "PAN-OS 10.2.10-h9",
            "PAN-OS 10.2.10-h8",
            "PAN-OS 10.2.10-h7",
            "PAN-OS 10.2.10-h6",
            "PAN-OS 10.2.10-h5",
            "PAN-OS 10.2.10-h4",
            "PAN-OS 10.2.10-h3",
            "PAN-OS 10.2.10-h2",
            "PAN-OS 10.2.10-h1",
            "PAN-OS 10.2.10",
            "PAN-OS 10.2.9-h21",
            "PAN-OS 10.2.9-h20",
            "PAN-OS 10.2.9-h19",
            "PAN-OS 10.2.9-h18",
            "PAN-OS 10.2.9-h17",
            "PAN-OS 10.2.9-h16",
            "PAN-OS 10.2.9-h15",
            "PAN-OS 10.2.9-h14",
            "PAN-OS 10.2.9-h13",
            "PAN-OS 10.2.9-h12",
            "PAN-OS 10.2.9-h11",
            "PAN-OS 10.2.9-h10",
            "PAN-OS 10.2.9-h9",
            "PAN-OS 10.2.9-h8",
            "PAN-OS 10.2.9-h7",
            "PAN-OS 10.2.9-h6",
            "PAN-OS 10.2.9-h5",
            "PAN-OS 10.2.9-h4",
            "PAN-OS 10.2.9-h3",
            "PAN-OS 10.2.9-h2",
            "PAN-OS 10.2.9-h1",
            "PAN-OS 10.2.9",
            "PAN-OS 10.2.8-h21",
            "PAN-OS 10.2.8-h20",
            "PAN-OS 10.2.8-h19",
            "PAN-OS 10.2.8-h18",
            "PAN-OS 10.2.8-h17",
            "PAN-OS 10.2.8-h16",
            "PAN-OS 10.2.8-h15",
            "PAN-OS 10.2.8-h14",
            "PAN-OS 10.2.8-h13",
            "PAN-OS 10.2.8-h12",
            "PAN-OS 10.2.8-h11",
            "PAN-OS 10.2.8-h10",
            "PAN-OS 10.2.8-h9",
            "PAN-OS 10.2.8-h8",
            "PAN-OS 10.2.8-h7",
            "PAN-OS 10.2.8-h6",
            "PAN-OS 10.2.8-h5",
            "PAN-OS 10.2.8-h4",
            "PAN-OS 10.2.8-h3",
            "PAN-OS 10.2.8-h2",
            "PAN-OS 10.2.8-h1",
            "PAN-OS 10.2.8",
            "PAN-OS 10.2.7-h34",
            "PAN-OS 10.2.7-h32",
            "PAN-OS 10.2.7-h24",
            "PAN-OS 10.2.7-h23",
            "PAN-OS 10.2.7-h22",
            "PAN-OS 10.2.7-h21",
            "PAN-OS 10.2.7-h20",
            "PAN-OS 10.2.7-h19",
            "PAN-OS 10.2.7-h18",
            "PAN-OS 10.2.7-h17",
            "PAN-OS 10.2.7-h16",
            "PAN-OS 10.2.7-h15",
            "PAN-OS 10.2.7-h14",
            "PAN-OS 10.2.7-h13",
            "PAN-OS 10.2.7-h12",
            "PAN-OS 10.2.7-h11",
            "PAN-OS 10.2.7-h10",
            "PAN-OS 10.2.7-h9",
            "PAN-OS 10.2.7-h8",
            "PAN-OS 10.2.7-h7",
            "PAN-OS 10.2.7-h6",
            "PAN-OS 10.2.7-h5",
            "PAN-OS 10.2.7-h4",
            "PAN-OS 10.2.7-h3",
            "PAN-OS 10.2.7-h2",
            "PAN-OS 10.2.7-h1",
            "PAN-OS 10.2.7",
            "PAN-OS 10.2.6-h6",
            "PAN-OS 10.2.6-h5",
            "PAN-OS 10.2.6-h4",
            "PAN-OS 10.2.6-h3",
            "PAN-OS 10.2.6-h2",
            "PAN-OS 10.2.6-h1",
            "PAN-OS 10.2.6",
            "PAN-OS 10.2.5-h9",
            "PAN-OS 10.2.5-h8",
            "PAN-OS 10.2.5-h7",
            "PAN-OS 10.2.5-h6",
            "PAN-OS 10.2.5-h5",
            "PAN-OS 10.2.5-h4",
            "PAN-OS 10.2.5-h3",
            "PAN-OS 10.2.5-h2",
            "PAN-OS 10.2.5-h1",
            "PAN-OS 10.2.5",
            "PAN-OS 10.2.4-h32",
            "PAN-OS 10.2.4-h31",
            "PAN-OS 10.2.4-h30",
            "PAN-OS 10.2.4-h29",
            "PAN-OS 10.2.4-h28",
            "PAN-OS 10.2.4-h27",
            "PAN-OS 10.2.4-h26",
            "PAN-OS 10.2.4-h25",
            "PAN-OS 10.2.4-h24",
            "PAN-OS 10.2.4-h23",
            "PAN-OS 10.2.4-h22",
            "PAN-OS 10.2.4-h21",
            "PAN-OS 10.2.4-h20",
            "PAN-OS 10.2.4-h19",
            "PAN-OS 10.2.4-h18",
            "PAN-OS 10.2.4-h17",
            "PAN-OS 10.2.4-h16",
            "PAN-OS 10.2.4-h15",
            "PAN-OS 10.2.4-h14",
            "PAN-OS 10.2.4-h13",
            "PAN-OS 10.2.4-h12",
            "PAN-OS 10.2.4-h11",
            "PAN-OS 10.2.4-h10",
            "PAN-OS 10.2.4-h9",
            "PAN-OS 10.2.4-h8",
            "PAN-OS 10.2.4-h7",
            "PAN-OS 10.2.4-h6",
            "PAN-OS 10.2.4-h5",
            "PAN-OS 10.2.4-h4",
            "PAN-OS 10.2.4-h3",
            "PAN-OS 10.2.4-h2",
            "PAN-OS 10.2.4-h1",
            "PAN-OS 10.2.4",
            "PAN-OS 10.2.3-h14",
            "PAN-OS 10.2.3-h13",
            "PAN-OS 10.2.3-h12",
            "PAN-OS 10.2.3-h11",
            "PAN-OS 10.2.3-h10",
            "PAN-OS 10.2.3-h9",
            "PAN-OS 10.2.3-h8",
            "PAN-OS 10.2.3-h7",
            "PAN-OS 10.2.3-h6",
            "PAN-OS 10.2.3-h5",
            "PAN-OS 10.2.3-h4",
            "PAN-OS 10.2.3-h3",
            "PAN-OS 10.2.3-h2",
            "PAN-OS 10.2.3-h1",
            "PAN-OS 10.2.3",
            "PAN-OS 10.2.2-h6",
            "PAN-OS 10.2.2-h5",
            "PAN-OS 10.2.2-h4",
            "PAN-OS 10.2.2-h3",
            "PAN-OS 10.2.2-h2",
            "PAN-OS 10.2.2-h1",
            "PAN-OS 10.2.2",
            "PAN-OS 10.2.1-h3",
            "PAN-OS 10.2.1-h2",
            "PAN-OS 10.2.1-h1",
            "PAN-OS 10.2.1",
            "PAN-OS 10.2.0-h4",
            "PAN-OS 10.2.0-h3",
            "PAN-OS 10.2.0-h2",
            "PAN-OS 10.2.0-h1",
            "PAN-OS 10.2.0"
          ],
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "assignerShortName": "palo_alto",
        "cveId": "CVE-2026-0285",
        "datePublished": "2026-07-09T18:58:14.563Z",
        "dateReserved": "2025-11-03T20:44:43.620Z",
        "dateUpdated": "2026-07-09T19:25:44.255Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-0286 (GCVE-0-2026-0286)

    Vulnerability from cvelistv5 – Published: 2026-07-09 18:56 – Updated: 2026-07-09 19:26
    VLAI
    Title
    PAN-OS: Authenticated Command Injection in CLI
    Summary
    A command injection vulnerability in the management plane of Palo Alto Networks PAN-OS® software enables an authenticated administrator to execute arbitrary OS commands as root. The security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of administrators. This issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series). Cloud NGFW and Prisma Access® are not impacted by this vulnerability.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    References
    Impacted products
    Vendor Product Version
    Palo Alto Networks Cloud NGFW Unaffected: All (custom)
    Create a notification for this product.
    Palo Alto Networks PAN-OS Affected: 12.1.0 , < 12.1.8 (custom)
    Affected: 11.2.0 , < 11.2.13 (custom)
    Affected: 11.1.0 , < 11.1.16 (custom)
    Affected: 10.2.0 , < 10.2.18-h8 (custom)
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.7:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.15:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.14:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h26:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h25:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h32:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h29:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h25:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h23:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h22:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h20:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h19:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h33:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h32:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h27:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h25:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.17:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.15:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.14:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h16:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h36:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h31:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h30:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h27:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h26:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h23:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h34:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h32:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h24:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h23:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h22:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h20:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h19:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h16:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Palo Alto Networks Prisma Access Unaffected: All (custom)
    Create a notification for this product.
    Date Public
    2026-07-08 16:00
    Credits
    Curious of TRAPA Security our internal security research teams
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-0286",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-09T19:25:55.330135Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-09T19:26:01.748Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Cloud NGFW",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "All",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.7:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.15:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.14:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h26:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h25:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h32:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h29:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h25:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h23:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h22:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h20:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h19:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h33:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h32:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h27:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h25:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.17:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.15:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.14:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h16:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h36:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h31:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h30:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h27:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h26:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h23:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h34:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h32:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h24:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h23:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h22:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h20:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h19:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h16:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "PAN-OS",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "12.1.8",
                      "status": "unaffected"
                    },
                    {
                      "at": "12.1.7-h2",
                      "status": "unaffected"
                    },
                    {
                      "at": "12.1.4-h8",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "12.1.8",
                  "status": "affected",
                  "version": "12.1.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "11.2.13",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.2.10-h11",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.2.7-h18",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.2.4-h20",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "11.2.13",
                  "status": "affected",
                  "version": "11.2.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "11.1.16",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.13-h9",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.10-h30",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.7-h8",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.6-h35",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.4-h35",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "11.1.16",
                  "status": "affected",
                  "version": "11.1.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "10.2.18-h8",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.16-h9",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.13-h23",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.10-h39",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.7-h36",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "10.2.18-h8",
                  "status": "affected",
                  "version": "10.2.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Prisma Access",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "All",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "configurations": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "No special configuration is required to be affected by this issue."
                }
              ],
              "value": "No special configuration is required to be affected by this issue."
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "12.1.8",
                      "versionStartIncluding": "12.1.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "12.1.7-h2",
                      "versionStartIncluding": "12.1.7",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "12.1.4-h8",
                      "versionStartIncluding": "12.1.4",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.13",
                      "versionStartIncluding": "11.2.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.10-h11",
                      "versionStartIncluding": "11.2.10",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.7-h18",
                      "versionStartIncluding": "11.2.7",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.4-h20",
                      "versionStartIncluding": "11.2.4",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.16",
                      "versionStartIncluding": "11.1.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.13-h9",
                      "versionStartIncluding": "11.1.13",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.10-h30",
                      "versionStartIncluding": "11.1.10",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.7-h8",
                      "versionStartIncluding": "11.1.7",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.6-h35",
                      "versionStartIncluding": "11.1.6",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.4-h35",
                      "versionStartIncluding": "11.1.4",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.18-h8",
                      "versionStartIncluding": "10.2.18",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.16-h9",
                      "versionStartIncluding": "10.2.16",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.13-h23",
                      "versionStartIncluding": "10.2.13",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.10-h39",
                      "versionStartIncluding": "10.2.10",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.7-h36",
                      "versionStartIncluding": "10.2.7",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Curious of TRAPA Security"
            },
            {
              "lang": "en",
              "type": "finder",
              "value": "our internal security research teams"
            }
          ],
          "datePublic": "2026-07-08T16:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eA command injection vulnerability in the management plane of Palo Alto Networks PAN-OS\u00ae software enables an authenticated administrator to execute arbitrary OS commands as root.\u003c/p\u003e\u003cp\u003eThe security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of administrators.\u003c/p\u003e\u003cp\u003eThis issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series).\u003c/p\u003e\u003cp\u003eCloud NGFW and Prisma Access\u00ae  are not impacted by this vulnerability.\u003c/p\u003e"
                }
              ],
              "value": "A command injection vulnerability in the management plane of Palo Alto Networks PAN-OS\u00ae software enables an authenticated administrator to execute arbitrary OS commands as root.\n\n\n\nThe security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of administrators.\n\n\n\nThis issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series).\n\n\n\nCloud NGFW and Prisma Access\u00ae  are not impacted by this vulnerability."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
                }
              ],
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-88",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-88 OS Command Injection"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NO",
                "Recovery": "USER",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 6,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "UNREPORTED",
                "privilegesRequired": "HIGH",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "DIFFUSE",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "MODERATE"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-09T18:56:29.289Z",
            "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
            "shortName": "palo_alto"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://security.paloaltonetworks.com/CVE-2026-0286"
            }
          ],
          "solutions": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003ctable class=\"tbl\"\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eVersion\u003cbr\u003e\u003c/th\u003e\u003cth\u003eMinor Version\u003cbr\u003e\u003c/th\u003e\u003cth\u003eSuggested Solution\u003cbr\u003e\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003eCloud NGFW All\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePAN-OS 12.1\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e12.1.5 through 12.1.7\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 12.1.7-h2 or 12.1.8 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e12.1.2 through 12.1.4\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 12.1.4-h8 or 12.1.8 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePAN-OS 11.2\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.2.11 through 11.2.12\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.2.13 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.2.8 through 11.2.10\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.2.10-h11 or 11.2.13 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.2.5 through 11.2.7\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.2.7-h18 or 11.2.13 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.2.0 through 11.2.4\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.2.4-h20 or 11.2.13 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePAN-OS 11.1\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.14 through 11.1.15\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.16 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.11 through 11.1.13\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.13-h9 or 11.1.16 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.8 through 11.1.10\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.10-h30 or 11.1.16 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.7 through 11.1.7\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.7-h8 or 11.1.16 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.5 through 11.1.6\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.6-h35 or 11.1.16 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.0 through 11.1.4\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.4-h35 or 11.1.16 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePAN-OS 10.2\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e10.2.17 through 10.2.18\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 10.2.18-h8 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e10.2.14 through 10.2.16\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 10.2.16-h9 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e10.2.11 through 10.2.13\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 10.2.13-h23 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e10.2.8 through 10.2.10\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 10.2.10-h39 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e10.2.0 through 10.2.7\u003cb\u003e-\u003c/b\u003eh*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 10.2.7-h36 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eAll older\u003cbr\u003eunsupported\u003cbr\u003ePAN-OS versions\u003c/td\u003e\u003ctd\u003e\u0026nbsp;\u003c/td\u003e\u003ctd\u003eUpgrade to a supported fixed version.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePrisma Access\u0026nbsp;\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e"
                }
              ],
              "value": "Version\nMinor Version\nSuggested Solution\nCloud NGFW All\nNo action needed.\n                                PAN-OS 12.1\n\n                                12.1.5 through 12.1.7-h*\n                                Upgrade to 12.1.7-h2 or 12.1.8 or later.\n                            \n                                \n                                12.1.2 through 12.1.4-h*\n                                Upgrade to 12.1.4-h8 or 12.1.8 or later.\n                            \n                                PAN-OS 11.2\n\n                                11.2.11 through 11.2.12\n                                Upgrade to 11.2.13 or later.\n                            \n                                \n                                11.2.8 through 11.2.10-h*\n                                Upgrade to 11.2.10-h11 or 11.2.13 or later.\n                            \n                                \n                                11.2.5 through 11.2.7-h*\n                                Upgrade to 11.2.7-h18 or 11.2.13 or later.\n                            \n                                \n                                11.2.0 through 11.2.4-h*\n                                Upgrade to 11.2.4-h20 or 11.2.13 or later.\n                            \n                                PAN-OS 11.1\n\n                                11.1.14 through 11.1.15\n                                Upgrade to 11.1.16 or later.\n                            \n                                \n                                11.1.11 through 11.1.13-h*\n                                Upgrade to 11.1.13-h9 or 11.1.16 or later.\n                            \n                                \n                                11.1.8 through 11.1.10-h*\n                                Upgrade to 11.1.10-h30 or 11.1.16 or later.\n                            \n                                \n                                11.1.7 through 11.1.7-h*\n                                Upgrade to 11.1.7-h8 or 11.1.16 or later.\n                            \n                                \n                                11.1.5 through 11.1.6-h*\n                                Upgrade to 11.1.6-h35 or 11.1.16 or later.\n                            \n                                \n                                11.1.0 through 11.1.4-h*\n                                Upgrade to 11.1.4-h35 or 11.1.16 or later.\n                            \n                                PAN-OS 10.2\n\n                                10.2.17 through 10.2.18-h*\n                                Upgrade to 10.2.18-h8 or later.\n                            \n                                \n                                10.2.14 through 10.2.16-h*\n                                Upgrade to 10.2.16-h9 or later.\n                            \n                                \n                                10.2.11 through 10.2.13-h*\n                                Upgrade to 10.2.13-h23 or later.\n                            \n                                \n                                10.2.8 through 10.2.10-h*\n                                Upgrade to 10.2.10-h39 or later.\n                            \n                                \n                                10.2.0 through 10.2.7-h*\n                                Upgrade to 10.2.7-h36 or later.\n                            All older\nunsupported\nPAN-OS versions\u00a0Upgrade to a supported fixed version.Prisma Access\u00a0\n\nNo action needed."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "timeline": [
            {
              "lang": "en",
              "time": "2026-07-08T16:00:00.000Z",
              "value": "Initial Publication"
            }
          ],
          "title": "PAN-OS: Authenticated Command Injection in CLI",
          "workarounds": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003e\u003c/p\u003e\u003cp\u003eCustomers with a Threat Prevention subscription are provided with limited coverage against this vulnerability by enabling Threat ID 510036 (from Applications and Threats content version 9122-10145 and later). For these Threat IDs to protect against attacks for this vulnerability:\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices#id59206398-3dab-4b2f-9b4b-7ea500d036ba\"\u003eRoute incoming traffic for the MGT port through a DP port\u003c/a\u003e, e.g., enabling management profile on a DP interface for management access.\u003c/li\u003e\u003cli\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices#id112f7714-8995-4496-bbf9-781e63dec71c\"\u003eReplace the Certificate for Inbound Traffic Management\u003c/a\u003e.\u0026nbsp;\u003c/li\u003e\u003cli\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices#idbbd82587-17a2-42b4-9245-d3714e1e13a2\"\u003eDecrypt inbound traffic to the management\u0026nbsp;interface\u0026nbsp;so the firewall can inspect it.\u003c/a\u003e\u003c/li\u003e\u003cli\u003eEnable threat prevention on the inbound traffic to management services.\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003ePlease note that this Threat ID requires SSL Decryption.\u003c/p\u003e\u003cp\u003e\u003c/p\u003e"
                }
              ],
              "value": "Customers with a Threat Prevention subscription are provided with limited coverage against this vulnerability by enabling Threat ID 510036 (from Applications and Threats content version 9122-10145 and later). For these Threat IDs to protect against attacks for this vulnerability:\n\n\n\n\n\n  *   Route incoming traffic for the MGT port through a DP port https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices#id59206398-3dab-4b2f-9b4b-7ea500d036ba , e.g., enabling management profile on a DP interface for management access.\n  *   Replace the Certificate for Inbound Traffic Management https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices#id112f7714-8995-4496-bbf9-781e63dec71c .\u00a0\n  *   Decrypt inbound traffic to the management\u00a0interface\u00a0so the firewall can inspect it. https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices#idbbd82587-17a2-42b4-9245-d3714e1e13a2 \n  *  Enable threat prevention on the inbound traffic to management services.\n\n\n\n\n\n\n\n\nPlease note that this Threat ID requires SSL Decryption."
            }
          ],
          "x_affectedList": [
            "PAN-OS 12.1.7",
            "PAN-OS 12.1.6",
            "PAN-OS 12.1.5",
            "PAN-OS 12.1.4-h6",
            "PAN-OS 12.1.4-h5",
            "PAN-OS 12.1.4-h3",
            "PAN-OS 12.1.4-h2",
            "PAN-OS 12.1.4",
            "PAN-OS 12.1.3-h3",
            "PAN-OS 12.1.3-h1",
            "PAN-OS 12.1.3",
            "PAN-OS 12.1.2",
            "PAN-OS 11.2.12",
            "PAN-OS 11.2.11",
            "PAN-OS 11.2.10-h8",
            "PAN-OS 11.2.10-h7",
            "PAN-OS 11.2.10-h6",
            "PAN-OS 11.2.10-h5",
            "PAN-OS 11.2.10-h4",
            "PAN-OS 11.2.10-h3",
            "PAN-OS 11.2.10-h2",
            "PAN-OS 11.2.10-h1",
            "PAN-OS 11.2.10",
            "PAN-OS 11.2.9",
            "PAN-OS 11.2.8",
            "PAN-OS 11.2.7-h15",
            "PAN-OS 11.2.7-h14",
            "PAN-OS 11.2.7-h13",
            "PAN-OS 11.2.7-h12",
            "PAN-OS 11.2.7-h11",
            "PAN-OS 11.2.7-h10",
            "PAN-OS 11.2.7-h8",
            "PAN-OS 11.2.7-h7",
            "PAN-OS 11.2.7-h4",
            "PAN-OS 11.2.7-h3",
            "PAN-OS 11.2.7-h2",
            "PAN-OS 11.2.7-h1",
            "PAN-OS 11.2.7",
            "PAN-OS 11.2.6",
            "PAN-OS 11.2.5",
            "PAN-OS 11.2.4-h17",
            "PAN-OS 11.2.4-h15",
            "PAN-OS 11.2.4-h14",
            "PAN-OS 11.2.4-h12",
            "PAN-OS 11.2.4-h11",
            "PAN-OS 11.2.4-h10",
            "PAN-OS 11.2.4-h9",
            "PAN-OS 11.2.4-h8",
            "PAN-OS 11.2.4-h7",
            "PAN-OS 11.2.4-h6",
            "PAN-OS 11.2.4-h5",
            "PAN-OS 11.2.4-h4",
            "PAN-OS 11.2.4-h3",
            "PAN-OS 11.2.4-h2",
            "PAN-OS 11.2.4-h1",
            "PAN-OS 11.2.4",
            "PAN-OS 11.2.3-h5",
            "PAN-OS 11.2.3-h4",
            "PAN-OS 11.2.3-h3",
            "PAN-OS 11.2.3-h2",
            "PAN-OS 11.2.3-h1",
            "PAN-OS 11.2.3",
            "PAN-OS 11.2.2-h2",
            "PAN-OS 11.2.2-h1",
            "PAN-OS 11.2.1-h1",
            "PAN-OS 11.2.1",
            "PAN-OS 11.2.0-h1",
            "PAN-OS 11.2.0",
            "PAN-OS 11.1.15",
            "PAN-OS 11.1.14",
            "PAN-OS 11.1.13-h6",
            "PAN-OS 11.1.13-h5",
            "PAN-OS 11.1.13-h3",
            "PAN-OS 11.1.13-h2",
            "PAN-OS 11.1.13-h1",
            "PAN-OS 11.1.13",
            "PAN-OS 11.1.12",
            "PAN-OS 11.1.11",
            "PAN-OS 11.1.10-h26",
            "PAN-OS 11.1.10-h25",
            "PAN-OS 11.1.10-h21",
            "PAN-OS 11.1.10-h12",
            "PAN-OS 11.1.10-h10",
            "PAN-OS 11.1.10-h9",
            "PAN-OS 11.1.10-h7",
            "PAN-OS 11.1.10-h5",
            "PAN-OS 11.1.10-h4",
            "PAN-OS 11.1.10-h1",
            "PAN-OS 11.1.10",
            "PAN-OS 11.1.9",
            "PAN-OS 11.1.8",
            "PAN-OS 11.1.6-h32",
            "PAN-OS 11.1.6-h29",
            "PAN-OS 11.1.6-h25",
            "PAN-OS 11.1.6-h23",
            "PAN-OS 11.1.6-h22",
            "PAN-OS 11.1.6-h21",
            "PAN-OS 11.1.6-h20",
            "PAN-OS 11.1.6-h19",
            "PAN-OS 11.1.6-h18",
            "PAN-OS 11.1.6-h17",
            "PAN-OS 11.1.6-h14",
            "PAN-OS 11.1.6-h10",
            "PAN-OS 11.1.6-h7",
            "PAN-OS 11.1.6-h6",
            "PAN-OS 11.1.6-h4",
            "PAN-OS 11.1.6-h3",
            "PAN-OS 11.1.6-h2",
            "PAN-OS 11.1.6-h1",
            "PAN-OS 11.1.6",
            "PAN-OS 11.1.5-h1",
            "PAN-OS 11.1.5",
            "PAN-OS 11.1.4-h33",
            "PAN-OS 11.1.4-h32",
            "PAN-OS 11.1.4-h27",
            "PAN-OS 11.1.4-h25",
            "PAN-OS 11.1.4-h18",
            "PAN-OS 11.1.4-h17",
            "PAN-OS 11.1.4-h15",
            "PAN-OS 11.1.4-h13",
            "PAN-OS 11.1.4-h12",
            "PAN-OS 11.1.4-h11",
            "PAN-OS 11.1.4-h10",
            "PAN-OS 11.1.4-h9",
            "PAN-OS 11.1.4-h8",
            "PAN-OS 11.1.4-h7",
            "PAN-OS 11.1.4-h6",
            "PAN-OS 11.1.4-h5",
            "PAN-OS 11.1.4-h4",
            "PAN-OS 11.1.4-h3",
            "PAN-OS 11.1.4-h2",
            "PAN-OS 11.1.4-h1",
            "PAN-OS 11.1.4",
            "PAN-OS 11.1.3-h13",
            "PAN-OS 11.1.3-h12",
            "PAN-OS 11.1.3-h11",
            "PAN-OS 11.1.3-h10",
            "PAN-OS 11.1.3-h9",
            "PAN-OS 11.1.3-h8",
            "PAN-OS 11.1.3-h7",
            "PAN-OS 11.1.3-h6",
            "PAN-OS 11.1.3-h5",
            "PAN-OS 11.1.3-h4",
            "PAN-OS 11.1.3-h3",
            "PAN-OS 11.1.3-h2",
            "PAN-OS 11.1.3-h1",
            "PAN-OS 11.1.3",
            "PAN-OS 11.1.2-h18",
            "PAN-OS 11.1.2-h17",
            "PAN-OS 11.1.2-h16",
            "PAN-OS 11.1.2-h15",
            "PAN-OS 11.1.2-h14",
            "PAN-OS 11.1.2-h13",
            "PAN-OS 11.1.2-h12",
            "PAN-OS 11.1.2-h11",
            "PAN-OS 11.1.2-h10",
            "PAN-OS 11.1.2-h9",
            "PAN-OS 11.1.2-h8",
            "PAN-OS 11.1.2-h7",
            "PAN-OS 11.1.2-h6",
            "PAN-OS 11.1.2-h5",
            "PAN-OS 11.1.2-h4",
            "PAN-OS 11.1.2-h3",
            "PAN-OS 11.1.2-h2",
            "PAN-OS 11.1.2-h1",
            "PAN-OS 11.1.2",
            "PAN-OS 11.1.1-h2",
            "PAN-OS 11.1.1-h1",
            "PAN-OS 11.1.1",
            "PAN-OS 11.1.0-h4",
            "PAN-OS 11.1.0-h3",
            "PAN-OS 11.1.0-h2",
            "PAN-OS 11.1.0-h1",
            "PAN-OS 11.1.0",
            "PAN-OS 10.2.18-h6",
            "PAN-OS 10.2.18-h5",
            "PAN-OS 10.2.18-h1",
            "PAN-OS 10.2.18",
            "PAN-OS 10.2.17",
            "PAN-OS 10.2.16-h7",
            "PAN-OS 10.2.16-h6",
            "PAN-OS 10.2.16-h4",
            "PAN-OS 10.2.16-h1",
            "PAN-OS 10.2.16",
            "PAN-OS 10.2.15",
            "PAN-OS 10.2.14-h1",
            "PAN-OS 10.2.14",
            "PAN-OS 10.2.13-h21",
            "PAN-OS 10.2.13-h18",
            "PAN-OS 10.2.13-h16",
            "PAN-OS 10.2.13-h15",
            "PAN-OS 10.2.13-h10",
            "PAN-OS 10.2.13-h7",
            "PAN-OS 10.2.13-h5",
            "PAN-OS 10.2.13-h4",
            "PAN-OS 10.2.13-h3",
            "PAN-OS 10.2.13-h2",
            "PAN-OS 10.2.13-h1",
            "PAN-OS 10.2.13",
            "PAN-OS 10.2.12-h6",
            "PAN-OS 10.2.12-h5",
            "PAN-OS 10.2.12-h4",
            "PAN-OS 10.2.12-h3",
            "PAN-OS 10.2.12-h2",
            "PAN-OS 10.2.12-h1",
            "PAN-OS 10.2.12",
            "PAN-OS 10.2.11-h13",
            "PAN-OS 10.2.11-h12",
            "PAN-OS 10.2.11-h11",
            "PAN-OS 10.2.11-h10",
            "PAN-OS 10.2.11-h9",
            "PAN-OS 10.2.11-h8",
            "PAN-OS 10.2.11-h7",
            "PAN-OS 10.2.11-h6",
            "PAN-OS 10.2.11-h5",
            "PAN-OS 10.2.11-h4",
            "PAN-OS 10.2.11-h3",
            "PAN-OS 10.2.11-h2",
            "PAN-OS 10.2.11-h1",
            "PAN-OS 10.2.11",
            "PAN-OS 10.2.10-h36",
            "PAN-OS 10.2.10-h31",
            "PAN-OS 10.2.10-h30",
            "PAN-OS 10.2.10-h27",
            "PAN-OS 10.2.10-h26",
            "PAN-OS 10.2.10-h23",
            "PAN-OS 10.2.10-h21",
            "PAN-OS 10.2.10-h18",
            "PAN-OS 10.2.10-h17",
            "PAN-OS 10.2.10-h14",
            "PAN-OS 10.2.10-h13",
            "PAN-OS 10.2.10-h12",
            "PAN-OS 10.2.10-h11",
            "PAN-OS 10.2.10-h10",
            "PAN-OS 10.2.10-h9",
            "PAN-OS 10.2.10-h8",
            "PAN-OS 10.2.10-h7",
            "PAN-OS 10.2.10-h6",
            "PAN-OS 10.2.10-h5",
            "PAN-OS 10.2.10-h4",
            "PAN-OS 10.2.10-h3",
            "PAN-OS 10.2.10-h2",
            "PAN-OS 10.2.10-h1",
            "PAN-OS 10.2.10",
            "PAN-OS 10.2.9-h21",
            "PAN-OS 10.2.9-h20",
            "PAN-OS 10.2.9-h19",
            "PAN-OS 10.2.9-h18",
            "PAN-OS 10.2.9-h17",
            "PAN-OS 10.2.9-h16",
            "PAN-OS 10.2.9-h15",
            "PAN-OS 10.2.9-h14",
            "PAN-OS 10.2.9-h13",
            "PAN-OS 10.2.9-h12",
            "PAN-OS 10.2.9-h11",
            "PAN-OS 10.2.9-h10",
            "PAN-OS 10.2.9-h9",
            "PAN-OS 10.2.9-h8",
            "PAN-OS 10.2.9-h7",
            "PAN-OS 10.2.9-h6",
            "PAN-OS 10.2.9-h5",
            "PAN-OS 10.2.9-h4",
            "PAN-OS 10.2.9-h3",
            "PAN-OS 10.2.9-h2",
            "PAN-OS 10.2.9-h1",
            "PAN-OS 10.2.9",
            "PAN-OS 10.2.8-h21",
            "PAN-OS 10.2.8-h20",
            "PAN-OS 10.2.8-h19",
            "PAN-OS 10.2.8-h18",
            "PAN-OS 10.2.8-h17",
            "PAN-OS 10.2.8-h16",
            "PAN-OS 10.2.8-h15",
            "PAN-OS 10.2.8-h14",
            "PAN-OS 10.2.8-h13",
            "PAN-OS 10.2.8-h12",
            "PAN-OS 10.2.8-h11",
            "PAN-OS 10.2.8-h10",
            "PAN-OS 10.2.8-h9",
            "PAN-OS 10.2.8-h8",
            "PAN-OS 10.2.8-h7",
            "PAN-OS 10.2.8-h6",
            "PAN-OS 10.2.8-h5",
            "PAN-OS 10.2.8-h4",
            "PAN-OS 10.2.8-h3",
            "PAN-OS 10.2.8-h2",
            "PAN-OS 10.2.8-h1",
            "PAN-OS 10.2.8",
            "PAN-OS 10.2.7-h34",
            "PAN-OS 10.2.7-h32",
            "PAN-OS 10.2.7-h24",
            "PAN-OS 10.2.7-h23",
            "PAN-OS 10.2.7-h22",
            "PAN-OS 10.2.7-h21",
            "PAN-OS 10.2.7-h20",
            "PAN-OS 10.2.7-h19",
            "PAN-OS 10.2.7-h18",
            "PAN-OS 10.2.7-h17",
            "PAN-OS 10.2.7-h16",
            "PAN-OS 10.2.7-h15",
            "PAN-OS 10.2.7-h14",
            "PAN-OS 10.2.7-h13",
            "PAN-OS 10.2.7-h12",
            "PAN-OS 10.2.7-h11",
            "PAN-OS 10.2.7-h10",
            "PAN-OS 10.2.7-h9",
            "PAN-OS 10.2.7-h8",
            "PAN-OS 10.2.7-h7",
            "PAN-OS 10.2.7-h6",
            "PAN-OS 10.2.7-h5",
            "PAN-OS 10.2.7-h4",
            "PAN-OS 10.2.7-h3",
            "PAN-OS 10.2.7-h2",
            "PAN-OS 10.2.7-h1",
            "PAN-OS 10.2.7",
            "PAN-OS 10.2.6-h6",
            "PAN-OS 10.2.6-h5",
            "PAN-OS 10.2.6-h4",
            "PAN-OS 10.2.6-h3",
            "PAN-OS 10.2.6-h2",
            "PAN-OS 10.2.6-h1",
            "PAN-OS 10.2.6",
            "PAN-OS 10.2.5-h9",
            "PAN-OS 10.2.5-h8",
            "PAN-OS 10.2.5-h7",
            "PAN-OS 10.2.5-h6",
            "PAN-OS 10.2.5-h5",
            "PAN-OS 10.2.5-h4",
            "PAN-OS 10.2.5-h3",
            "PAN-OS 10.2.5-h2",
            "PAN-OS 10.2.5-h1",
            "PAN-OS 10.2.5",
            "PAN-OS 10.2.4-h32",
            "PAN-OS 10.2.4-h31",
            "PAN-OS 10.2.4-h30",
            "PAN-OS 10.2.4-h29",
            "PAN-OS 10.2.4-h28",
            "PAN-OS 10.2.4-h27",
            "PAN-OS 10.2.4-h26",
            "PAN-OS 10.2.4-h25",
            "PAN-OS 10.2.4-h24",
            "PAN-OS 10.2.4-h23",
            "PAN-OS 10.2.4-h22",
            "PAN-OS 10.2.4-h21",
            "PAN-OS 10.2.4-h20",
            "PAN-OS 10.2.4-h19",
            "PAN-OS 10.2.4-h18",
            "PAN-OS 10.2.4-h17",
            "PAN-OS 10.2.4-h16",
            "PAN-OS 10.2.4-h15",
            "PAN-OS 10.2.4-h14",
            "PAN-OS 10.2.4-h13",
            "PAN-OS 10.2.4-h12",
            "PAN-OS 10.2.4-h11",
            "PAN-OS 10.2.4-h10",
            "PAN-OS 10.2.4-h9",
            "PAN-OS 10.2.4-h8",
            "PAN-OS 10.2.4-h7",
            "PAN-OS 10.2.4-h6",
            "PAN-OS 10.2.4-h5",
            "PAN-OS 10.2.4-h4",
            "PAN-OS 10.2.4-h3",
            "PAN-OS 10.2.4-h2",
            "PAN-OS 10.2.4-h1",
            "PAN-OS 10.2.4",
            "PAN-OS 10.2.3-h14",
            "PAN-OS 10.2.3-h13",
            "PAN-OS 10.2.3-h12",
            "PAN-OS 10.2.3-h11",
            "PAN-OS 10.2.3-h10",
            "PAN-OS 10.2.3-h9",
            "PAN-OS 10.2.3-h8",
            "PAN-OS 10.2.3-h7",
            "PAN-OS 10.2.3-h6",
            "PAN-OS 10.2.3-h5",
            "PAN-OS 10.2.3-h4",
            "PAN-OS 10.2.3-h3",
            "PAN-OS 10.2.3-h2",
            "PAN-OS 10.2.3-h1",
            "PAN-OS 10.2.3",
            "PAN-OS 10.2.2-h6",
            "PAN-OS 10.2.2-h5",
            "PAN-OS 10.2.2-h4",
            "PAN-OS 10.2.2-h3",
            "PAN-OS 10.2.2-h2",
            "PAN-OS 10.2.2-h1",
            "PAN-OS 10.2.2",
            "PAN-OS 10.2.1-h3",
            "PAN-OS 10.2.1-h2",
            "PAN-OS 10.2.1-h1",
            "PAN-OS 10.2.1",
            "PAN-OS 10.2.0-h4",
            "PAN-OS 10.2.0-h3",
            "PAN-OS 10.2.0-h2",
            "PAN-OS 10.2.0-h1",
            "PAN-OS 10.2.0"
          ],
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "assignerShortName": "palo_alto",
        "cveId": "CVE-2026-0286",
        "datePublished": "2026-07-09T18:56:29.289Z",
        "dateReserved": "2025-11-03T20:44:44.429Z",
        "dateUpdated": "2026-07-09T19:26:01.748Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-0287 (GCVE-0-2026-0287)

    Vulnerability from cvelistv5 – Published: 2026-07-09 18:51 – Updated: 2026-07-09 19:26
    VLAI
    Title
    PAN-OS: Denial of Service Vulnerabilities in Network Traffic Processing
    Summary
    Multiple denial of service vulnerabilities in Palo Alto Networks PAN-OS® software allow an unauthenticated attacker with network access to cause a denial of service (DoS) condition by sending specially crafted network traffic to or through a dataplane interface. Repeated attempts to trigger this condition result in the firewall entering maintenance mode. Panorama is not impacted by these vulnerabilities.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-754 - Improper Check for Unusual or Exceptional Conditions
    Assigner
    References
    Impacted products
    Vendor Product Version
    Palo Alto Networks Cloud NGFW Affected: All (custom)
    Create a notification for this product.
    Palo Alto Networks PAN-OS Affected: 12.1.0 , < 12.1.4-h8 (custom)
    Affected: 11.2.0 , < 11.2.4-h20 (custom)
    Affected: 11.1.0 , < 11.1.4-h35 (custom)
    Affected: 10.2.0 , < 10.2.7-h36 (custom)
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.7:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.7:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h16:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.15:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.14:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h28:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h27:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h26:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h25:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h34:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h33:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h32:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h29:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h25:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h23:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h22:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h20:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h19:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h34:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h33:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h32:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h27:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h25:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.17:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.15:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.14:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h22:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h16:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h37:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h36:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h31:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h30:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h27:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h26:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h23:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h35:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h34:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h32:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h24:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h23:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h22:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h20:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h19:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h16:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Palo Alto Networks Prisma Access Affected: 11.2.0 , < 11.2.7-h18 (custom)
    Affected: 10.2.0 , < 10.2.10-h39 (custom)
    Create a notification for this product.
    Date Public
    2026-07-08 16:00
    Credits
    our internal security research teams
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-0287",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-09T19:26:14.381516Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-09T19:26:20.257Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "platforms": [
                "AWS",
                "Azure"
              ],
              "product": "Cloud NGFW",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "status": "affected",
                  "version": "All",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.7:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.7:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h16:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.15:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.14:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h28:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h27:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h26:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h25:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h34:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h33:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h32:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h29:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h25:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h23:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h22:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h20:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h19:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h34:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h33:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h32:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h27:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h25:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.17:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.15:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.14:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h22:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h16:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h37:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h36:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h31:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h30:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h27:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h26:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h23:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h35:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h34:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h32:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h24:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h23:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h22:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h20:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h19:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h16:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "PAN-OS",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "12.1.4-h8",
                      "status": "unaffected"
                    },
                    {
                      "at": "12.1.7-h2",
                      "status": "unaffected"
                    },
                    {
                      "at": "12.1.8",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "12.1.4-h8",
                  "status": "affected",
                  "version": "12.1.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "11.2.4-h20",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.2.7-h18",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.2.10-h12",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.2.13",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "11.2.4-h20",
                  "status": "affected",
                  "version": "11.2.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "11.1.4-h35",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.6-h35",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.7-h8",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.10-h30",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.13-h9",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.16",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "11.1.4-h35",
                  "status": "affected",
                  "version": "11.1.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "10.2.7-h36",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.10-h39",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.13-h23",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.16-h9",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.18-h8",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "10.2.7-h36",
                  "status": "affected",
                  "version": "10.2.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Prisma Access",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "11.2.7-h18",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "11.2.7-h18",
                  "status": "affected",
                  "version": "11.2.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "10.2.10-h39",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "10.2.10-h39",
                  "status": "affected",
                  "version": "10.2.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "configurations": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "No special configuration is required to be affected by this issue."
                }
              ],
              "value": "No special configuration is required to be affected by this issue."
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:cloud_ngfw:*:*:*:*:*:AWS:*:*",
                      "versionStartIncluding": "all",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:cloud_ngfw:*:*:*:*:*:Azure:*:*",
                      "versionStartIncluding": "all",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "12.1.4-h8",
                      "versionStartIncluding": "12.1.4",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "12.1.7-h2",
                      "versionStartIncluding": "12.1.7",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "12.1.8",
                      "versionStartIncluding": "12.1.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.4-h20",
                      "versionStartIncluding": "11.2.4",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.7-h18",
                      "versionStartIncluding": "11.2.7",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.10-h12",
                      "versionStartIncluding": "11.2.10",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.13",
                      "versionStartIncluding": "11.2.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.4-h35",
                      "versionStartIncluding": "11.1.4",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.6-h35",
                      "versionStartIncluding": "11.1.6",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.7-h8",
                      "versionStartIncluding": "11.1.7",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.10-h30",
                      "versionStartIncluding": "11.1.10",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.13-h9",
                      "versionStartIncluding": "11.1.13",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.16",
                      "versionStartIncluding": "11.1.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.7-h36",
                      "versionStartIncluding": "10.2.7",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.10-h39",
                      "versionStartIncluding": "10.2.10",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.13-h23",
                      "versionStartIncluding": "10.2.13",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.16-h9",
                      "versionStartIncluding": "10.2.16",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.18-h8",
                      "versionStartIncluding": "10.2.18",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:prisma_access:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.7-h18",
                      "versionStartIncluding": "11.2.7",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:prisma_access:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.10-h39",
                      "versionStartIncluding": "10.2.10",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "our internal security research teams"
            }
          ],
          "datePublic": "2026-07-08T16:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Multiple denial of service vulnerabilities in Palo Alto Networks PAN-OS\u00ae software allow an unauthenticated attacker with network access to cause a denial of service (DoS) condition by sending specially crafted network traffic to or through a dataplane interface. Repeated attempts to trigger this condition result in the firewall entering maintenance mode.\u003cbr\u003e\u003cbr\u003ePanorama is not impacted by these vulnerabilities."
                }
              ],
              "value": "Multiple denial of service vulnerabilities in Palo Alto Networks PAN-OS\u00ae software allow an unauthenticated attacker with network access to cause a denial of service (DoS) condition by sending specially crafted network traffic to or through a dataplane interface. Repeated attempts to trigger this condition result in the firewall entering maintenance mode.\n\nPanorama is not impacted by these vulnerabilities."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
                }
              ],
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-153",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-153 Input Data Manipulation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NO",
                "Recovery": "USER",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 6.6,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "UNREPORTED",
                "privilegesRequired": "NONE",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "CONCENTRATED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:C/RE:M/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "MODERATE"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV4_0": {
                "Automatable": "NO",
                "Recovery": "USER",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "ADJACENT",
                "baseScore": 4.6,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "UNREPORTED",
                "privilegesRequired": "LOW",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "CONCENTRATED",
                "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:C/RE:M/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "MODERATE"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "The risk of exploitation is lower for Prisma Access as it requires an authenticated user and the external network access to the dataplane interface is restricted."
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-754",
                  "description": "CWE-754 Improper Check for Unusual or Exceptional Conditions",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-09T18:51:42.539Z",
            "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
            "shortName": "palo_alto"
          },
          "references": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2026-PAN-323400",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://security.paloaltonetworks.com/CVE-2026-0287"
            }
          ],
          "solutions": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003ctable\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eVersion\u003c/th\u003e\u003cth\u003eMinor Version Range\u003c/th\u003e\u003cth\u003eSuggested Solution\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003eCloud NGFW\u003c/td\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003eCustomers who prefer to upgrade can work with Palo Alto Networks support to schedule an on-demand software upgrade.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 12.1\u003c/td\u003e\u003ctd\u003e12.1.5 through 12.1.7-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 12.1.7-h2 or 12.1.8 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e12.1.2 through 12.1.4-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 12.1.4-h8 or 12.1.8 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 11.2\u003c/td\u003e\u003ctd\u003e11.2.11 through 11.2.12\u003c/td\u003e\u003ctd\u003eUpgrade to 11.2.13 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.2.8 through 11.2.10-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.2.10-h12 or 11.2.13 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.2.5 through 11.2.7-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.2.7-h18 or 11.2.13 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.2.0 through 11.2.4-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.2.4-h20 or 11.2.13 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 11.1\u003c/td\u003e\u003ctd\u003e11.1.14 through 11.1.15\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.16 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.1.11 through 11.1.13-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.13-h9 or 11.1.16 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.1.8 through 11.1.10-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.10-h30 or 11.1.16 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.1.7 through 11.1.7-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.7-h8 or 11.1.16 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.1.5 through 11.1.6-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.6-h35 or 11.1.16 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.1.0 through 11.1.4-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.4-h35 or 11.1.16 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 10.2\u003c/td\u003e\u003ctd\u003e10.2.17 through 10.2.18-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.18-h8 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e10.2.14 through 10.2.16-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.16-h9 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e10.2.11 through 10.2.13-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.13-h23 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e10.2.8 through 10.2.10-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.10-h39 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e10.2.0 through 10.2.7-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.7-h36 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eAll other older\u003cbr\u003eunsupported\u003cbr\u003ePAN-OS versions\u003c/td\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003eUpgrade to a supported fixed version.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePrisma Access 11.2\u003c/td\u003e\u003ctd\u003e11.2.0 through 11.2.7\u003c/td\u003e\u003ctd\u003eUpgrade to 11.2.7-h18 or later.*\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePrisma Access 10.2\u003c/td\u003e\u003ctd\u003e10.2.0 through 10.2.10\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.10-h39 or later.*\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003cbr\u003e* See the note under Product Status for information regarding Cloud NGFW and Prisma Access upgrades."
                }
              ],
              "value": "VersionMinor Version RangeSuggested SolutionCloud NGFW\nCustomers who prefer to upgrade can work with Palo Alto Networks support to schedule an on-demand software upgrade.PAN-OS 12.112.1.5 through 12.1.7-h*Upgrade to 12.1.7-h2 or 12.1.8 or later.\n12.1.2 through 12.1.4-h*Upgrade to 12.1.4-h8 or 12.1.8 or later.PAN-OS 11.211.2.11 through 11.2.12Upgrade to 11.2.13 or later.\n11.2.8 through 11.2.10-h*Upgrade to 11.2.10-h12 or 11.2.13 or later.\n11.2.5 through 11.2.7-h*Upgrade to 11.2.7-h18 or 11.2.13 or later.\n11.2.0 through 11.2.4-h*Upgrade to 11.2.4-h20 or 11.2.13 or later.PAN-OS 11.111.1.14 through 11.1.15Upgrade to 11.1.16 or later.\n11.1.11 through 11.1.13-h*Upgrade to 11.1.13-h9 or 11.1.16 or later.\n11.1.8 through 11.1.10-h*Upgrade to 11.1.10-h30 or 11.1.16 or later.\n11.1.7 through 11.1.7-h*Upgrade to 11.1.7-h8 or 11.1.16 or later.\n11.1.5 through 11.1.6-h*Upgrade to 11.1.6-h35 or 11.1.16 or later.\n11.1.0 through 11.1.4-h*Upgrade to 11.1.4-h35 or 11.1.16 or later.PAN-OS 10.210.2.17 through 10.2.18-h*Upgrade to 10.2.18-h8 or later.\n10.2.14 through 10.2.16-h*Upgrade to 10.2.16-h9 or later.\n10.2.11 through 10.2.13-h*Upgrade to 10.2.13-h23 or later.\n10.2.8 through 10.2.10-h*Upgrade to 10.2.10-h39 or later.\n10.2.0 through 10.2.7-h*Upgrade to 10.2.7-h36 or later.All other older\nunsupported\nPAN-OS versions\nUpgrade to a supported fixed version.Prisma Access 11.211.2.0 through 11.2.7Upgrade to 11.2.7-h18 or later.*Prisma Access 10.210.2.0 through 10.2.10Upgrade to 10.2.10-h39 or later.*\n* See the note under Product Status for information regarding Cloud NGFW and Prisma Access upgrades."
            }
          ],
          "source": {
            "discovery": "INTERNAL"
          },
          "timeline": [
            {
              "lang": "en",
              "time": "2026-07-08T16:00:00.000Z",
              "value": "Initial publication"
            }
          ],
          "title": "PAN-OS: Denial of Service Vulnerabilities in Network Traffic Processing",
          "workarounds": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "No known workarounds exist for this issue."
                }
              ],
              "value": "No known workarounds exist for this issue."
            }
          ],
          "x_affectedList": [
            "PAN-OS 12.1.7-h1",
            "PAN-OS 12.1.7",
            "PAN-OS 12.1.6",
            "PAN-OS 12.1.5",
            "PAN-OS 12.1.4-h7",
            "PAN-OS 12.1.4-h6",
            "PAN-OS 12.1.4-h5",
            "PAN-OS 12.1.4-h3",
            "PAN-OS 12.1.4-h2",
            "PAN-OS 12.1.4",
            "PAN-OS 12.1.3-h3",
            "PAN-OS 12.1.3-h1",
            "PAN-OS 12.1.3",
            "PAN-OS 12.1.2",
            "PAN-OS 11.2.12",
            "PAN-OS 11.2.11",
            "PAN-OS 11.2.10-h10",
            "PAN-OS 11.2.10-h9",
            "PAN-OS 11.2.10-h8",
            "PAN-OS 11.2.10-h7",
            "PAN-OS 11.2.10-h6",
            "PAN-OS 11.2.10-h5",
            "PAN-OS 11.2.10-h4",
            "PAN-OS 11.2.10-h3",
            "PAN-OS 11.2.10-h2",
            "PAN-OS 11.2.10-h1",
            "PAN-OS 11.2.10",
            "PAN-OS 11.2.9",
            "PAN-OS 11.2.8",
            "PAN-OS 11.2.7-h17",
            "PAN-OS 11.2.7-h16",
            "PAN-OS 11.2.7-h15",
            "PAN-OS 11.2.7-h14",
            "PAN-OS 11.2.7-h13",
            "PAN-OS 11.2.7-h12",
            "PAN-OS 11.2.7-h11",
            "PAN-OS 11.2.7-h10",
            "PAN-OS 11.2.7-h8",
            "PAN-OS 11.2.7-h7",
            "PAN-OS 11.2.7-h4",
            "PAN-OS 11.2.7-h3",
            "PAN-OS 11.2.7-h2",
            "PAN-OS 11.2.7-h1",
            "PAN-OS 11.2.7",
            "PAN-OS 11.2.6",
            "PAN-OS 11.2.5",
            "PAN-OS 11.2.4-h18",
            "PAN-OS 11.2.4-h17",
            "PAN-OS 11.2.4-h15",
            "PAN-OS 11.2.4-h14",
            "PAN-OS 11.2.4-h12",
            "PAN-OS 11.2.4-h11",
            "PAN-OS 11.2.4-h10",
            "PAN-OS 11.2.4-h9",
            "PAN-OS 11.2.4-h8",
            "PAN-OS 11.2.4-h7",
            "PAN-OS 11.2.4-h6",
            "PAN-OS 11.2.4-h5",
            "PAN-OS 11.2.4-h4",
            "PAN-OS 11.2.4-h3",
            "PAN-OS 11.2.4-h2",
            "PAN-OS 11.2.4-h1",
            "PAN-OS 11.2.4",
            "PAN-OS 11.2.3-h5",
            "PAN-OS 11.2.3-h4",
            "PAN-OS 11.2.3-h3",
            "PAN-OS 11.2.3-h2",
            "PAN-OS 11.2.3-h1",
            "PAN-OS 11.2.3",
            "PAN-OS 11.2.2-h2",
            "PAN-OS 11.2.2-h1",
            "PAN-OS 11.2.1-h1",
            "PAN-OS 11.2.1",
            "PAN-OS 11.2.0-h1",
            "PAN-OS 11.2.0",
            "PAN-OS 11.1.15",
            "PAN-OS 11.1.14",
            "PAN-OS 11.1.13-h8",
            "PAN-OS 11.1.13-h7",
            "PAN-OS 11.1.13-h6",
            "PAN-OS 11.1.13-h5",
            "PAN-OS 11.1.13-h3",
            "PAN-OS 11.1.13-h2",
            "PAN-OS 11.1.13-h1",
            "PAN-OS 11.1.13",
            "PAN-OS 11.1.12",
            "PAN-OS 11.1.11",
            "PAN-OS 11.1.10-h28",
            "PAN-OS 11.1.10-h27",
            "PAN-OS 11.1.10-h26",
            "PAN-OS 11.1.10-h25",
            "PAN-OS 11.1.10-h21",
            "PAN-OS 11.1.10-h12",
            "PAN-OS 11.1.10-h10",
            "PAN-OS 11.1.10-h9",
            "PAN-OS 11.1.10-h7",
            "PAN-OS 11.1.10-h5",
            "PAN-OS 11.1.10-h4",
            "PAN-OS 11.1.10-h1",
            "PAN-OS 11.1.10",
            "PAN-OS 11.1.9",
            "PAN-OS 11.1.8",
            "PAN-OS 11.1.6-h34",
            "PAN-OS 11.1.6-h33",
            "PAN-OS 11.1.6-h32",
            "PAN-OS 11.1.6-h29",
            "PAN-OS 11.1.6-h25",
            "PAN-OS 11.1.6-h23",
            "PAN-OS 11.1.6-h22",
            "PAN-OS 11.1.6-h21",
            "PAN-OS 11.1.6-h20",
            "PAN-OS 11.1.6-h19",
            "PAN-OS 11.1.6-h18",
            "PAN-OS 11.1.6-h17",
            "PAN-OS 11.1.6-h14",
            "PAN-OS 11.1.6-h10",
            "PAN-OS 11.1.6-h7",
            "PAN-OS 11.1.6-h6",
            "PAN-OS 11.1.6-h4",
            "PAN-OS 11.1.6-h3",
            "PAN-OS 11.1.6-h2",
            "PAN-OS 11.1.6-h1",
            "PAN-OS 11.1.6",
            "PAN-OS 11.1.5-h1",
            "PAN-OS 11.1.5",
            "PAN-OS 11.1.4-h34",
            "PAN-OS 11.1.4-h33",
            "PAN-OS 11.1.4-h32",
            "PAN-OS 11.1.4-h27",
            "PAN-OS 11.1.4-h25",
            "PAN-OS 11.1.4-h18",
            "PAN-OS 11.1.4-h17",
            "PAN-OS 11.1.4-h15",
            "PAN-OS 11.1.4-h13",
            "PAN-OS 11.1.4-h12",
            "PAN-OS 11.1.4-h11",
            "PAN-OS 11.1.4-h10",
            "PAN-OS 11.1.4-h9",
            "PAN-OS 11.1.4-h8",
            "PAN-OS 11.1.4-h7",
            "PAN-OS 11.1.4-h6",
            "PAN-OS 11.1.4-h5",
            "PAN-OS 11.1.4-h4",
            "PAN-OS 11.1.4-h3",
            "PAN-OS 11.1.4-h2",
            "PAN-OS 11.1.4-h1",
            "PAN-OS 11.1.4",
            "PAN-OS 11.1.3-h13",
            "PAN-OS 11.1.3-h12",
            "PAN-OS 11.1.3-h11",
            "PAN-OS 11.1.3-h10",
            "PAN-OS 11.1.3-h9",
            "PAN-OS 11.1.3-h8",
            "PAN-OS 11.1.3-h7",
            "PAN-OS 11.1.3-h6",
            "PAN-OS 11.1.3-h5",
            "PAN-OS 11.1.3-h4",
            "PAN-OS 11.1.3-h3",
            "PAN-OS 11.1.3-h2",
            "PAN-OS 11.1.3-h1",
            "PAN-OS 11.1.3",
            "PAN-OS 11.1.2-h18",
            "PAN-OS 11.1.2-h17",
            "PAN-OS 11.1.2-h16",
            "PAN-OS 11.1.2-h15",
            "PAN-OS 11.1.2-h14",
            "PAN-OS 11.1.2-h13",
            "PAN-OS 11.1.2-h12",
            "PAN-OS 11.1.2-h11",
            "PAN-OS 11.1.2-h10",
            "PAN-OS 11.1.2-h9",
            "PAN-OS 11.1.2-h8",
            "PAN-OS 11.1.2-h7",
            "PAN-OS 11.1.2-h6",
            "PAN-OS 11.1.2-h5",
            "PAN-OS 11.1.2-h4",
            "PAN-OS 11.1.2-h3",
            "PAN-OS 11.1.2-h2",
            "PAN-OS 11.1.2-h1",
            "PAN-OS 11.1.2",
            "PAN-OS 11.1.1-h2",
            "PAN-OS 11.1.1-h1",
            "PAN-OS 11.1.1",
            "PAN-OS 11.1.0-h4",
            "PAN-OS 11.1.0-h3",
            "PAN-OS 11.1.0-h2",
            "PAN-OS 11.1.0-h1",
            "PAN-OS 11.1.0",
            "PAN-OS 10.2.18-h7",
            "PAN-OS 10.2.18-h6",
            "PAN-OS 10.2.18-h5",
            "PAN-OS 10.2.18-h1",
            "PAN-OS 10.2.18",
            "PAN-OS 10.2.17",
            "PAN-OS 10.2.16-h8",
            "PAN-OS 10.2.16-h7",
            "PAN-OS 10.2.16-h6",
            "PAN-OS 10.2.16-h4",
            "PAN-OS 10.2.16-h1",
            "PAN-OS 10.2.16",
            "PAN-OS 10.2.15",
            "PAN-OS 10.2.14-h1",
            "PAN-OS 10.2.14",
            "PAN-OS 10.2.13-h22",
            "PAN-OS 10.2.13-h21",
            "PAN-OS 10.2.13-h18",
            "PAN-OS 10.2.13-h16",
            "PAN-OS 10.2.13-h15",
            "PAN-OS 10.2.13-h10",
            "PAN-OS 10.2.13-h7",
            "PAN-OS 10.2.13-h5",
            "PAN-OS 10.2.13-h4",
            "PAN-OS 10.2.13-h3",
            "PAN-OS 10.2.13-h2",
            "PAN-OS 10.2.13-h1",
            "PAN-OS 10.2.13",
            "PAN-OS 10.2.12-h6",
            "PAN-OS 10.2.12-h5",
            "PAN-OS 10.2.12-h4",
            "PAN-OS 10.2.12-h3",
            "PAN-OS 10.2.12-h2",
            "PAN-OS 10.2.12-h1",
            "PAN-OS 10.2.12",
            "PAN-OS 10.2.11-h13",
            "PAN-OS 10.2.11-h12",
            "PAN-OS 10.2.11-h11",
            "PAN-OS 10.2.11-h10",
            "PAN-OS 10.2.11-h9",
            "PAN-OS 10.2.11-h8",
            "PAN-OS 10.2.11-h7",
            "PAN-OS 10.2.11-h6",
            "PAN-OS 10.2.11-h5",
            "PAN-OS 10.2.11-h4",
            "PAN-OS 10.2.11-h3",
            "PAN-OS 10.2.11-h2",
            "PAN-OS 10.2.11-h1",
            "PAN-OS 10.2.11",
            "PAN-OS 10.2.10-h37",
            "PAN-OS 10.2.10-h36",
            "PAN-OS 10.2.10-h31",
            "PAN-OS 10.2.10-h30",
            "PAN-OS 10.2.10-h27",
            "PAN-OS 10.2.10-h26",
            "PAN-OS 10.2.10-h23",
            "PAN-OS 10.2.10-h21",
            "PAN-OS 10.2.10-h18",
            "PAN-OS 10.2.10-h17",
            "PAN-OS 10.2.10-h14",
            "PAN-OS 10.2.10-h13",
            "PAN-OS 10.2.10-h12",
            "PAN-OS 10.2.10-h11",
            "PAN-OS 10.2.10-h10",
            "PAN-OS 10.2.10-h9",
            "PAN-OS 10.2.10-h8",
            "PAN-OS 10.2.10-h7",
            "PAN-OS 10.2.10-h6",
            "PAN-OS 10.2.10-h5",
            "PAN-OS 10.2.10-h4",
            "PAN-OS 10.2.10-h3",
            "PAN-OS 10.2.10-h2",
            "PAN-OS 10.2.10-h1",
            "PAN-OS 10.2.10",
            "PAN-OS 10.2.9-h21",
            "PAN-OS 10.2.9-h20",
            "PAN-OS 10.2.9-h19",
            "PAN-OS 10.2.9-h18",
            "PAN-OS 10.2.9-h17",
            "PAN-OS 10.2.9-h16",
            "PAN-OS 10.2.9-h15",
            "PAN-OS 10.2.9-h14",
            "PAN-OS 10.2.9-h13",
            "PAN-OS 10.2.9-h12",
            "PAN-OS 10.2.9-h11",
            "PAN-OS 10.2.9-h10",
            "PAN-OS 10.2.9-h9",
            "PAN-OS 10.2.9-h8",
            "PAN-OS 10.2.9-h7",
            "PAN-OS 10.2.9-h6",
            "PAN-OS 10.2.9-h5",
            "PAN-OS 10.2.9-h4",
            "PAN-OS 10.2.9-h3",
            "PAN-OS 10.2.9-h2",
            "PAN-OS 10.2.9-h1",
            "PAN-OS 10.2.9",
            "PAN-OS 10.2.8-h21",
            "PAN-OS 10.2.8-h20",
            "PAN-OS 10.2.8-h19",
            "PAN-OS 10.2.8-h18",
            "PAN-OS 10.2.8-h17",
            "PAN-OS 10.2.8-h16",
            "PAN-OS 10.2.8-h15",
            "PAN-OS 10.2.8-h14",
            "PAN-OS 10.2.8-h13",
            "PAN-OS 10.2.8-h12",
            "PAN-OS 10.2.8-h11",
            "PAN-OS 10.2.8-h10",
            "PAN-OS 10.2.8-h9",
            "PAN-OS 10.2.8-h8",
            "PAN-OS 10.2.8-h7",
            "PAN-OS 10.2.8-h6",
            "PAN-OS 10.2.8-h5",
            "PAN-OS 10.2.8-h4",
            "PAN-OS 10.2.8-h3",
            "PAN-OS 10.2.8-h2",
            "PAN-OS 10.2.8-h1",
            "PAN-OS 10.2.8",
            "PAN-OS 10.2.7-h35",
            "PAN-OS 10.2.7-h34",
            "PAN-OS 10.2.7-h32",
            "PAN-OS 10.2.7-h24",
            "PAN-OS 10.2.7-h23",
            "PAN-OS 10.2.7-h22",
            "PAN-OS 10.2.7-h21",
            "PAN-OS 10.2.7-h20",
            "PAN-OS 10.2.7-h19",
            "PAN-OS 10.2.7-h18",
            "PAN-OS 10.2.7-h17",
            "PAN-OS 10.2.7-h16",
            "PAN-OS 10.2.7-h15",
            "PAN-OS 10.2.7-h14",
            "PAN-OS 10.2.7-h13",
            "PAN-OS 10.2.7-h12",
            "PAN-OS 10.2.7-h11",
            "PAN-OS 10.2.7-h10",
            "PAN-OS 10.2.7-h9",
            "PAN-OS 10.2.7-h8",
            "PAN-OS 10.2.7-h7",
            "PAN-OS 10.2.7-h6",
            "PAN-OS 10.2.7-h5",
            "PAN-OS 10.2.7-h4",
            "PAN-OS 10.2.7-h3",
            "PAN-OS 10.2.7-h2",
            "PAN-OS 10.2.7-h1",
            "PAN-OS 10.2.7",
            "PAN-OS 10.2.6-h6",
            "PAN-OS 10.2.6-h5",
            "PAN-OS 10.2.6-h4",
            "PAN-OS 10.2.6-h3",
            "PAN-OS 10.2.6-h2",
            "PAN-OS 10.2.6-h1",
            "PAN-OS 10.2.6",
            "PAN-OS 10.2.5-h9",
            "PAN-OS 10.2.5-h8",
            "PAN-OS 10.2.5-h7",
            "PAN-OS 10.2.5-h6",
            "PAN-OS 10.2.5-h5",
            "PAN-OS 10.2.5-h4",
            "PAN-OS 10.2.5-h3",
            "PAN-OS 10.2.5-h2",
            "PAN-OS 10.2.5-h1",
            "PAN-OS 10.2.5",
            "PAN-OS 10.2.4-h32",
            "PAN-OS 10.2.4-h31",
            "PAN-OS 10.2.4-h30",
            "PAN-OS 10.2.4-h29",
            "PAN-OS 10.2.4-h28",
            "PAN-OS 10.2.4-h27",
            "PAN-OS 10.2.4-h26",
            "PAN-OS 10.2.4-h25",
            "PAN-OS 10.2.4-h24",
            "PAN-OS 10.2.4-h23",
            "PAN-OS 10.2.4-h22",
            "PAN-OS 10.2.4-h21",
            "PAN-OS 10.2.4-h20",
            "PAN-OS 10.2.4-h19",
            "PAN-OS 10.2.4-h18",
            "PAN-OS 10.2.4-h17",
            "PAN-OS 10.2.4-h16",
            "PAN-OS 10.2.4-h15",
            "PAN-OS 10.2.4-h14",
            "PAN-OS 10.2.4-h13",
            "PAN-OS 10.2.4-h12",
            "PAN-OS 10.2.4-h11",
            "PAN-OS 10.2.4-h10",
            "PAN-OS 10.2.4-h9",
            "PAN-OS 10.2.4-h8",
            "PAN-OS 10.2.4-h7",
            "PAN-OS 10.2.4-h6",
            "PAN-OS 10.2.4-h5",
            "PAN-OS 10.2.4-h4",
            "PAN-OS 10.2.4-h3",
            "PAN-OS 10.2.4-h2",
            "PAN-OS 10.2.4-h1",
            "PAN-OS 10.2.4",
            "PAN-OS 10.2.3-h14",
            "PAN-OS 10.2.3-h13",
            "PAN-OS 10.2.3-h12",
            "PAN-OS 10.2.3-h11",
            "PAN-OS 10.2.3-h10",
            "PAN-OS 10.2.3-h9",
            "PAN-OS 10.2.3-h8",
            "PAN-OS 10.2.3-h7",
            "PAN-OS 10.2.3-h6",
            "PAN-OS 10.2.3-h5",
            "PAN-OS 10.2.3-h4",
            "PAN-OS 10.2.3-h3",
            "PAN-OS 10.2.3-h2",
            "PAN-OS 10.2.3-h1",
            "PAN-OS 10.2.3",
            "PAN-OS 10.2.2-h6",
            "PAN-OS 10.2.2-h5",
            "PAN-OS 10.2.2-h4",
            "PAN-OS 10.2.2-h3",
            "PAN-OS 10.2.2-h2",
            "PAN-OS 10.2.2-h1",
            "PAN-OS 10.2.2",
            "PAN-OS 10.2.1-h3",
            "PAN-OS 10.2.1-h2",
            "PAN-OS 10.2.1-h1",
            "PAN-OS 10.2.1",
            "PAN-OS 10.2.0-h4",
            "PAN-OS 10.2.0-h3",
            "PAN-OS 10.2.0-h2",
            "PAN-OS 10.2.0-h1",
            "PAN-OS 10.2.0"
          ],
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "assignerShortName": "palo_alto",
        "cveId": "CVE-2026-0287",
        "datePublished": "2026-07-09T18:51:42.539Z",
        "dateReserved": "2025-11-03T20:44:45.634Z",
        "dateUpdated": "2026-07-09T19:26:20.257Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-0288 (GCVE-0-2026-0288)

    Vulnerability from cvelistv5 – Published: 2026-07-08 20:14 – Updated: 2026-07-09 18:48
    VLAI
    Title
    PAN-OS: Buffer Overflow Vulnerabilities in User-ID Terminal Server Agent
    Summary
    Multiple buffer overflow vulnerabilities in the User-ID Terminal Server Agent (TSA) component of Palo Alto Networks PAN-OS software allow an unauthenticated attacker with network access to cause a denial of service (DoS) condition or potentially execute arbitrary code by sending specially crafted network traffic. The security risk posed by this issue is minimized when the User-ID Terminal Server Agent connectivity is restricted to only trusted internal IP addresses according to our recommended best practice deployment guidelines https://docs.paloaltonetworks.com/ngfw/help/10-2/user-identification/device-user-identification-terminal-services-agents#:~:text=To%20minimize%20security%20risk%2C%20restrict%20TS%20Agent%20connectivity%20to%20trusted%20internal%20IP%20addresses%20only. . Panorama is not impacted by this vulnerability.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Palo Alto Networks Cloud NGFW Unaffected: All (custom)
    Create a notification for this product.
    Palo Alto Networks PAN-OS Affected: 12.1.0 , < 12.1.8 (custom)
    Affected: 11.2.0 , < 11.2.13 (custom)
    Affected: 11.1.0 , < 11.1.16 (custom)
    Affected: 10.2.0 , < 10.2.7-h36 (custom)
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.7:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.7:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h16:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.15:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.14:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h28:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h27:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h26:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h25:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h34:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h33:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h32:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h29:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h25:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h23:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h22:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h20:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h19:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h34:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h33:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h32:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h27:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h25:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.17:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.15:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.14:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h22:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h16:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h37:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h36:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h31:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h30:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h27:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h26:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h23:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h35:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h34:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h32:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h24:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h23:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h22:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h20:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h19:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h16:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Palo Alto Networks Prisma Access Affected: 11.2.0 , < 11.2.7-h18 (custom)
    Affected: 10.2.0 , < 10.2.10-h39 (custom)
    Create a notification for this product.
    Date Public
    2026-07-08 16:00
    Credits
    Liang Zhu
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-0288",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-09T03:55:51.922548Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-09T13:54:42.864Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "platforms": [
                "AWS",
                "Azure"
              ],
              "product": "Cloud NGFW",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "All",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.7:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.7:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h16:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.15:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.14:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h28:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h27:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h26:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h25:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h34:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h33:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h32:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h29:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h25:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h23:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h22:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h20:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h19:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h34:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h33:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h32:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h27:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h25:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.17:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.15:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.14:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h22:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h16:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h37:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h36:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h31:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h30:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h27:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h26:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h23:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h35:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h34:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h32:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h24:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h23:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h22:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h20:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h19:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h16:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "PAN-OS",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "12.1.8",
                      "status": "unaffected"
                    },
                    {
                      "at": "12.1.7-h2",
                      "status": "unaffected"
                    },
                    {
                      "at": "12.1.4-h8",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "12.1.8",
                  "status": "affected",
                  "version": "12.1.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "11.2.13",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.2.10-h12",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.2.7-h18",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.2.4-h20",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "11.2.13",
                  "status": "affected",
                  "version": "11.2.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "11.1.16",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.13-h9",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.10-h30",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.7-h8",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.6-h35",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.4-h35",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "11.1.16",
                  "status": "affected",
                  "version": "11.1.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "10.2.18-h8",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.16-h9",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.13-h23",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.10-h39",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.7-h36",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "10.2.7-h36",
                  "status": "affected",
                  "version": "10.2.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Prisma Access",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "11.2.7-h18",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "11.2.7-h18",
                  "status": "affected",
                  "version": "11.2.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "10.2.10-h39",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "10.2.10-h39",
                  "status": "affected",
                  "version": "10.2.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "configurations": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003e\u003cspan\u003eThis issue only affects PAN-OS devices with at least one Terminal Server Agent (TSA) entry configured\u003c/span\u003e\u003cb\u003e\u003cspan\u003e\u003cbr\u003e\u003c/span\u003e\u003cspan\u003e\u003cbr\u003e\u003c/span\u003e\u003c/b\u003e\u003cspan\u003eTo check if a PAN-OS device has a Terminal Server Agent configured, navigate to:\u003c/span\u003e\u003cb\u003e\u003cspan\u003e\u003cbr\u003e\u003c/span\u003e\u003cspan\u003e\u003cbr\u003e\u003c/span\u003e\u003c/b\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/ngfw/help/12-1/user-identification/device-user-identification-terminal-services-agents\"\u003e\u003cspan\u003eDevice \u0026gt; User Identification \u0026gt; Terminal Server Agents\u003c/span\u003e\u003c/a\u003e\u003cbr\u003e\u003c/p\u003e"
                }
              ],
              "value": "This issue only affects PAN-OS devices with at least one Terminal Server Agent (TSA) entry configured\n\nTo check if a PAN-OS device has a Terminal Server Agent configured, navigate to:\n\n Device \u003e User Identification \u003e Terminal Server Agents https://docs.paloaltonetworks.com/ngfw/help/12-1/user-identification/device-user-identification-terminal-services-agents"
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "12.1.8",
                      "versionStartIncluding": "12.1.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "12.1.7-h2",
                      "versionStartIncluding": "12.1.7",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "12.1.4-h8",
                      "versionStartIncluding": "12.1.4",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.13",
                      "versionStartIncluding": "11.2.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.10-h12",
                      "versionStartIncluding": "11.2.10",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.7-h18",
                      "versionStartIncluding": "11.2.7",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.4-h20",
                      "versionStartIncluding": "11.2.4",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.16",
                      "versionStartIncluding": "11.1.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.13-h9",
                      "versionStartIncluding": "11.1.13",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.10-h30",
                      "versionStartIncluding": "11.1.10",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.7-h8",
                      "versionStartIncluding": "11.1.7",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.6-h35",
                      "versionStartIncluding": "11.1.6",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.4-h35",
                      "versionStartIncluding": "11.1.4",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.18-h8",
                      "versionStartIncluding": "10.2.18",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.16-h9",
                      "versionStartIncluding": "10.2.16",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.13-h23",
                      "versionStartIncluding": "10.2.13",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.10-h39",
                      "versionStartIncluding": "10.2.10",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.7-h36",
                      "versionStartIncluding": "10.2.7",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:prisma_access:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.7-h18",
                      "versionStartIncluding": "11.2.7",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:prisma_access:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.10-h39",
                      "versionStartIncluding": "10.2.10",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Liang Zhu"
            }
          ],
          "datePublic": "2026-07-08T16:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eMultiple buffer overflow vulnerabilities in the User-ID Terminal Server Agent (TSA) component of Palo Alto Networks PAN-OS software allow an unauthenticated attacker with network access to cause a denial of service (DoS) condition or potentially execute arbitrary code by sending specially crafted network traffic.\u003cb\u003e\u003cbr\u003e\u003cbr\u003e\u003c/b\u003eThe security risk posed by this issue is minimized when the User-ID Terminal Server Agent connectivity is restricted to only trusted internal IP addresses according to our recommended\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/ngfw/help/10-2/user-identification/device-user-identification-terminal-services-agents#:~:text=To%20minimize%20security%20risk%2C%20restrict%20TS%20Agent%20connectivity%20to%20trusted%20internal%20IP%20addresses%20only.\"\u003e best practice deployment guidelines\u003c/a\u003e.\u003cb\u003e\u003cbr\u003e\u003cbr\u003e\u003c/b\u003e\u003cspan\u003ePanorama is not impacted by this vulnerability.\u003c/span\u003e\u003cbr\u003e\u003c/p\u003e"
                }
              ],
              "value": "Multiple buffer overflow vulnerabilities in the User-ID Terminal Server Agent (TSA) component of Palo Alto Networks PAN-OS software allow an unauthenticated attacker with network access to cause a denial of service (DoS) condition or potentially execute arbitrary code by sending specially crafted network traffic.\n\nThe security risk posed by this issue is minimized when the User-ID Terminal Server Agent connectivity is restricted to only trusted internal IP addresses according to our recommended  best practice deployment guidelines https://docs.paloaltonetworks.com/ngfw/help/10-2/user-identification/device-user-identification-terminal-services-agents#:~:text=To%20minimize%20security%20risk%2C%20restrict%20TS%20Agent%20connectivity%20to%20trusted%20internal%20IP%20addresses%20only. .\n\nPanorama is not impacted by this vulnerability."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
                }
              ],
              "value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-100",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-100 Overflow Buffers"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NO",
                "Recovery": "USER",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "NETWORK",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "exploitMaturity": "UNREPORTED",
                "privilegesRequired": "NONE",
                "providerUrgency": "RED",
                "subAvailabilityImpact": "LOW",
                "subConfidentialityImpact": "LOW",
                "subIntegrityImpact": "LOW",
                "userInteraction": "NONE",
                "valueDensity": "DIFFUSE",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/E:U/AU:N/R:U/V:D/RE:M/U:Red",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "MODERATE"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "The risk is highest when you configure the User-ID Terminal Server Agent (TSA) IP and port access from the Internet or any untrusted network."
                }
              ]
            },
            {
              "cvssV4_0": {
                "Automatable": "NO",
                "Recovery": "USER",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "ADJACENT",
                "baseScore": 5.2,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "UNREPORTED",
                "privilegesRequired": "NONE",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "LOW",
                "subConfidentialityImpact": "LOW",
                "subIntegrityImpact": "LOW",
                "userInteraction": "NONE",
                "valueDensity": "DIFFUSE",
                "vectorString": "CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/E:U/AU:N/R:U/V:D/RE:M/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "MODERATE"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "You can reduce the risk of exploitation by restricting User-ID Terminal Server Agent (TSA) IP and port access to only trusted internal IP addresses and preventing its exposure to the internet."
                }
              ]
            },
            {
              "cvssV4_0": {
                "Automatable": "NO",
                "Recovery": "USER",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "ADJACENT",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "UNREPORTED",
                "privilegesRequired": "LOW",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "LOW",
                "subConfidentialityImpact": "LOW",
                "subIntegrityImpact": "LOW",
                "userInteraction": "NONE",
                "valueDensity": "DIFFUSE",
                "vectorString": "CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/E:U/AU:N/R:U/V:D/RE:M/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "MODERATE"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "The risk of exploitation is lower for Prisma Access as it requires an authenticated user and the external network access to the User-ID Terminal Server Agent (TSA) IP and port is restricted."
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787 Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-09T18:48:32.880Z",
            "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
            "shortName": "palo_alto"
          },
          "references": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2026-PAN-323400",
              "url": "https://security.paloaltonetworks.com/"
            }
          ],
          "solutions": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003ctable\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eVersion\u003cbr\u003e\u003c/th\u003e\u003cth\u003eMinor Version\u003cbr\u003e\u003c/th\u003e\u003cth\u003eSuggested Solution\u003cbr\u003e\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003eCloud NGFW\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePAN-OS 12.1\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e12.1.5 through 12.1.7-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 12.1.7-h2 or 12.1.8 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e12.1.2 through 12.1.4-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 12.1.4-h8 or 12.1.8 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePAN-OS 11.2\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.2.0 through 11.2.12\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.2.13 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.2.0 through 11.2.10-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.2.10-h12 or 11.2.13 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.2.0 through 11.2.7-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.2.7-h18 or 11.2.13 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.2.0 through 11.2.4-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.2.4-h20 or 11.2.13 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePAN-OS 11.1\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.0 through 11.1.15\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.16 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.0 through 11.1.13-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.13-h9 or 11.1.16 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.0 through 11.1.10-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.10-h30 or 11.1.16 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.0 through 11.1.7-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.7-h8 or 11.1.16 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.0 through 11.1.6-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.6-h35 or 11.1.16 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.0 through 11.1.4-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.4-h35 or 11.1.16 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePAN-OS 10.2\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e10.2.0 through 10.2.18-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 10.2.18-h8 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u0026nbsp;\u003c/td\u003e\u003ctd\u003e10.2.0 through 10.2.16-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.16-h9 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e10.2.0 through 10.2.13-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 10.2.13-h23 or later.\u003cbr\u003e\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e10.2.0 through 10.2.10-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 10.2.10-h39 or later.\u003cbr\u003e\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e10.2.0 through 10.2.7-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 10.2.7-h36 or later.\u003cbr\u003e\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eAll older\u003cbr\u003eunsupported\u003cbr\u003ePAN-OS versions\u003c/td\u003e\u003ctd\u003e\u0026nbsp;\u003c/td\u003e\u003ctd\u003eUpgrade to a supported fixed version.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePrisma Access 11.2\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.2.0 through 11.2.7\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.2.7-h18 or later.*\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePrisma Access 10.2\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e10.2.0 through 10.2.10\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 10.2.10-h39 or later.*\u003cbr\u003e\u003c/td\u003e\n                            \u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003cbr\u003e* See the note under Product Status for information regarding Prisma Access upgrades."
                }
              ],
              "value": "Version\nMinor Version\nSuggested Solution\nCloud NGFWNo action needed.\n                                PAN-OS 12.1\n\n                                12.1.5 through 12.1.7-h*\n                                Upgrade to 12.1.7-h2 or 12.1.8 or later.\n                            \n                                \n                                12.1.2 through 12.1.4-h*\n                                Upgrade to 12.1.4-h8 or 12.1.8 or later.\n                            \n                                PAN-OS 11.2\n\n                                11.2.0 through 11.2.12\n                                Upgrade to 11.2.13 or later.\n                            \n                                \n                                11.2.0 through 11.2.10-h*\n                                Upgrade to 11.2.10-h12 or 11.2.13 or later.\n                            \n                                \n                                11.2.0 through 11.2.7-h*\n                                Upgrade to 11.2.7-h18 or 11.2.13 or later.\n                            \n                                \n                                11.2.0 through 11.2.4-h*\n                                Upgrade to 11.2.4-h20 or 11.2.13 or later.\n                            \n                                PAN-OS 11.1\n\n                                11.1.0 through 11.1.15\n                                Upgrade to 11.1.16 or later.\n                            \n                                \n                                11.1.0 through 11.1.13-h*\n                                Upgrade to 11.1.13-h9 or 11.1.16 or later.\n                            \n                                \n                                11.1.0 through 11.1.10-h*\n                                Upgrade to 11.1.10-h30 or 11.1.16 or later.\n                            \n                                \n                                11.1.0 through 11.1.7-h*\n                                Upgrade to 11.1.7-h8 or 11.1.16 or later.\n                            \n                                \n                                11.1.0 through 11.1.6-h*\n                                Upgrade to 11.1.6-h35 or 11.1.16 or later.\n                            \n                                \n                                11.1.0 through 11.1.4-h*\n                                Upgrade to 11.1.4-h35 or 11.1.16 or later.\n                            \n                                PAN-OS 10.2\n\n                                10.2.0 through 10.2.18-h*\n                                Upgrade to 10.2.18-h8 or later.\n                            \u00a010.2.0 through 10.2.16-h*Upgrade to 10.2.16-h9 or later.\n                                \n                                10.2.0 through 10.2.13-h*\n                                Upgrade to 10.2.13-h23 or later.\n\n                            \n                                \n                                10.2.0 through 10.2.10-h*\n                                Upgrade to 10.2.10-h39 or later.\n\n                            \n                                \n                                10.2.0 through 10.2.7-h*\n                                Upgrade to 10.2.7-h36 or later.\n\n                            All older\nunsupported\nPAN-OS versions\u00a0Upgrade to a supported fixed version.\n                                Prisma Access 11.2\n\n                                11.2.0 through 11.2.7\n                                Upgrade to 11.2.7-h18 or later.*\n                            \n                                Prisma Access 10.2\n\n                                10.2.0 through 10.2.10\n                                Upgrade to 10.2.10-h39 or later.*\n\n                            \n* See the note under Product Status for information regarding Prisma Access upgrades."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "timeline": [
            {
              "lang": "en",
              "time": "2026-07-08T16:00:00.000Z",
              "value": "Initial publication"
            }
          ],
          "title": "PAN-OS: Buffer Overflow Vulnerabilities in User-ID Terminal Server Agent",
          "workarounds": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eThe vast majority of firewalls already follow Palo Alto Networks\u0027 and industry best practices. However, if you have not already, we strongly recommend that you restrict your User-ID Terminal Server Agent connectivity to only trusted internal IP addresses according to our\u0026nbsp;\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/ngfw/help/10-2/user-identification/device-user-identification-terminal-services-agents#:~:text=To%20minimize%20security%20risk%2C%20restrict%20TS%20Agent%20connectivity%20to%20trusted%20internal%20IP%20addresses%20only.\"\u003ebest practice deployment guidelines\u003c/a\u003e\u003cbr\u003e\u003c/p\u003e"
                }
              ],
              "value": "The vast majority of firewalls already follow Palo Alto Networks\u0027 and industry best practices. However, if you have not already, we strongly recommend that you restrict your User-ID Terminal Server Agent connectivity to only trusted internal IP addresses according to our\u00a0 best practice deployment guidelines https://docs.paloaltonetworks.com/ngfw/help/10-2/user-identification/device-user-identification-terminal-services-agents#:~:text=To%20minimize%20security%20risk%2C%20restrict%20TS%20Agent%20connectivity%20to%20trusted%20internal%20IP%20addresses%20only."
            }
          ],
          "x_affectedList": [
            "PAN-OS 12.1.7",
            "PAN-OS 12.1.6",
            "PAN-OS 12.1.5",
            "PAN-OS 12.1.4-h6",
            "PAN-OS 12.1.4-h5",
            "PAN-OS 12.1.4-h3",
            "PAN-OS 12.1.4-h2",
            "PAN-OS 12.1.4",
            "PAN-OS 12.1.3-h3",
            "PAN-OS 12.1.3-h1",
            "PAN-OS 12.1.3",
            "PAN-OS 12.1.2",
            "PAN-OS 11.2.12",
            "PAN-OS 11.2.11",
            "PAN-OS 11.2.10-h8",
            "PAN-OS 11.2.10-h7",
            "PAN-OS 11.2.10-h6",
            "PAN-OS 11.2.10-h5",
            "PAN-OS 11.2.10-h4",
            "PAN-OS 11.2.10-h3",
            "PAN-OS 11.2.10-h2",
            "PAN-OS 11.2.10-h1",
            "PAN-OS 11.2.10",
            "PAN-OS 11.2.9",
            "PAN-OS 11.2.8",
            "PAN-OS 11.2.7-h15",
            "PAN-OS 11.2.7-h14",
            "PAN-OS 11.2.7-h13",
            "PAN-OS 11.2.7-h12",
            "PAN-OS 11.2.7-h11",
            "PAN-OS 11.2.7-h10",
            "PAN-OS 11.2.7-h8",
            "PAN-OS 11.2.7-h7",
            "PAN-OS 11.2.7-h4",
            "PAN-OS 11.2.7-h3",
            "PAN-OS 11.2.7-h2",
            "PAN-OS 11.2.7-h1",
            "PAN-OS 11.2.7",
            "PAN-OS 11.2.6",
            "PAN-OS 11.2.5",
            "PAN-OS 11.2.4-h17",
            "PAN-OS 11.2.4-h15",
            "PAN-OS 11.2.4-h14",
            "PAN-OS 11.2.4-h12",
            "PAN-OS 11.2.4-h11",
            "PAN-OS 11.2.4-h10",
            "PAN-OS 11.2.4-h9",
            "PAN-OS 11.2.4-h8",
            "PAN-OS 11.2.4-h7",
            "PAN-OS 11.2.4-h6",
            "PAN-OS 11.2.4-h5",
            "PAN-OS 11.2.4-h4",
            "PAN-OS 11.2.4-h3",
            "PAN-OS 11.2.4-h2",
            "PAN-OS 11.2.4-h1",
            "PAN-OS 11.2.4",
            "PAN-OS 11.2.3-h5",
            "PAN-OS 11.2.3-h4",
            "PAN-OS 11.2.3-h3",
            "PAN-OS 11.2.3-h2",
            "PAN-OS 11.2.3-h1",
            "PAN-OS 11.2.3",
            "PAN-OS 11.2.2-h2",
            "PAN-OS 11.2.2-h1",
            "PAN-OS 11.2.1-h1",
            "PAN-OS 11.2.1",
            "PAN-OS 11.2.0-h1",
            "PAN-OS 11.2.0",
            "PAN-OS 11.1.15",
            "PAN-OS 11.1.14",
            "PAN-OS 11.1.13-h6",
            "PAN-OS 11.1.13-h5",
            "PAN-OS 11.1.13-h3",
            "PAN-OS 11.1.13-h2",
            "PAN-OS 11.1.13-h1",
            "PAN-OS 11.1.13",
            "PAN-OS 11.1.12",
            "PAN-OS 11.1.11",
            "PAN-OS 11.1.10-h26",
            "PAN-OS 11.1.10-h25",
            "PAN-OS 11.1.10-h21",
            "PAN-OS 11.1.10-h12",
            "PAN-OS 11.1.10-h10",
            "PAN-OS 11.1.10-h9",
            "PAN-OS 11.1.10-h7",
            "PAN-OS 11.1.10-h5",
            "PAN-OS 11.1.10-h4",
            "PAN-OS 11.1.10-h1",
            "PAN-OS 11.1.10",
            "PAN-OS 11.1.9",
            "PAN-OS 11.1.8",
            "PAN-OS 11.1.6-h32",
            "PAN-OS 11.1.6-h29",
            "PAN-OS 11.1.6-h25",
            "PAN-OS 11.1.6-h23",
            "PAN-OS 11.1.6-h22",
            "PAN-OS 11.1.6-h21",
            "PAN-OS 11.1.6-h20",
            "PAN-OS 11.1.6-h19",
            "PAN-OS 11.1.6-h18",
            "PAN-OS 11.1.6-h17",
            "PAN-OS 11.1.6-h14",
            "PAN-OS 11.1.6-h10",
            "PAN-OS 11.1.6-h7",
            "PAN-OS 11.1.6-h6",
            "PAN-OS 11.1.6-h4",
            "PAN-OS 11.1.6-h3",
            "PAN-OS 11.1.6-h2",
            "PAN-OS 11.1.6-h1",
            "PAN-OS 11.1.6",
            "PAN-OS 11.1.5-h1",
            "PAN-OS 11.1.5",
            "PAN-OS 11.1.4-h33",
            "PAN-OS 11.1.4-h32",
            "PAN-OS 11.1.4-h27",
            "PAN-OS 11.1.4-h25",
            "PAN-OS 11.1.4-h18",
            "PAN-OS 11.1.4-h17",
            "PAN-OS 11.1.4-h15",
            "PAN-OS 11.1.4-h13",
            "PAN-OS 11.1.4-h12",
            "PAN-OS 11.1.4-h11",
            "PAN-OS 11.1.4-h10",
            "PAN-OS 11.1.4-h9",
            "PAN-OS 11.1.4-h8",
            "PAN-OS 11.1.4-h7",
            "PAN-OS 11.1.4-h6",
            "PAN-OS 11.1.4-h5",
            "PAN-OS 11.1.4-h4",
            "PAN-OS 11.1.4-h3",
            "PAN-OS 11.1.4-h2",
            "PAN-OS 11.1.4-h1",
            "PAN-OS 11.1.4",
            "PAN-OS 11.1.3-h13",
            "PAN-OS 11.1.3-h12",
            "PAN-OS 11.1.3-h11",
            "PAN-OS 11.1.3-h10",
            "PAN-OS 11.1.3-h9",
            "PAN-OS 11.1.3-h8",
            "PAN-OS 11.1.3-h7",
            "PAN-OS 11.1.3-h6",
            "PAN-OS 11.1.3-h5",
            "PAN-OS 11.1.3-h4",
            "PAN-OS 11.1.3-h3",
            "PAN-OS 11.1.3-h2",
            "PAN-OS 11.1.3-h1",
            "PAN-OS 11.1.3",
            "PAN-OS 11.1.2-h18",
            "PAN-OS 11.1.2-h17",
            "PAN-OS 11.1.2-h16",
            "PAN-OS 11.1.2-h15",
            "PAN-OS 11.1.2-h14",
            "PAN-OS 11.1.2-h13",
            "PAN-OS 11.1.2-h12",
            "PAN-OS 11.1.2-h11",
            "PAN-OS 11.1.2-h10",
            "PAN-OS 11.1.2-h9",
            "PAN-OS 11.1.2-h8",
            "PAN-OS 11.1.2-h7",
            "PAN-OS 11.1.2-h6",
            "PAN-OS 11.1.2-h5",
            "PAN-OS 11.1.2-h4",
            "PAN-OS 11.1.2-h3",
            "PAN-OS 11.1.2-h2",
            "PAN-OS 11.1.2-h1",
            "PAN-OS 11.1.2",
            "PAN-OS 11.1.1-h2",
            "PAN-OS 11.1.1-h1",
            "PAN-OS 11.1.1",
            "PAN-OS 11.1.0-h4",
            "PAN-OS 11.1.0-h3",
            "PAN-OS 11.1.0-h2",
            "PAN-OS 11.1.0-h1",
            "PAN-OS 11.1.0",
            "PAN-OS 10.2.18-h6",
            "PAN-OS 10.2.18-h5",
            "PAN-OS 10.2.18-h1",
            "PAN-OS 10.2.18",
            "PAN-OS 10.2.17",
            "PAN-OS 10.2.16-h7",
            "PAN-OS 10.2.16-h6",
            "PAN-OS 10.2.16-h4",
            "PAN-OS 10.2.16-h1",
            "PAN-OS 10.2.16",
            "PAN-OS 10.2.15",
            "PAN-OS 10.2.14-h1",
            "PAN-OS 10.2.14",
            "PAN-OS 10.2.13-h21",
            "PAN-OS 10.2.13-h18",
            "PAN-OS 10.2.13-h16",
            "PAN-OS 10.2.13-h15",
            "PAN-OS 10.2.13-h10",
            "PAN-OS 10.2.13-h7",
            "PAN-OS 10.2.13-h5",
            "PAN-OS 10.2.13-h4",
            "PAN-OS 10.2.13-h3",
            "PAN-OS 10.2.13-h2",
            "PAN-OS 10.2.13-h1",
            "PAN-OS 10.2.13",
            "PAN-OS 10.2.12-h6",
            "PAN-OS 10.2.12-h5",
            "PAN-OS 10.2.12-h4",
            "PAN-OS 10.2.12-h3",
            "PAN-OS 10.2.12-h2",
            "PAN-OS 10.2.12-h1",
            "PAN-OS 10.2.12",
            "PAN-OS 10.2.11-h13",
            "PAN-OS 10.2.11-h12",
            "PAN-OS 10.2.11-h11",
            "PAN-OS 10.2.11-h10",
            "PAN-OS 10.2.11-h9",
            "PAN-OS 10.2.11-h8",
            "PAN-OS 10.2.11-h7",
            "PAN-OS 10.2.11-h6",
            "PAN-OS 10.2.11-h5",
            "PAN-OS 10.2.11-h4",
            "PAN-OS 10.2.11-h3",
            "PAN-OS 10.2.11-h2",
            "PAN-OS 10.2.11-h1",
            "PAN-OS 10.2.11",
            "PAN-OS 10.2.10-h36",
            "PAN-OS 10.2.10-h31",
            "PAN-OS 10.2.10-h30",
            "PAN-OS 10.2.10-h27",
            "PAN-OS 10.2.10-h26",
            "PAN-OS 10.2.10-h23",
            "PAN-OS 10.2.10-h21",
            "PAN-OS 10.2.10-h18",
            "PAN-OS 10.2.10-h17",
            "PAN-OS 10.2.10-h14",
            "PAN-OS 10.2.10-h13",
            "PAN-OS 10.2.10-h12",
            "PAN-OS 10.2.10-h11",
            "PAN-OS 10.2.10-h10",
            "PAN-OS 10.2.10-h9",
            "PAN-OS 10.2.10-h8",
            "PAN-OS 10.2.10-h7",
            "PAN-OS 10.2.10-h6",
            "PAN-OS 10.2.10-h5",
            "PAN-OS 10.2.10-h4",
            "PAN-OS 10.2.10-h3",
            "PAN-OS 10.2.10-h2",
            "PAN-OS 10.2.10-h1",
            "PAN-OS 10.2.10",
            "PAN-OS 10.2.9-h21",
            "PAN-OS 10.2.9-h20",
            "PAN-OS 10.2.9-h19",
            "PAN-OS 10.2.9-h18",
            "PAN-OS 10.2.9-h17",
            "PAN-OS 10.2.9-h16",
            "PAN-OS 10.2.9-h15",
            "PAN-OS 10.2.9-h14",
            "PAN-OS 10.2.9-h13",
            "PAN-OS 10.2.9-h12",
            "PAN-OS 10.2.9-h11",
            "PAN-OS 10.2.9-h10",
            "PAN-OS 10.2.9-h9",
            "PAN-OS 10.2.9-h8",
            "PAN-OS 10.2.9-h7",
            "PAN-OS 10.2.9-h6",
            "PAN-OS 10.2.9-h5",
            "PAN-OS 10.2.9-h4",
            "PAN-OS 10.2.9-h3",
            "PAN-OS 10.2.9-h2",
            "PAN-OS 10.2.9-h1",
            "PAN-OS 10.2.9",
            "PAN-OS 10.2.8-h21",
            "PAN-OS 10.2.8-h20",
            "PAN-OS 10.2.8-h19",
            "PAN-OS 10.2.8-h18",
            "PAN-OS 10.2.8-h17",
            "PAN-OS 10.2.8-h16",
            "PAN-OS 10.2.8-h15",
            "PAN-OS 10.2.8-h14",
            "PAN-OS 10.2.8-h13",
            "PAN-OS 10.2.8-h12",
            "PAN-OS 10.2.8-h11",
            "PAN-OS 10.2.8-h10",
            "PAN-OS 10.2.8-h9",
            "PAN-OS 10.2.8-h8",
            "PAN-OS 10.2.8-h7",
            "PAN-OS 10.2.8-h6",
            "PAN-OS 10.2.8-h5",
            "PAN-OS 10.2.8-h4",
            "PAN-OS 10.2.8-h3",
            "PAN-OS 10.2.8-h2",
            "PAN-OS 10.2.8-h1",
            "PAN-OS 10.2.8",
            "PAN-OS 10.2.7-h34",
            "PAN-OS 10.2.7-h32",
            "PAN-OS 10.2.7-h24",
            "PAN-OS 10.2.7-h23",
            "PAN-OS 10.2.7-h22",
            "PAN-OS 10.2.7-h21",
            "PAN-OS 10.2.7-h20",
            "PAN-OS 10.2.7-h19",
            "PAN-OS 10.2.7-h18",
            "PAN-OS 10.2.7-h17",
            "PAN-OS 10.2.7-h16",
            "PAN-OS 10.2.7-h15",
            "PAN-OS 10.2.7-h14",
            "PAN-OS 10.2.7-h13",
            "PAN-OS 10.2.7-h12",
            "PAN-OS 10.2.7-h11",
            "PAN-OS 10.2.7-h10",
            "PAN-OS 10.2.7-h9",
            "PAN-OS 10.2.7-h8",
            "PAN-OS 10.2.7-h7",
            "PAN-OS 10.2.7-h6",
            "PAN-OS 10.2.7-h5",
            "PAN-OS 10.2.7-h4",
            "PAN-OS 10.2.7-h3",
            "PAN-OS 10.2.7-h2",
            "PAN-OS 10.2.7-h1",
            "PAN-OS 10.2.7",
            "PAN-OS 10.2.6-h6",
            "PAN-OS 10.2.6-h5",
            "PAN-OS 10.2.6-h4",
            "PAN-OS 10.2.6-h3",
            "PAN-OS 10.2.6-h2",
            "PAN-OS 10.2.6-h1",
            "PAN-OS 10.2.6",
            "PAN-OS 10.2.5-h9",
            "PAN-OS 10.2.5-h8",
            "PAN-OS 10.2.5-h7",
            "PAN-OS 10.2.5-h6",
            "PAN-OS 10.2.5-h5",
            "PAN-OS 10.2.5-h4",
            "PAN-OS 10.2.5-h3",
            "PAN-OS 10.2.5-h2",
            "PAN-OS 10.2.5-h1",
            "PAN-OS 10.2.5",
            "PAN-OS 10.2.4-h32",
            "PAN-OS 10.2.4-h31",
            "PAN-OS 10.2.4-h30",
            "PAN-OS 10.2.4-h29",
            "PAN-OS 10.2.4-h28",
            "PAN-OS 10.2.4-h27",
            "PAN-OS 10.2.4-h26",
            "PAN-OS 10.2.4-h25",
            "PAN-OS 10.2.4-h24",
            "PAN-OS 10.2.4-h23",
            "PAN-OS 10.2.4-h22",
            "PAN-OS 10.2.4-h21",
            "PAN-OS 10.2.4-h20",
            "PAN-OS 10.2.4-h19",
            "PAN-OS 10.2.4-h18",
            "PAN-OS 10.2.4-h17",
            "PAN-OS 10.2.4-h16",
            "PAN-OS 10.2.4-h15",
            "PAN-OS 10.2.4-h14",
            "PAN-OS 10.2.4-h13",
            "PAN-OS 10.2.4-h12",
            "PAN-OS 10.2.4-h11",
            "PAN-OS 10.2.4-h10",
            "PAN-OS 10.2.4-h9",
            "PAN-OS 10.2.4-h8",
            "PAN-OS 10.2.4-h7",
            "PAN-OS 10.2.4-h6",
            "PAN-OS 10.2.4-h5",
            "PAN-OS 10.2.4-h4",
            "PAN-OS 10.2.4-h3",
            "PAN-OS 10.2.4-h2",
            "PAN-OS 10.2.4-h1",
            "PAN-OS 10.2.4",
            "PAN-OS 10.2.3-h14",
            "PAN-OS 10.2.3-h13",
            "PAN-OS 10.2.3-h12",
            "PAN-OS 10.2.3-h11",
            "PAN-OS 10.2.3-h10",
            "PAN-OS 10.2.3-h9",
            "PAN-OS 10.2.3-h8",
            "PAN-OS 10.2.3-h7",
            "PAN-OS 10.2.3-h6",
            "PAN-OS 10.2.3-h5",
            "PAN-OS 10.2.3-h4",
            "PAN-OS 10.2.3-h3",
            "PAN-OS 10.2.3-h2",
            "PAN-OS 10.2.3-h1",
            "PAN-OS 10.2.3",
            "PAN-OS 10.2.2-h6",
            "PAN-OS 10.2.2-h5",
            "PAN-OS 10.2.2-h4",
            "PAN-OS 10.2.2-h3",
            "PAN-OS 10.2.2-h2",
            "PAN-OS 10.2.2-h1",
            "PAN-OS 10.2.2",
            "PAN-OS 10.2.1-h3",
            "PAN-OS 10.2.1-h2",
            "PAN-OS 10.2.1-h1",
            "PAN-OS 10.2.1",
            "PAN-OS 10.2.0-h4",
            "PAN-OS 10.2.0-h3",
            "PAN-OS 10.2.0-h2",
            "PAN-OS 10.2.0-h1",
            "PAN-OS 10.2.0"
          ],
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "assignerShortName": "palo_alto",
        "cveId": "CVE-2026-0288",
        "datePublished": "2026-07-08T20:14:32.405Z",
        "dateReserved": "2025-11-03T20:44:46.432Z",
        "dateUpdated": "2026-07-09T18:48:32.880Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-0273 (GCVE-0-2026-0273)

    Vulnerability from cvelistv5 – Published: 2026-06-10 21:01 – Updated: 2026-06-11 10:17
    VLAI
    Title
    PAN-OS: Authenticated Admin Command Injection Vulnerability via CLI or Web UI
    Summary
    A command injection vulnerability in Palo Alto Networks PAN-OS® software enables an authenticated administrator to bypass system restrictions and run arbitrary commands as a root user. To be able to exploit this issue, the user must have access to the PAN-OS CLI or Web UI. The security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of administrators and by restricting access to the management web interface to only trusted internal IP addresses according to our recommended best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 . This issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series). Cloud NGFW and Prisma® Access are not affected by this vulnerability.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    References
    Impacted products
    Vendor Product Version
    Palo Alto Networks Cloud NGFW Unaffected: All (custom)
    Create a notification for this product.
    Palo Alto Networks PAN-OS Affected: 12.1.0 , < 12.1.4-h7 (custom)
    Affected: 11.2.0 , < 11.2.4-h18 (custom)
    Affected: 11.1.0 , < 11.1.4-h34 (custom)
    Affected: 10.2.0 , < 10.2.7-h35 (custom)
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.14:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h26:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h25:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h32:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h29:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h25:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h23:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h22:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h20:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h19:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h33:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h32:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h27:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h25:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.17:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.15:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.14:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h16:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h36:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h31:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h30:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h27:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h26:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h23:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h34:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h32:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h24:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h23:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h22:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h20:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h19:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h16:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Palo Alto Networks Prisma Access Unaffected: All (custom)
    Create a notification for this product.
    Date Public
    2026-06-10 16:00
    Credits
    Visa Inc. (external reporter), Rotem Bar (internal reporter), and Deep Product Security Research Team (internal reporter)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-0273",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-11T03:55:36.838015Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-11T10:17:28.325Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Cloud NGFW",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "All",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.14:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h26:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h25:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h32:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h29:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h25:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h23:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h22:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h20:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h19:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h33:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h32:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h27:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h25:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.17:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.15:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.14:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h16:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h36:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h31:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h30:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h27:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h26:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h23:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h34:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h32:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h24:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h23:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h22:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h20:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h19:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h16:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "PAN-OS",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "12.1.4-h7",
                      "status": "unaffected"
                    },
                    {
                      "at": "12.1.7",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "12.1.4-h7",
                  "status": "affected",
                  "version": "12.1.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "11.2.4-h18",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.2.7-h16",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.2.10-h9",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.2.12",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "11.2.4-h18",
                  "status": "affected",
                  "version": "11.2.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "11.1.4-h34",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.6-h33",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.7-h7",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.10-h27",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.13-h7",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.15",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "11.1.4-h34",
                  "status": "affected",
                  "version": "11.1.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "10.2.7-h35",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.10-h37",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.13-h22",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.16-h8",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.18-h7",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "10.2.7-h35",
                  "status": "affected",
                  "version": "10.2.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Prisma Access",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "All",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "configurations": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "No special configuration is required to be affected by this issue."
                }
              ],
              "value": "No special configuration is required to be affected by this issue."
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "12.1.4-h7",
                      "versionStartIncluding": "12.1.4",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "12.1.7",
                      "versionStartIncluding": "12.1.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.4-h18",
                      "versionStartIncluding": "11.2.4",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.7-h16",
                      "versionStartIncluding": "11.2.7",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.10-h9",
                      "versionStartIncluding": "11.2.10",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.12",
                      "versionStartIncluding": "11.2.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.4-h34",
                      "versionStartIncluding": "11.1.4",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.6-h33",
                      "versionStartIncluding": "11.1.6",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.7-h7",
                      "versionStartIncluding": "11.1.7",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.10-h27",
                      "versionStartIncluding": "11.1.10",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.13-h7",
                      "versionStartIncluding": "11.1.13",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.15",
                      "versionStartIncluding": "11.1.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.7-h35",
                      "versionStartIncluding": "10.2.7",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.10-h37",
                      "versionStartIncluding": "10.2.10",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.13-h22",
                      "versionStartIncluding": "10.2.13",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.16-h8",
                      "versionStartIncluding": "10.2.16",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.18-h7",
                      "versionStartIncluding": "10.2.18",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Visa Inc. (external reporter), Rotem Bar (internal reporter), and Deep Product Security Research Team (internal reporter)"
            }
          ],
          "datePublic": "2026-06-10T16:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A command injection vulnerability in Palo Alto Networks PAN-OS\u00ae software enables an authenticated administrator to bypass system restrictions and run arbitrary commands as a root user. To be able to exploit this issue, the user must have access to the PAN-OS CLI or Web UI.\u003cbr\u003e\u003cbr\u003eThe security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of administrators and by restricting access to the management web interface to only trusted internal IP addresses according to our recommended \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431\"\u003ebest practice deployment guidelines\u003c/a\u003e.\u003cbr\u003e\u003cbr\u003eThis issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series).\u003cbr\u003e\u003cbr\u003eCloud NGFW and Prisma\u00ae Access are not affected by this vulnerability."
                }
              ],
              "value": "A command injection vulnerability in Palo Alto Networks PAN-OS\u00ae software enables an authenticated administrator to bypass system restrictions and run arbitrary commands as a root user. To be able to exploit this issue, the user must have access to the PAN-OS CLI or Web UI.\n\nThe security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of administrators and by restricting access to the management web interface to only trusted internal IP addresses according to our recommended  best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 .\n\nThis issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series).\n\nCloud NGFW and Prisma\u00ae Access are not affected by this vulnerability."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
                }
              ],
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-248",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-248 Command Injection"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NO",
                "Recovery": "USER",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 6.1,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "UNREPORTED",
                "privilegesRequired": "HIGH",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "DIFFUSE",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "MODERATE"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "The risk is highest when you allow access to the management interface from external IP addresses on the internet. Our recommendation is to remediate as soon as possible."
                }
              ]
            },
            {
              "cvssV4_0": {
                "Automatable": "NO",
                "Recovery": "USER",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 5.7,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "UNREPORTED",
                "privilegesRequired": "HIGH",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "DIFFUSE",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "MODERATE"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "You can reduce the risk of exploitation by restricting access to a jump box that is the only system allowed to access the management interface. This will ensure that attacks can succeed only if they obtain privileged access through those specified IP addresses."
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-10T21:01:45.198Z",
            "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
            "shortName": "palo_alto"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://security.paloaltonetworks.com/CVE-2026-0273"
            }
          ],
          "solutions": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003ctable class=\"tbl\"\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eVersion\u003c/th\u003e\u003cth\u003eMinor Version Range\u003c/th\u003e\u003cth\u003eSuggested Solution\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003eCloud NGFW\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 12.1\u003c/td\u003e\u003ctd\u003e12.1.5 through 12.1.6\u003cbr\u003e\u003c/td\u003e\u003ctd\u003eUpgrade to 12.1.7 or later.\u003cbr\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u0026nbsp;\u003c/td\u003e\u003ctd\u003e\u003cspan\u003e12.1.2 through 12.1.4-h*\u003c/span\u003e\u003c/td\u003e\u003ctd\u003e\u003cspan\u003eUpgrade to 12.1.4-h7 or 12.1.7 or later.\u003c/span\u003e\u003cbr\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cspan\u003ePAN-OS 11.2\u003c/span\u003e\u003c/td\u003e\u003ctd\u003e11.2.11 or later\u003c/td\u003e\u003ctd\u003eUpgrade to 11.2.12 or later.\u003cbr\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.2.8 through 11.2.10-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.2.10-h9 or 11.2.12 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.2.5 through 11.2.7-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.2.7-h16 or 11.2.12 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.2.0 through 11.2.4-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.2.4-h18 or 11.2.12 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cspan\u003ePAN-OS 11.1\u003c/span\u003e\u003c/td\u003e\u003ctd\u003e11.1.14 or later\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.15 or later.\u003cbr\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.1.11 through 11.1.13-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.13-h7 or 11.1.15 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u0026nbsp;\u003c/td\u003e\u003ctd\u003e11.1.8 through 11.1.10-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.10-h27 or 11.1.15 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.1.7 through 11.1.7-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.7-h7 or 11.1.15 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.1.5 through 11.1.6-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.6-h33 or 11.1.15 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.1.0 through 11.1.4-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.4-h34 or 11.1.15 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 10.2\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e10.2.17 or later\u003cbr\u003e\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.18-h7 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e10.2.14 through 10.2.16-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.16-h8 or 10.2.18-h7 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e10.2.11 through 10.2.13-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.13-h22 or 10.2.18-h7 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e10.2.8 through 10.2.10-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.10-h37 or 10.2.18-h7 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e10.2.0 through 10.2.7-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.7-h35 or 10.2.18-h7 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eAll other older\u003cbr\u003eunsupported\u003cbr\u003ePAN-OS versions\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eUpgrade to a supported fixed version.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePrisma Access\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e"
                }
              ],
              "value": "VERSION           MINOR VERSION RANGE          SUGGESTED SOLUTION\nCloud NGFW                                     No action needed.\nPAN-OS 12.1       12.1.5 through 12.1.6        Upgrade to 12.1.7 or later.\n\u00a0                 12.1.2 through 12.1.4-h*     Upgrade to 12.1.4-h7 or 12.1.7 or later.\nPAN-OS 11.2       11.2.11 or later             Upgrade to 11.2.12 or later.\n                  11.2.8 through 11.2.10-h*    Upgrade to 11.2.10-h9 or 11.2.12 or later.\n                  11.2.5 through 11.2.7-h*     Upgrade to 11.2.7-h16 or 11.2.12 or later.\n                  11.2.0 through 11.2.4-h*     Upgrade to 11.2.4-h18 or 11.2.12 or later.\nPAN-OS 11.1       11.1.14 or later             Upgrade to 11.1.15 or later.\n                  11.1.11 through 11.1.13-h*   Upgrade to 11.1.13-h7 or 11.1.15 or later.\n\u00a0                 11.1.8 through 11.1.10-h*    Upgrade to 11.1.10-h27 or 11.1.15 or later.\n                  11.1.7 through 11.1.7-h*     Upgrade to 11.1.7-h7 or 11.1.15 or later.\n                  11.1.5 through 11.1.6-h*     Upgrade to 11.1.6-h33 or 11.1.15 or later.\n                  11.1.0 through 11.1.4-h*     Upgrade to 11.1.4-h34 or 11.1.15 or later.\nPAN-OS 10.2       10.2.17 or later             Upgrade to 10.2.18-h7 or later.\n                  10.2.14 through 10.2.16-h*   Upgrade to 10.2.16-h8 or 10.2.18-h7 or later.\n                  10.2.11 through 10.2.13-h*   Upgrade to 10.2.13-h22 or 10.2.18-h7 or later.\n                  10.2.8 through 10.2.10-h*    Upgrade to 10.2.10-h37 or 10.2.18-h7 or later.\n                  10.2.0 through 10.2.7-h*     Upgrade to 10.2.7-h35 or 10.2.18-h7 or later.\nAll other older                                Upgrade to a supported fixed version.\nunsupported\nPAN-OS versions\nPrisma Access                                  No action needed."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "timeline": [
            {
              "lang": "en",
              "time": "2026-06-10T16:00:00.000Z",
              "value": "Initial Publication"
            }
          ],
          "title": "PAN-OS: Authenticated Admin Command Injection Vulnerability via CLI or Web UI",
          "workarounds": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003e\u003cspan\u003eThe vast majority of firewalls already follow Palo Alto Networks\u0027 and industry best practices. However, if you have not done so already, we strongly recommend that you secure access to your management interface according to our \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/community-blogs/critical-recommendations-for-deployment-guides-how-to-secure-the/ba-p/464431\"\u003e\u003cspan\u003ebest practice deployment guidelines\u003c/span\u003e\u003c/a\u003e\u003cspan\u003e. Specifically, you should restrict management interface access to only trusted internal IP addresses.\u003c/span\u003e\u003cb\u003e\u003cspan\u003e\u003cbr\u003e\u003c/span\u003e\u003cspan\u003e\u003cbr\u003e\u003c/span\u003e\u003c/b\u003e\u003cspan\u003eReview information about how to secure management access to your Palo Alto Networks firewalls:\u003c/span\u003e\u003cb\u003e\u003cspan\u003e\u003cbr\u003e\u003c/span\u003e\u003cspan\u003e\u003cbr\u003e\u003c/span\u003e\u003c/b\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431\"\u003e\u003cspan\u003ePalo Alto Networks LIVEcommunity article\u003c/span\u003e\u003c/a\u003e\u003cb\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431\"\u003e\u003cspan\u003e\u003cbr\u003e\u003c/span\u003e\u003cspan\u003e\u003cbr\u003e\u003c/span\u003e\u003c/a\u003e\u003c/b\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices\"\u003e\u003cspan\u003ePalo Alto Networks official and detailed technical documentation\u003c/span\u003e\u003c/a\u003e\u003cbr\u003e\u003c/p\u003e"
                }
              ],
              "value": "The vast majority of firewalls already follow Palo Alto Networks\u0027 and industry best practices. However, if you have not done so already, we strongly recommend that you secure access to your management interface according to our best practice deployment guidelines (https://live.paloaltonetworks.com/t5/community-blogs/critical-recommendations-for-deployment-guides-how-to-secure-the/ba-p/464431). Specifically, you should restrict management interface access to only trusted internal IP addresses.\n\nReview information about how to secure management access to your Palo Alto Networks firewalls:\n\nPalo Alto Networks LIVEcommunity article (https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431)\n\nhttps://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431Palo Alto Networks official and detailed technical documentation (https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices)"
            }
          ],
          "x_affectedList": [
            "PAN-OS 12.1.6",
            "PAN-OS 12.1.5",
            "PAN-OS 12.1.4-h6",
            "PAN-OS 12.1.4-h5",
            "PAN-OS 12.1.4-h3",
            "PAN-OS 12.1.4-h2",
            "PAN-OS 12.1.4",
            "PAN-OS 12.1.3-h3",
            "PAN-OS 12.1.3-h1",
            "PAN-OS 12.1.3",
            "PAN-OS 12.1.2",
            "PAN-OS 11.2.11",
            "PAN-OS 11.2.10-h8",
            "PAN-OS 11.2.10-h7",
            "PAN-OS 11.2.10-h6",
            "PAN-OS 11.2.10-h5",
            "PAN-OS 11.2.10-h4",
            "PAN-OS 11.2.10-h3",
            "PAN-OS 11.2.10-h2",
            "PAN-OS 11.2.10-h1",
            "PAN-OS 11.2.10",
            "PAN-OS 11.2.9",
            "PAN-OS 11.2.8",
            "PAN-OS 11.2.7-h15",
            "PAN-OS 11.2.7-h14",
            "PAN-OS 11.2.7-h13",
            "PAN-OS 11.2.7-h12",
            "PAN-OS 11.2.7-h11",
            "PAN-OS 11.2.7-h10",
            "PAN-OS 11.2.7-h8",
            "PAN-OS 11.2.7-h7",
            "PAN-OS 11.2.7-h4",
            "PAN-OS 11.2.7-h3",
            "PAN-OS 11.2.7-h2",
            "PAN-OS 11.2.7-h1",
            "PAN-OS 11.2.7",
            "PAN-OS 11.2.6",
            "PAN-OS 11.2.5",
            "PAN-OS 11.2.4-h17",
            "PAN-OS 11.2.4-h15",
            "PAN-OS 11.2.4-h14",
            "PAN-OS 11.2.4-h12",
            "PAN-OS 11.2.4-h11",
            "PAN-OS 11.2.4-h10",
            "PAN-OS 11.2.4-h9",
            "PAN-OS 11.2.4-h8",
            "PAN-OS 11.2.4-h7",
            "PAN-OS 11.2.4-h6",
            "PAN-OS 11.2.4-h5",
            "PAN-OS 11.2.4-h4",
            "PAN-OS 11.2.4-h3",
            "PAN-OS 11.2.4-h2",
            "PAN-OS 11.2.4-h1",
            "PAN-OS 11.2.4",
            "PAN-OS 11.2.3-h5",
            "PAN-OS 11.2.3-h4",
            "PAN-OS 11.2.3-h3",
            "PAN-OS 11.2.3-h2",
            "PAN-OS 11.2.3-h1",
            "PAN-OS 11.2.3",
            "PAN-OS 11.2.2-h2",
            "PAN-OS 11.2.2-h1",
            "PAN-OS 11.2.1-h1",
            "PAN-OS 11.2.1",
            "PAN-OS 11.2.0-h1",
            "PAN-OS 11.2.0",
            "PAN-OS 11.1.14",
            "PAN-OS 11.1.13-h6",
            "PAN-OS 11.1.13-h5",
            "PAN-OS 11.1.13-h3",
            "PAN-OS 11.1.13-h2",
            "PAN-OS 11.1.13-h1",
            "PAN-OS 11.1.13",
            "PAN-OS 11.1.12",
            "PAN-OS 11.1.11",
            "PAN-OS 11.1.10-h26",
            "PAN-OS 11.1.10-h25",
            "PAN-OS 11.1.10-h21",
            "PAN-OS 11.1.10-h12",
            "PAN-OS 11.1.10-h10",
            "PAN-OS 11.1.10-h9",
            "PAN-OS 11.1.10-h7",
            "PAN-OS 11.1.10-h5",
            "PAN-OS 11.1.10-h4",
            "PAN-OS 11.1.10-h1",
            "PAN-OS 11.1.10",
            "PAN-OS 11.1.9",
            "PAN-OS 11.1.8",
            "PAN-OS 11.1.6-h32",
            "PAN-OS 11.1.6-h29",
            "PAN-OS 11.1.6-h25",
            "PAN-OS 11.1.6-h23",
            "PAN-OS 11.1.6-h22",
            "PAN-OS 11.1.6-h21",
            "PAN-OS 11.1.6-h20",
            "PAN-OS 11.1.6-h19",
            "PAN-OS 11.1.6-h18",
            "PAN-OS 11.1.6-h17",
            "PAN-OS 11.1.6-h14",
            "PAN-OS 11.1.6-h10",
            "PAN-OS 11.1.6-h7",
            "PAN-OS 11.1.6-h6",
            "PAN-OS 11.1.6-h4",
            "PAN-OS 11.1.6-h3",
            "PAN-OS 11.1.6-h2",
            "PAN-OS 11.1.6-h1",
            "PAN-OS 11.1.6",
            "PAN-OS 11.1.5-h1",
            "PAN-OS 11.1.5",
            "PAN-OS 11.1.4-h33",
            "PAN-OS 11.1.4-h32",
            "PAN-OS 11.1.4-h27",
            "PAN-OS 11.1.4-h25",
            "PAN-OS 11.1.4-h18",
            "PAN-OS 11.1.4-h17",
            "PAN-OS 11.1.4-h15",
            "PAN-OS 11.1.4-h13",
            "PAN-OS 11.1.4-h12",
            "PAN-OS 11.1.4-h11",
            "PAN-OS 11.1.4-h10",
            "PAN-OS 11.1.4-h9",
            "PAN-OS 11.1.4-h8",
            "PAN-OS 11.1.4-h7",
            "PAN-OS 11.1.4-h6",
            "PAN-OS 11.1.4-h5",
            "PAN-OS 11.1.4-h4",
            "PAN-OS 11.1.4-h3",
            "PAN-OS 11.1.4-h2",
            "PAN-OS 11.1.4-h1",
            "PAN-OS 11.1.4",
            "PAN-OS 11.1.3-h13",
            "PAN-OS 11.1.3-h12",
            "PAN-OS 11.1.3-h11",
            "PAN-OS 11.1.3-h10",
            "PAN-OS 11.1.3-h9",
            "PAN-OS 11.1.3-h8",
            "PAN-OS 11.1.3-h7",
            "PAN-OS 11.1.3-h6",
            "PAN-OS 11.1.3-h5",
            "PAN-OS 11.1.3-h4",
            "PAN-OS 11.1.3-h3",
            "PAN-OS 11.1.3-h2",
            "PAN-OS 11.1.3-h1",
            "PAN-OS 11.1.3",
            "PAN-OS 11.1.2-h18",
            "PAN-OS 11.1.2-h17",
            "PAN-OS 11.1.2-h16",
            "PAN-OS 11.1.2-h15",
            "PAN-OS 11.1.2-h14",
            "PAN-OS 11.1.2-h13",
            "PAN-OS 11.1.2-h12",
            "PAN-OS 11.1.2-h11",
            "PAN-OS 11.1.2-h10",
            "PAN-OS 11.1.2-h9",
            "PAN-OS 11.1.2-h8",
            "PAN-OS 11.1.2-h7",
            "PAN-OS 11.1.2-h6",
            "PAN-OS 11.1.2-h5",
            "PAN-OS 11.1.2-h4",
            "PAN-OS 11.1.2-h3",
            "PAN-OS 11.1.2-h2",
            "PAN-OS 11.1.2-h1",
            "PAN-OS 11.1.2",
            "PAN-OS 11.1.1-h2",
            "PAN-OS 11.1.1-h1",
            "PAN-OS 11.1.1",
            "PAN-OS 11.1.0-h4",
            "PAN-OS 11.1.0-h3",
            "PAN-OS 11.1.0-h2",
            "PAN-OS 11.1.0-h1",
            "PAN-OS 11.1.0",
            "PAN-OS 10.2.18-h6",
            "PAN-OS 10.2.18-h5",
            "PAN-OS 10.2.18-h1",
            "PAN-OS 10.2.18",
            "PAN-OS 10.2.17",
            "PAN-OS 10.2.16-h7",
            "PAN-OS 10.2.16-h6",
            "PAN-OS 10.2.16-h4",
            "PAN-OS 10.2.16-h1",
            "PAN-OS 10.2.16",
            "PAN-OS 10.2.15",
            "PAN-OS 10.2.14-h1",
            "PAN-OS 10.2.14",
            "PAN-OS 10.2.13-h21",
            "PAN-OS 10.2.13-h18",
            "PAN-OS 10.2.13-h16",
            "PAN-OS 10.2.13-h15",
            "PAN-OS 10.2.13-h10",
            "PAN-OS 10.2.13-h7",
            "PAN-OS 10.2.13-h5",
            "PAN-OS 10.2.13-h4",
            "PAN-OS 10.2.13-h3",
            "PAN-OS 10.2.13-h2",
            "PAN-OS 10.2.13-h1",
            "PAN-OS 10.2.13",
            "PAN-OS 10.2.12-h6",
            "PAN-OS 10.2.12-h5",
            "PAN-OS 10.2.12-h4",
            "PAN-OS 10.2.12-h3",
            "PAN-OS 10.2.12-h2",
            "PAN-OS 10.2.12-h1",
            "PAN-OS 10.2.12",
            "PAN-OS 10.2.11-h13",
            "PAN-OS 10.2.11-h12",
            "PAN-OS 10.2.11-h11",
            "PAN-OS 10.2.11-h10",
            "PAN-OS 10.2.11-h9",
            "PAN-OS 10.2.11-h8",
            "PAN-OS 10.2.11-h7",
            "PAN-OS 10.2.11-h6",
            "PAN-OS 10.2.11-h5",
            "PAN-OS 10.2.11-h4",
            "PAN-OS 10.2.11-h3",
            "PAN-OS 10.2.11-h2",
            "PAN-OS 10.2.11-h1",
            "PAN-OS 10.2.11",
            "PAN-OS 10.2.10-h36",
            "PAN-OS 10.2.10-h31",
            "PAN-OS 10.2.10-h30",
            "PAN-OS 10.2.10-h27",
            "PAN-OS 10.2.10-h26",
            "PAN-OS 10.2.10-h23",
            "PAN-OS 10.2.10-h21",
            "PAN-OS 10.2.10-h18",
            "PAN-OS 10.2.10-h17",
            "PAN-OS 10.2.10-h14",
            "PAN-OS 10.2.10-h13",
            "PAN-OS 10.2.10-h12",
            "PAN-OS 10.2.10-h11",
            "PAN-OS 10.2.10-h10",
            "PAN-OS 10.2.10-h9",
            "PAN-OS 10.2.10-h8",
            "PAN-OS 10.2.10-h7",
            "PAN-OS 10.2.10-h6",
            "PAN-OS 10.2.10-h5",
            "PAN-OS 10.2.10-h4",
            "PAN-OS 10.2.10-h3",
            "PAN-OS 10.2.10-h2",
            "PAN-OS 10.2.10-h1",
            "PAN-OS 10.2.10",
            "PAN-OS 10.2.9-h21",
            "PAN-OS 10.2.9-h20",
            "PAN-OS 10.2.9-h19",
            "PAN-OS 10.2.9-h18",
            "PAN-OS 10.2.9-h17",
            "PAN-OS 10.2.9-h16",
            "PAN-OS 10.2.9-h15",
            "PAN-OS 10.2.9-h14",
            "PAN-OS 10.2.9-h13",
            "PAN-OS 10.2.9-h12",
            "PAN-OS 10.2.9-h11",
            "PAN-OS 10.2.9-h10",
            "PAN-OS 10.2.9-h9",
            "PAN-OS 10.2.9-h8",
            "PAN-OS 10.2.9-h7",
            "PAN-OS 10.2.9-h6",
            "PAN-OS 10.2.9-h5",
            "PAN-OS 10.2.9-h4",
            "PAN-OS 10.2.9-h3",
            "PAN-OS 10.2.9-h2",
            "PAN-OS 10.2.9-h1",
            "PAN-OS 10.2.9",
            "PAN-OS 10.2.8-h21",
            "PAN-OS 10.2.8-h20",
            "PAN-OS 10.2.8-h19",
            "PAN-OS 10.2.8-h18",
            "PAN-OS 10.2.8-h17",
            "PAN-OS 10.2.8-h16",
            "PAN-OS 10.2.8-h15",
            "PAN-OS 10.2.8-h14",
            "PAN-OS 10.2.8-h13",
            "PAN-OS 10.2.8-h12",
            "PAN-OS 10.2.8-h11",
            "PAN-OS 10.2.8-h10",
            "PAN-OS 10.2.8-h9",
            "PAN-OS 10.2.8-h8",
            "PAN-OS 10.2.8-h7",
            "PAN-OS 10.2.8-h6",
            "PAN-OS 10.2.8-h5",
            "PAN-OS 10.2.8-h4",
            "PAN-OS 10.2.8-h3",
            "PAN-OS 10.2.8-h2",
            "PAN-OS 10.2.8-h1",
            "PAN-OS 10.2.8",
            "PAN-OS 10.2.7-h34",
            "PAN-OS 10.2.7-h32",
            "PAN-OS 10.2.7-h24",
            "PAN-OS 10.2.7-h23",
            "PAN-OS 10.2.7-h22",
            "PAN-OS 10.2.7-h21",
            "PAN-OS 10.2.7-h20",
            "PAN-OS 10.2.7-h19",
            "PAN-OS 10.2.7-h18",
            "PAN-OS 10.2.7-h17",
            "PAN-OS 10.2.7-h16",
            "PAN-OS 10.2.7-h15",
            "PAN-OS 10.2.7-h14",
            "PAN-OS 10.2.7-h13",
            "PAN-OS 10.2.7-h12",
            "PAN-OS 10.2.7-h11",
            "PAN-OS 10.2.7-h10",
            "PAN-OS 10.2.7-h9",
            "PAN-OS 10.2.7-h8",
            "PAN-OS 10.2.7-h7",
            "PAN-OS 10.2.7-h6",
            "PAN-OS 10.2.7-h5",
            "PAN-OS 10.2.7-h4",
            "PAN-OS 10.2.7-h3",
            "PAN-OS 10.2.7-h2",
            "PAN-OS 10.2.7-h1",
            "PAN-OS 10.2.7",
            "PAN-OS 10.2.6-h6",
            "PAN-OS 10.2.6-h5",
            "PAN-OS 10.2.6-h4",
            "PAN-OS 10.2.6-h3",
            "PAN-OS 10.2.6-h2",
            "PAN-OS 10.2.6-h1",
            "PAN-OS 10.2.6",
            "PAN-OS 10.2.5-h9",
            "PAN-OS 10.2.5-h8",
            "PAN-OS 10.2.5-h7",
            "PAN-OS 10.2.5-h6",
            "PAN-OS 10.2.5-h5",
            "PAN-OS 10.2.5-h4",
            "PAN-OS 10.2.5-h3",
            "PAN-OS 10.2.5-h2",
            "PAN-OS 10.2.5-h1",
            "PAN-OS 10.2.5",
            "PAN-OS 10.2.4-h32",
            "PAN-OS 10.2.4-h31",
            "PAN-OS 10.2.4-h30",
            "PAN-OS 10.2.4-h29",
            "PAN-OS 10.2.4-h28",
            "PAN-OS 10.2.4-h27",
            "PAN-OS 10.2.4-h26",
            "PAN-OS 10.2.4-h25",
            "PAN-OS 10.2.4-h24",
            "PAN-OS 10.2.4-h23",
            "PAN-OS 10.2.4-h22",
            "PAN-OS 10.2.4-h21",
            "PAN-OS 10.2.4-h20",
            "PAN-OS 10.2.4-h19",
            "PAN-OS 10.2.4-h18",
            "PAN-OS 10.2.4-h17",
            "PAN-OS 10.2.4-h16",
            "PAN-OS 10.2.4-h15",
            "PAN-OS 10.2.4-h14",
            "PAN-OS 10.2.4-h13",
            "PAN-OS 10.2.4-h12",
            "PAN-OS 10.2.4-h11",
            "PAN-OS 10.2.4-h10",
            "PAN-OS 10.2.4-h9",
            "PAN-OS 10.2.4-h8",
            "PAN-OS 10.2.4-h7",
            "PAN-OS 10.2.4-h6",
            "PAN-OS 10.2.4-h5",
            "PAN-OS 10.2.4-h4",
            "PAN-OS 10.2.4-h3",
            "PAN-OS 10.2.4-h2",
            "PAN-OS 10.2.4-h1",
            "PAN-OS 10.2.4",
            "PAN-OS 10.2.3-h14",
            "PAN-OS 10.2.3-h13",
            "PAN-OS 10.2.3-h12",
            "PAN-OS 10.2.3-h11",
            "PAN-OS 10.2.3-h10",
            "PAN-OS 10.2.3-h9",
            "PAN-OS 10.2.3-h8",
            "PAN-OS 10.2.3-h7",
            "PAN-OS 10.2.3-h6",
            "PAN-OS 10.2.3-h5",
            "PAN-OS 10.2.3-h4",
            "PAN-OS 10.2.3-h3",
            "PAN-OS 10.2.3-h2",
            "PAN-OS 10.2.3-h1",
            "PAN-OS 10.2.3",
            "PAN-OS 10.2.2-h6",
            "PAN-OS 10.2.2-h5",
            "PAN-OS 10.2.2-h4",
            "PAN-OS 10.2.2-h3",
            "PAN-OS 10.2.2-h2",
            "PAN-OS 10.2.2-h1",
            "PAN-OS 10.2.2",
            "PAN-OS 10.2.1-h3",
            "PAN-OS 10.2.1-h2",
            "PAN-OS 10.2.1-h1",
            "PAN-OS 10.2.1",
            "PAN-OS 10.2.0-h4",
            "PAN-OS 10.2.0-h3",
            "PAN-OS 10.2.0-h2",
            "PAN-OS 10.2.0-h1",
            "PAN-OS 10.2.0"
          ],
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "assignerShortName": "palo_alto",
        "cveId": "CVE-2026-0273",
        "datePublished": "2026-06-10T21:01:45.198Z",
        "dateReserved": "2025-11-03T20:44:32.837Z",
        "dateUpdated": "2026-06-11T10:17:28.325Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-0272 (GCVE-0-2026-0272)

    Vulnerability from cvelistv5 – Published: 2026-06-10 21:01 – Updated: 2026-06-11 10:17
    VLAI
    Title
    PAN-OS: Privilege Escalation (PE) Vulnerability in the Command Line Interface (CLI)
    Summary
    A privilege escalation vulnerability in Palo Alto Networks PAN-OS® software allows an authenticated administrator with access to the Command Line Interface (CLI) to perform actions on the device with root privileges. The security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of administrators and by restricting access to the management interface to only trusted internal IP addresses according to our recommended best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 . This issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series). Cloud NGFW, and Prisma® Access are not impacted by this vulnerability.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Palo Alto Networks Cloud NGFW Unaffected: All (custom)
    Create a notification for this product.
    Palo Alto Networks PAN-OS Affected: 12.1.0 , < 12.1.4-h7 (custom)
    Affected: 11.2.0 , < 11.2.4-h18 (custom)
    Affected: 11.1.0 , < 11.1.4-h34 (custom)
    Affected: 10.2.0 , < 10.2.7-h35 (custom)
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h26:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h25:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h32:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h29:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h25:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h23:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h22:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h20:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h19:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h33:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h32:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h27:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h25:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.17:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.15:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.14:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h16:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h36:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h31:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h30:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h27:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h26:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h23:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h34:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h32:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h24:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h23:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h22:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h20:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h19:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h16:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Palo Alto Networks Prisma Access Unaffected: All (custom)
    Create a notification for this product.
    Date Public
    2026-06-10 16:00
    Credits
    Palo Alto Networks thanks an external reporter, Frigo, for discovering and reporting this issue.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-0272",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-11T03:55:35.701340Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-11T10:17:40.792Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Cloud NGFW",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "All",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h26:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h25:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h32:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h29:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h25:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h23:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h22:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h20:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h19:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h33:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h32:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h27:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h25:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.17:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.15:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.14:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h16:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h36:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h31:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h30:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h27:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h26:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h23:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h34:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h32:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h24:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h23:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h22:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h20:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h19:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h16:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "PAN-OS",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "12.1.4-h7",
                      "status": "unaffected"
                    },
                    {
                      "at": "12.1.5",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "12.1.4-h7",
                  "status": "affected",
                  "version": "12.1.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "11.2.4-h18",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.2.7-h16",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.2.10-h9",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.2.11",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "11.2.4-h18",
                  "status": "affected",
                  "version": "11.2.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "11.1.4-h34",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.6-h33",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.7-h7",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.10-h27",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.13-h7",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.14",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "11.1.4-h34",
                  "status": "affected",
                  "version": "11.1.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "10.2.7-h35",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.10-h37",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.13-h22",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.16-h8",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.18-h5",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "10.2.7-h35",
                  "status": "affected",
                  "version": "10.2.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Prisma Access",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "All",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "configurations": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eNo special configuration is required to be affected by this issue.\u003c/p\u003e"
                }
              ],
              "value": "No special configuration is required to be affected by this issue."
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "12.1.4-h7",
                      "versionStartIncluding": "12.1.2",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.4-h18",
                      "versionStartIncluding": "11.2.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.7-h16",
                      "versionStartIncluding": "11.2.5",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.10-h9",
                      "versionStartIncluding": "11.2.8",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.11",
                      "versionStartIncluding": "11.2.10",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.4-h34",
                      "versionStartIncluding": "11.1.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.6-h33",
                      "versionStartIncluding": "11.1.5",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.7-h7",
                      "versionStartIncluding": "11.1.7",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.10-h27",
                      "versionStartIncluding": "11.1.8",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.13-h7",
                      "versionStartIncluding": "11.1.11",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.14",
                      "versionStartIncluding": "11.1.13",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.7-h35",
                      "versionStartIncluding": "10.2.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.10-h37",
                      "versionStartIncluding": "10.2.8",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.13-h22",
                      "versionStartIncluding": "10.2.11",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.16-h8",
                      "versionStartIncluding": "10.2.14",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.18-h5",
                      "versionStartIncluding": "10.2.17",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "other",
              "value": "Palo Alto Networks thanks an external reporter, Frigo, for discovering and reporting this issue."
            }
          ],
          "datePublic": "2026-06-10T16:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eA privilege escalation vulnerability in Palo Alto Networks PAN-OS\u00ae software allows an authenticated administrator with access to the Command Line Interface (CLI) to perform actions on the device with root privileges.\u003c/p\u003e\u003cp\u003eThe security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of administrators and by restricting access to the management interface to only trusted internal IP addresses according to our recommended \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431\"\u003ebest practice deployment guidelines\u003c/a\u003e.\u003c/p\u003e\u003cp\u003eThis issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series).\u003cbr\u003e\u003cbr\u003eCloud NGFW, and Prisma\u00ae Access are not impacted by this vulnerability.\u003c/p\u003e"
                }
              ],
              "value": "A privilege escalation vulnerability in Palo Alto Networks PAN-OS\u00ae software allows an authenticated administrator with access to the Command Line Interface (CLI) to perform actions on the device with root privileges.\n\n\n\nThe security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of administrators and by restricting access to the management interface to only trusted internal IP addresses according to our recommended  best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 .\n\n\n\nThis issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series).\n\nCloud NGFW, and Prisma\u00ae Access are not impacted by this vulnerability."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003ePalo Alto Networks is not aware of any malicious exploitation of this issue.\u003c/p\u003e"
                }
              ],
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-233",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-233 Privilege Escalation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NO",
                "Recovery": "USER",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 6,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "UNREPORTED",
                "privilegesRequired": "HIGH",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "CONCENTRATED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:C/RE:M/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "MODERATE"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "The risk is highest when you allow access to the management interface from external IP addresses on the internet."
                }
              ]
            },
            {
              "cvssV4_0": {
                "Automatable": "NO",
                "Recovery": "USER",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 5.6,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "UNREPORTED",
                "privilegesRequired": "HIGH",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "CONCENTRATED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:C/RE:M/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "MODERATE"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "You can reduce the risk of exploitation by restricting access to a jump box that is the only system allowed to access the management interface."
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-862",
                  "description": "CWE-862 Missing Authorization",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-10T21:01:10.714Z",
            "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
            "shortName": "palo_alto"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://security.paloaltonetworks.com/CVE-2026-0272"
            }
          ],
          "solutions": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003ctable class=\"tbl\"\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eVersion\u003c/th\u003e\u003cth\u003eMinor Version Range\u003c/th\u003e\u003cth\u003eSuggested Solution\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003eCloud NGFW\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 12.1\u003c/td\u003e\u003ctd\u003e12.1.2 through 12.1.4-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 12.1.4-h7 or 12.1.5 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 11.2\u003c/td\u003e\u003ctd\u003e11.2.8 through 11.2.10-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.2.10-h9 or 11.2.11 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.2.5 through 11.2.7-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.2.7-h16 or 11.2.11 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.2.0 through 11.2.4-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.2.4-h18 or 11.2.11 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 11.1\u003c/td\u003e\u003ctd\u003e11.1.11 through 11.1.13-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.13-h7 or 11.1.14 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.1.7 through 11.1.10-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.10-h27 or 11.1.14 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.1.5 through 11.1.6-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.6-h33 or 11.1.14 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.1.0 through 11.1.4-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.4-h34 or 11.1.14 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 10.2\u003c/td\u003e\u003ctd\u003e10.2.17 through 10.2.18-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.18-h5 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e10.2.14 through 10.2.16-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.16-h8 or 10.2.18-h5 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e10.2.11 through 10.2.13-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.13-h22 or 10.2.18-h5 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e10.2.8 through 10.2.10-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.10-h37 or 10.2.18-h5 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e10.2.0 through 10.2.7-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.7-h35 or 10.2.18-h5 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eAll other older\u003cbr\u003eunsupported\u003cbr\u003ePAN-OS versions\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eUpgrade to a supported fixed version.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePrisma Access\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e"
                }
              ],
              "value": "VERSION           MINOR VERSION RANGE          SUGGESTED SOLUTION\nCloud NGFW                                     No action needed.\nPAN-OS 12.1       12.1.2 through 12.1.4-h*     Upgrade to 12.1.4-h7 or 12.1.5 or later.\nPAN-OS 11.2       11.2.8 through 11.2.10-h*    Upgrade to 11.2.10-h9 or 11.2.11 or later.\n                  11.2.5 through 11.2.7-h*     Upgrade to 11.2.7-h16 or 11.2.11 or later.\n                  11.2.0 through 11.2.4-h*     Upgrade to 11.2.4-h18 or 11.2.11 or later.\nPAN-OS 11.1       11.1.11 through 11.1.13-h*   Upgrade to 11.1.13-h7 or 11.1.14 or later.\n                  11.1.7 through 11.1.10-h*    Upgrade to 11.1.10-h27 or 11.1.14 or later.\n                  11.1.5 through 11.1.6-h*     Upgrade to 11.1.6-h33 or 11.1.14 or later.\n                  11.1.0 through 11.1.4-h*     Upgrade to 11.1.4-h34 or 11.1.14 or later.\nPAN-OS 10.2       10.2.17 through 10.2.18-h*   Upgrade to 10.2.18-h5 or later.\n                  10.2.14 through 10.2.16-h*   Upgrade to 10.2.16-h8 or 10.2.18-h5 or later.\n                  10.2.11 through 10.2.13-h*   Upgrade to 10.2.13-h22 or 10.2.18-h5 or later.\n                  10.2.8 through 10.2.10-h*    Upgrade to 10.2.10-h37 or 10.2.18-h5 or later.\n                  10.2.0 through 10.2.7-h*     Upgrade to 10.2.7-h35 or 10.2.18-h5 or later.\nAll other older                                Upgrade to a supported fixed version.\nunsupported\nPAN-OS versions\nPrisma Access                                  No action needed."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "timeline": [
            {
              "lang": "en",
              "time": "2026-06-10T16:00:00.000Z",
              "value": "Initial publication."
            }
          ],
          "title": "PAN-OS: Privilege Escalation (PE) Vulnerability in the Command Line Interface (CLI)",
          "workarounds": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eThe vast majority of firewalls already follow Palo Alto Networks\u0027 and industry best practices. However, if you have not already, we strongly recommend that you secure access to your management interface according to our \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431\"\u003ebest practice deployment guidelines\u003c/a\u003e. Specifically, you should restrict management interface access to only trusted internal IP addresses.\u003c/p\u003e\u003cp\u003eReview information about how to secure management access to your Palo Alto Networks firewalls:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431\"\u003ePalo Alto Networks LIVEcommunity article\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices\"\u003ePalo Alto Networks official and detailed technical documentation\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e"
                }
              ],
              "value": "The vast majority of firewalls already follow Palo Alto Networks\u0027 and industry best practices. However, if you have not already, we strongly recommend that you secure access to your management interface according to our best practice deployment guidelines (https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431). Specifically, you should restrict management interface access to only trusted internal IP addresses.\n\nReview information about how to secure management access to your Palo Alto Networks firewalls:\n\n * Palo Alto Networks LIVEcommunity article (https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431)\n * Palo Alto Networks official and detailed technical documentation (https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices)"
            }
          ],
          "x_affectedList": [
            "PAN-OS 12.1.4-h6",
            "PAN-OS 12.1.4-h5",
            "PAN-OS 12.1.4-h3",
            "PAN-OS 12.1.4-h2",
            "PAN-OS 12.1.4",
            "PAN-OS 12.1.3-h3",
            "PAN-OS 12.1.3-h1",
            "PAN-OS 12.1.3",
            "PAN-OS 12.1.2",
            "PAN-OS 11.2.10-h8",
            "PAN-OS 11.2.10-h7",
            "PAN-OS 11.2.10-h6",
            "PAN-OS 11.2.10-h5",
            "PAN-OS 11.2.10-h4",
            "PAN-OS 11.2.10-h3",
            "PAN-OS 11.2.10-h2",
            "PAN-OS 11.2.10-h1",
            "PAN-OS 11.2.10",
            "PAN-OS 11.2.9",
            "PAN-OS 11.2.8",
            "PAN-OS 11.2.7-h15",
            "PAN-OS 11.2.7-h14",
            "PAN-OS 11.2.7-h13",
            "PAN-OS 11.2.7-h12",
            "PAN-OS 11.2.7-h11",
            "PAN-OS 11.2.7-h10",
            "PAN-OS 11.2.7-h8",
            "PAN-OS 11.2.7-h7",
            "PAN-OS 11.2.7-h4",
            "PAN-OS 11.2.7-h3",
            "PAN-OS 11.2.7-h2",
            "PAN-OS 11.2.7-h1",
            "PAN-OS 11.2.7",
            "PAN-OS 11.2.6",
            "PAN-OS 11.2.5",
            "PAN-OS 11.2.4-h17",
            "PAN-OS 11.2.4-h15",
            "PAN-OS 11.2.4-h14",
            "PAN-OS 11.2.4-h12",
            "PAN-OS 11.2.4-h11",
            "PAN-OS 11.2.4-h10",
            "PAN-OS 11.2.4-h9",
            "PAN-OS 11.2.4-h8",
            "PAN-OS 11.2.4-h7",
            "PAN-OS 11.2.4-h6",
            "PAN-OS 11.2.4-h5",
            "PAN-OS 11.2.4-h4",
            "PAN-OS 11.2.4-h3",
            "PAN-OS 11.2.4-h2",
            "PAN-OS 11.2.4-h1",
            "PAN-OS 11.2.4",
            "PAN-OS 11.2.3-h5",
            "PAN-OS 11.2.3-h4",
            "PAN-OS 11.2.3-h3",
            "PAN-OS 11.2.3-h2",
            "PAN-OS 11.2.3-h1",
            "PAN-OS 11.2.3",
            "PAN-OS 11.2.2-h2",
            "PAN-OS 11.2.2-h1",
            "PAN-OS 11.2.1-h1",
            "PAN-OS 11.2.1",
            "PAN-OS 11.2.0-h1",
            "PAN-OS 11.2.0",
            "PAN-OS 11.1.13-h6",
            "PAN-OS 11.1.13-h5",
            "PAN-OS 11.1.13-h3",
            "PAN-OS 11.1.13-h2",
            "PAN-OS 11.1.13-h1",
            "PAN-OS 11.1.13",
            "PAN-OS 11.1.12",
            "PAN-OS 11.1.11",
            "PAN-OS 11.1.10-h26",
            "PAN-OS 11.1.10-h25",
            "PAN-OS 11.1.10-h21",
            "PAN-OS 11.1.10-h12",
            "PAN-OS 11.1.10-h10",
            "PAN-OS 11.1.10-h9",
            "PAN-OS 11.1.10-h7",
            "PAN-OS 11.1.10-h5",
            "PAN-OS 11.1.10-h4",
            "PAN-OS 11.1.10-h1",
            "PAN-OS 11.1.10",
            "PAN-OS 11.1.9",
            "PAN-OS 11.1.8",
            "PAN-OS 11.1.6-h32",
            "PAN-OS 11.1.6-h29",
            "PAN-OS 11.1.6-h25",
            "PAN-OS 11.1.6-h23",
            "PAN-OS 11.1.6-h22",
            "PAN-OS 11.1.6-h21",
            "PAN-OS 11.1.6-h20",
            "PAN-OS 11.1.6-h19",
            "PAN-OS 11.1.6-h18",
            "PAN-OS 11.1.6-h17",
            "PAN-OS 11.1.6-h14",
            "PAN-OS 11.1.6-h10",
            "PAN-OS 11.1.6-h7",
            "PAN-OS 11.1.6-h6",
            "PAN-OS 11.1.6-h4",
            "PAN-OS 11.1.6-h3",
            "PAN-OS 11.1.6-h2",
            "PAN-OS 11.1.6-h1",
            "PAN-OS 11.1.6",
            "PAN-OS 11.1.5-h1",
            "PAN-OS 11.1.5",
            "PAN-OS 11.1.4-h33",
            "PAN-OS 11.1.4-h32",
            "PAN-OS 11.1.4-h27",
            "PAN-OS 11.1.4-h25",
            "PAN-OS 11.1.4-h18",
            "PAN-OS 11.1.4-h17",
            "PAN-OS 11.1.4-h15",
            "PAN-OS 11.1.4-h13",
            "PAN-OS 11.1.4-h12",
            "PAN-OS 11.1.4-h11",
            "PAN-OS 11.1.4-h10",
            "PAN-OS 11.1.4-h9",
            "PAN-OS 11.1.4-h8",
            "PAN-OS 11.1.4-h7",
            "PAN-OS 11.1.4-h6",
            "PAN-OS 11.1.4-h5",
            "PAN-OS 11.1.4-h4",
            "PAN-OS 11.1.4-h3",
            "PAN-OS 11.1.4-h2",
            "PAN-OS 11.1.4-h1",
            "PAN-OS 11.1.4",
            "PAN-OS 11.1.3-h13",
            "PAN-OS 11.1.3-h12",
            "PAN-OS 11.1.3-h11",
            "PAN-OS 11.1.3-h10",
            "PAN-OS 11.1.3-h9",
            "PAN-OS 11.1.3-h8",
            "PAN-OS 11.1.3-h7",
            "PAN-OS 11.1.3-h6",
            "PAN-OS 11.1.3-h5",
            "PAN-OS 11.1.3-h4",
            "PAN-OS 11.1.3-h3",
            "PAN-OS 11.1.3-h2",
            "PAN-OS 11.1.3-h1",
            "PAN-OS 11.1.3",
            "PAN-OS 11.1.2-h18",
            "PAN-OS 11.1.2-h17",
            "PAN-OS 11.1.2-h16",
            "PAN-OS 11.1.2-h15",
            "PAN-OS 11.1.2-h14",
            "PAN-OS 11.1.2-h13",
            "PAN-OS 11.1.2-h12",
            "PAN-OS 11.1.2-h11",
            "PAN-OS 11.1.2-h10",
            "PAN-OS 11.1.2-h9",
            "PAN-OS 11.1.2-h8",
            "PAN-OS 11.1.2-h7",
            "PAN-OS 11.1.2-h6",
            "PAN-OS 11.1.2-h5",
            "PAN-OS 11.1.2-h4",
            "PAN-OS 11.1.2-h3",
            "PAN-OS 11.1.2-h2",
            "PAN-OS 11.1.2-h1",
            "PAN-OS 11.1.2",
            "PAN-OS 11.1.1-h2",
            "PAN-OS 11.1.1-h1",
            "PAN-OS 11.1.1",
            "PAN-OS 11.1.0-h4",
            "PAN-OS 11.1.0-h3",
            "PAN-OS 11.1.0-h2",
            "PAN-OS 11.1.0-h1",
            "PAN-OS 11.1.0",
            "PAN-OS 10.2.18-h1",
            "PAN-OS 10.2.18",
            "PAN-OS 10.2.17",
            "PAN-OS 10.2.16-h7",
            "PAN-OS 10.2.16-h6",
            "PAN-OS 10.2.16-h4",
            "PAN-OS 10.2.16-h1",
            "PAN-OS 10.2.16",
            "PAN-OS 10.2.15",
            "PAN-OS 10.2.14-h1",
            "PAN-OS 10.2.14",
            "PAN-OS 10.2.13-h21",
            "PAN-OS 10.2.13-h18",
            "PAN-OS 10.2.13-h16",
            "PAN-OS 10.2.13-h15",
            "PAN-OS 10.2.13-h10",
            "PAN-OS 10.2.13-h7",
            "PAN-OS 10.2.13-h5",
            "PAN-OS 10.2.13-h4",
            "PAN-OS 10.2.13-h3",
            "PAN-OS 10.2.13-h2",
            "PAN-OS 10.2.13-h1",
            "PAN-OS 10.2.13",
            "PAN-OS 10.2.12-h6",
            "PAN-OS 10.2.12-h5",
            "PAN-OS 10.2.12-h4",
            "PAN-OS 10.2.12-h3",
            "PAN-OS 10.2.12-h2",
            "PAN-OS 10.2.12-h1",
            "PAN-OS 10.2.12",
            "PAN-OS 10.2.11-h13",
            "PAN-OS 10.2.11-h12",
            "PAN-OS 10.2.11-h11",
            "PAN-OS 10.2.11-h10",
            "PAN-OS 10.2.11-h9",
            "PAN-OS 10.2.11-h8",
            "PAN-OS 10.2.11-h7",
            "PAN-OS 10.2.11-h6",
            "PAN-OS 10.2.11-h5",
            "PAN-OS 10.2.11-h4",
            "PAN-OS 10.2.11-h3",
            "PAN-OS 10.2.11-h2",
            "PAN-OS 10.2.11-h1",
            "PAN-OS 10.2.11",
            "PAN-OS 10.2.10-h36",
            "PAN-OS 10.2.10-h31",
            "PAN-OS 10.2.10-h30",
            "PAN-OS 10.2.10-h27",
            "PAN-OS 10.2.10-h26",
            "PAN-OS 10.2.10-h23",
            "PAN-OS 10.2.10-h21",
            "PAN-OS 10.2.10-h18",
            "PAN-OS 10.2.10-h17",
            "PAN-OS 10.2.10-h14",
            "PAN-OS 10.2.10-h13",
            "PAN-OS 10.2.10-h12",
            "PAN-OS 10.2.10-h11",
            "PAN-OS 10.2.10-h10",
            "PAN-OS 10.2.10-h9",
            "PAN-OS 10.2.10-h8",
            "PAN-OS 10.2.10-h7",
            "PAN-OS 10.2.10-h6",
            "PAN-OS 10.2.10-h5",
            "PAN-OS 10.2.10-h4",
            "PAN-OS 10.2.10-h3",
            "PAN-OS 10.2.10-h2",
            "PAN-OS 10.2.10-h1",
            "PAN-OS 10.2.10",
            "PAN-OS 10.2.9-h21",
            "PAN-OS 10.2.9-h20",
            "PAN-OS 10.2.9-h19",
            "PAN-OS 10.2.9-h18",
            "PAN-OS 10.2.9-h17",
            "PAN-OS 10.2.9-h16",
            "PAN-OS 10.2.9-h15",
            "PAN-OS 10.2.9-h14",
            "PAN-OS 10.2.9-h13",
            "PAN-OS 10.2.9-h12",
            "PAN-OS 10.2.9-h11",
            "PAN-OS 10.2.9-h10",
            "PAN-OS 10.2.9-h9",
            "PAN-OS 10.2.9-h8",
            "PAN-OS 10.2.9-h7",
            "PAN-OS 10.2.9-h6",
            "PAN-OS 10.2.9-h5",
            "PAN-OS 10.2.9-h4",
            "PAN-OS 10.2.9-h3",
            "PAN-OS 10.2.9-h2",
            "PAN-OS 10.2.9-h1",
            "PAN-OS 10.2.9",
            "PAN-OS 10.2.8-h21",
            "PAN-OS 10.2.8-h20",
            "PAN-OS 10.2.8-h19",
            "PAN-OS 10.2.8-h18",
            "PAN-OS 10.2.8-h17",
            "PAN-OS 10.2.8-h16",
            "PAN-OS 10.2.8-h15",
            "PAN-OS 10.2.8-h14",
            "PAN-OS 10.2.8-h13",
            "PAN-OS 10.2.8-h12",
            "PAN-OS 10.2.8-h11",
            "PAN-OS 10.2.8-h10",
            "PAN-OS 10.2.8-h9",
            "PAN-OS 10.2.8-h8",
            "PAN-OS 10.2.8-h7",
            "PAN-OS 10.2.8-h6",
            "PAN-OS 10.2.8-h5",
            "PAN-OS 10.2.8-h4",
            "PAN-OS 10.2.8-h3",
            "PAN-OS 10.2.8-h2",
            "PAN-OS 10.2.8-h1",
            "PAN-OS 10.2.8",
            "PAN-OS 10.2.7-h34",
            "PAN-OS 10.2.7-h32",
            "PAN-OS 10.2.7-h24",
            "PAN-OS 10.2.7-h23",
            "PAN-OS 10.2.7-h22",
            "PAN-OS 10.2.7-h21",
            "PAN-OS 10.2.7-h20",
            "PAN-OS 10.2.7-h19",
            "PAN-OS 10.2.7-h18",
            "PAN-OS 10.2.7-h17",
            "PAN-OS 10.2.7-h16",
            "PAN-OS 10.2.7-h15",
            "PAN-OS 10.2.7-h14",
            "PAN-OS 10.2.7-h13",
            "PAN-OS 10.2.7-h12",
            "PAN-OS 10.2.7-h11",
            "PAN-OS 10.2.7-h10",
            "PAN-OS 10.2.7-h9",
            "PAN-OS 10.2.7-h8",
            "PAN-OS 10.2.7-h7",
            "PAN-OS 10.2.7-h6",
            "PAN-OS 10.2.7-h5",
            "PAN-OS 10.2.7-h4",
            "PAN-OS 10.2.7-h3",
            "PAN-OS 10.2.7-h2",
            "PAN-OS 10.2.7-h1",
            "PAN-OS 10.2.7",
            "PAN-OS 10.2.6-h6",
            "PAN-OS 10.2.6-h5",
            "PAN-OS 10.2.6-h4",
            "PAN-OS 10.2.6-h3",
            "PAN-OS 10.2.6-h2",
            "PAN-OS 10.2.6-h1",
            "PAN-OS 10.2.6",
            "PAN-OS 10.2.5-h9",
            "PAN-OS 10.2.5-h8",
            "PAN-OS 10.2.5-h7",
            "PAN-OS 10.2.5-h6",
            "PAN-OS 10.2.5-h5",
            "PAN-OS 10.2.5-h4",
            "PAN-OS 10.2.5-h3",
            "PAN-OS 10.2.5-h2",
            "PAN-OS 10.2.5-h1",
            "PAN-OS 10.2.5",
            "PAN-OS 10.2.4-h32",
            "PAN-OS 10.2.4-h31",
            "PAN-OS 10.2.4-h30",
            "PAN-OS 10.2.4-h29",
            "PAN-OS 10.2.4-h28",
            "PAN-OS 10.2.4-h27",
            "PAN-OS 10.2.4-h26",
            "PAN-OS 10.2.4-h25",
            "PAN-OS 10.2.4-h24",
            "PAN-OS 10.2.4-h23",
            "PAN-OS 10.2.4-h22",
            "PAN-OS 10.2.4-h21",
            "PAN-OS 10.2.4-h20",
            "PAN-OS 10.2.4-h19",
            "PAN-OS 10.2.4-h18",
            "PAN-OS 10.2.4-h17",
            "PAN-OS 10.2.4-h16",
            "PAN-OS 10.2.4-h15",
            "PAN-OS 10.2.4-h14",
            "PAN-OS 10.2.4-h13",
            "PAN-OS 10.2.4-h12",
            "PAN-OS 10.2.4-h11",
            "PAN-OS 10.2.4-h10",
            "PAN-OS 10.2.4-h9",
            "PAN-OS 10.2.4-h8",
            "PAN-OS 10.2.4-h7",
            "PAN-OS 10.2.4-h6",
            "PAN-OS 10.2.4-h5",
            "PAN-OS 10.2.4-h4",
            "PAN-OS 10.2.4-h3",
            "PAN-OS 10.2.4-h2",
            "PAN-OS 10.2.4-h1",
            "PAN-OS 10.2.4",
            "PAN-OS 10.2.3-h14",
            "PAN-OS 10.2.3-h13",
            "PAN-OS 10.2.3-h12",
            "PAN-OS 10.2.3-h11",
            "PAN-OS 10.2.3-h10",
            "PAN-OS 10.2.3-h9",
            "PAN-OS 10.2.3-h8",
            "PAN-OS 10.2.3-h7",
            "PAN-OS 10.2.3-h6",
            "PAN-OS 10.2.3-h5",
            "PAN-OS 10.2.3-h4",
            "PAN-OS 10.2.3-h3",
            "PAN-OS 10.2.3-h2",
            "PAN-OS 10.2.3-h1",
            "PAN-OS 10.2.3",
            "PAN-OS 10.2.2-h6",
            "PAN-OS 10.2.2-h5",
            "PAN-OS 10.2.2-h4",
            "PAN-OS 10.2.2-h3",
            "PAN-OS 10.2.2-h2",
            "PAN-OS 10.2.2-h1",
            "PAN-OS 10.2.2",
            "PAN-OS 10.2.1-h3",
            "PAN-OS 10.2.1-h2",
            "PAN-OS 10.2.1-h1",
            "PAN-OS 10.2.1",
            "PAN-OS 10.2.0-h4",
            "PAN-OS 10.2.0-h3",
            "PAN-OS 10.2.0-h2",
            "PAN-OS 10.2.0-h1",
            "PAN-OS 10.2.0"
          ],
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "assignerShortName": "palo_alto",
        "cveId": "CVE-2026-0272",
        "datePublished": "2026-06-10T21:01:10.714Z",
        "dateReserved": "2025-11-03T20:44:31.995Z",
        "dateUpdated": "2026-06-11T10:17:40.792Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-0269 (GCVE-0-2026-0269)

    Vulnerability from cvelistv5 – Published: 2026-06-10 20:54 – Updated: 2026-06-11 13:55
    VLAI
    Title
    PAN-OS: Denial of Service (DoS) in Tunnel Traffic Processing
    Summary
    A memory corruption vulnerability in the processing of tunnel traffic in Palo Alto Networks PAN-OS® software allows an authenticated user to initiate system reboots using a maliciously crafted packet. Repeated attempts to initiate a reboot causes the firewall to enter maintenance mode. Panorama, Cloud NGFW, and Prisma® Access are not impacted by this vulnerability.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-754 - Improper Check for Unusual or Exceptional Conditions
    Assigner
    References
    Impacted products
    Vendor Product Version
    Palo Alto Networks Cloud NGFW Unaffected: All (custom)
    Create a notification for this product.
    Palo Alto Networks PAN-OS Affected: 12.1.0 , < 12.1.5 (custom)
    Affected: 11.2.0 , < 11.2.10 (custom)
    Affected: 11.1.0 , < 11.1.6-h21 (custom)
    Affected: 10.2.0 , < 10.2.16-h6 (custom)
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h20:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h19:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h32:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h27:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h25:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.17:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.15:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.14:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h16:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h31:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h30:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h27:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h26:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h23:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h32:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h24:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h23:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h22:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h21:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h20:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h19:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h18:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h17:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h16:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h15:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h14:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h13:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h12:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h11:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h10:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h9:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h8:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h7:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h6:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h5:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h4:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h3:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h2:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h1:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:-:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Palo Alto Networks Panorama Unaffected: All (custom)
    Create a notification for this product.
    Palo Alto Networks Prisma Access Unaffected: All (custom)
    Create a notification for this product.
    Date Public
    2026-06-10 16:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-0269",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-11T13:55:39.388734Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-11T13:55:47.585Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Cloud NGFW",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "All",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h20:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h19:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h32:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h27:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h25:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.17:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.15:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.14:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h16:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h31:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h30:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h27:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h26:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h23:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h32:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h24:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h23:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h22:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h21:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h20:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h19:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h18:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h17:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h16:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h15:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h14:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h13:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h12:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h11:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h10:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h9:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h8:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h7:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h6:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h5:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h4:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h3:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h2:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h1:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:-:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "PAN-OS",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "12.1.5",
                      "status": "unaffected"
                    },
                    {
                      "at": "12.1.4-h5",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "12.1.5",
                  "status": "affected",
                  "version": "12.1.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "11.2.10",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.2.7-h4",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.2.4-h17",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "11.2.10",
                  "status": "affected",
                  "version": "11.2.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "11.1.12",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.10-h7",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.6-h21",
                      "status": "unaffected"
                    },
                    {
                      "at": "11.1.4-h33",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "11.1.6-h21",
                  "status": "affected",
                  "version": "11.1.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "10.2.18",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.16-h6",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.13-h21",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.10-h36",
                      "status": "unaffected"
                    },
                    {
                      "at": "10.2.7-h34",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "10.2.16-h6",
                  "status": "affected",
                  "version": "10.2.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Panorama",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "All",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Prisma Access",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "All",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "configurations": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "This vulnerability affects PAN-OS firewalls configured with one or more of the following:\u003cbr\u003e\u003cul\u003e\u003cli\u003eIPSec Tunnels\u003c/li\u003e\u003cli\u003eGlobalProtect Gateways (Remote Access)\u003c/li\u003e\u003c/ul\u003e"
                }
              ],
              "value": "This vulnerability affects PAN-OS firewalls configured with one or more of the following:\n\n * IPSec Tunnels\n * GlobalProtect Gateways (Remote Access)"
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "12.1.5",
                      "versionStartIncluding": "12.1.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "12.1.4-h5",
                      "versionStartIncluding": "12.1.4",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.10",
                      "versionStartIncluding": "11.2.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.7-h4",
                      "versionStartIncluding": "11.2.7",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.4-h17",
                      "versionStartIncluding": "11.2.4",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.12",
                      "versionStartIncluding": "11.1.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.10-h7",
                      "versionStartIncluding": "11.1.10",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.6-h21",
                      "versionStartIncluding": "11.1.6",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.4-h33",
                      "versionStartIncluding": "11.1.4",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.18",
                      "versionStartIncluding": "10.2.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.16-h6",
                      "versionStartIncluding": "10.2.16",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.13-h21",
                      "versionStartIncluding": "10.2.13",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.10-h36",
                      "versionStartIncluding": "10.2.10",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.2.7-h34",
                      "versionStartIncluding": "10.2.7",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "datePublic": "2026-06-10T16:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003e\u003cspan\u003eA memory corruption vulnerability in the processing of tunnel traffic in Palo Alto Networks PAN-OS\u00ae software allows an authenticated user to initiate system reboots using a maliciously crafted packet. Repeated attempts to initiate a reboot causes the firewall to enter maintenance mode.\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan\u003ePanorama, Cloud NGFW, and Prisma\u00ae Access are not impacted by this vulnerability.\u003c/span\u003e\u003c/p\u003e"
                }
              ],
              "value": "A memory corruption vulnerability in the processing of tunnel traffic in Palo Alto Networks PAN-OS\u00ae software allows an authenticated user to initiate system reboots using a maliciously crafted packet. Repeated attempts to initiate a reboot causes the firewall to enter maintenance mode.\n\n\n\nPanorama, Cloud NGFW, and Prisma\u00ae Access are not impacted by this vulnerability."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
                }
              ],
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-153",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-153 Input Data Manipulation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NO",
                "Recovery": "AUTOMATIC",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "ADJACENT",
                "baseScore": 4.6,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "UNREPORTED",
                "privilegesRequired": "LOW",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "DIFFUSE",
                "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/AU:N/R:A/V:D/RE:M/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "MODERATE"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-754",
                  "description": "CWE-754: Improper Check for Unusual or Exceptional Conditions",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-10T20:54:29.102Z",
            "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
            "shortName": "palo_alto"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://security.paloaltonetworks.com/CVE-2026-0269"
            }
          ],
          "solutions": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003ctable\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eVersion\u003cbr\u003e\u003c/th\u003e\u003cth\u003eMinor Version\u003cbr\u003e\u003c/th\u003e\u003cth\u003eSuggested Solution\u003cbr\u003e\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003eCloud NGFW\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePAN-OS 12.1\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e12.1.2 through 12.1.4-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 12.1.4-h5 or 12.1.5 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePAN-OS 11.2\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.2.8 through 11.2.9\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.2.10 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.2.5 through 11.2.7-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.2.7-h4 or 11.2.10 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.2.0 through 11.2.4-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.2.4-h17 or 11.2.10 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePAN-OS 11.1\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.11 or later\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.12 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u0026nbsp;\u003c/td\u003e\u003ctd\u003e11.1.7 through 11.1.10-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.10-h7 or 11.1.12 or later.\u003cbr\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.5 through 11.1.6-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.6-h21 or 11.1.12 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.0 through 11.1.4-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.4-h33 or 11.1.12 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePAN-OS 10.2\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e10.2.17 or later\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 10.2.18 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u0026nbsp;\u003c/td\u003e\u003ctd\u003e10.2.4 through 10.2.16-h*\u003cbr\u003e\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.16-h6 or 10.2.18 or later.\u003cbr\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e10.2.11 through 10.2.13-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 10.2.13-h21 or 10.2.18 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e10.2.8 through 10.2.10-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 10.2.10-h36 or 10.2.18 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e10.2.0 through 10.2.7-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 10.2.7-h34 or 10.2.18 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eAll older\u003cbr\u003eunsupported\u003cbr\u003ePAN-OS versions\u003c/td\u003e\u003ctd\u003e\u0026nbsp;\u003c/td\u003e\u003ctd\u003eUpgrade to a supported fixed version.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePanorama\u003c/td\u003e\u003ctd\u003e\u0026nbsp;\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePrisma Access\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003eNo action needed.\u003c/td\u003e\n                            \u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e"
                }
              ],
              "value": "VERSION           MINOR VERSION                SUGGESTED SOLUTION\nCloud NGFW                                     No action needed.\nPAN-OS 12.1       12.1.2 through 12.1.4-h*     Upgrade to 12.1.4-h5 or 12.1.5 or later.\nPAN-OS 11.2       11.2.8 through 11.2.9        Upgrade to 11.2.10 or later.\n                  11.2.5 through 11.2.7-h*     Upgrade to 11.2.7-h4 or 11.2.10 or later.\n                  11.2.0 through 11.2.4-h*     Upgrade to 11.2.4-h17 or 11.2.10 or later.\nPAN-OS 11.1       11.1.11 or later             Upgrade to 11.1.12 or later.\n\u00a0                 11.1.7 through 11.1.10-h*    Upgrade to 11.1.10-h7 or 11.1.12 or later.\n                  11.1.5 through 11.1.6-h*     Upgrade to 11.1.6-h21 or 11.1.12 or later.\n                  11.1.0 through 11.1.4-h*     Upgrade to 11.1.4-h33 or 11.1.12 or later.\nPAN-OS 10.2       10.2.17 or later             Upgrade to 10.2.18 or later.\n\u00a0                 10.2.4 through 10.2.16-h*    Upgrade to 10.2.16-h6 or 10.2.18 or later.\n                  10.2.11 through 10.2.13-h*   Upgrade to 10.2.13-h21 or 10.2.18 or later.\n                  10.2.8 through 10.2.10-h*    Upgrade to 10.2.10-h36 or 10.2.18 or later.\n                  10.2.0 through 10.2.7-h*     Upgrade to 10.2.7-h34 or 10.2.18 or later.\nAll older         \u00a0                            Upgrade to a supported fixed version.\nunsupported\nPAN-OS versions\nPanorama          \u00a0                            No action needed.\nPrisma Access                                  No action needed."
            }
          ],
          "source": {
            "discovery": "USER"
          },
          "timeline": [
            {
              "lang": "en",
              "time": "2026-06-10T16:00:00.000Z",
              "value": "Initial publication."
            }
          ],
          "title": "PAN-OS: Denial of Service (DoS) in Tunnel Traffic Processing",
          "workarounds": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "No known workarounds exist for this issue."
                }
              ],
              "value": "No known workarounds exist for this issue."
            }
          ],
          "x_affectedList": [
            "PAN-OS 12.1.4-h3",
            "PAN-OS 12.1.4-h2",
            "PAN-OS 12.1.4",
            "PAN-OS 12.1.3-h3",
            "PAN-OS 12.1.3-h1",
            "PAN-OS 12.1.3",
            "PAN-OS 12.1.2",
            "PAN-OS 11.2.9",
            "PAN-OS 11.2.8",
            "PAN-OS 11.2.7-h3",
            "PAN-OS 11.2.7-h2",
            "PAN-OS 11.2.7-h1",
            "PAN-OS 11.2.7",
            "PAN-OS 11.2.6",
            "PAN-OS 11.2.5",
            "PAN-OS 11.2.4-h15",
            "PAN-OS 11.2.4-h14",
            "PAN-OS 11.2.4-h12",
            "PAN-OS 11.2.4-h11",
            "PAN-OS 11.2.4-h10",
            "PAN-OS 11.2.4-h9",
            "PAN-OS 11.2.4-h8",
            "PAN-OS 11.2.4-h7",
            "PAN-OS 11.2.4-h6",
            "PAN-OS 11.2.4-h5",
            "PAN-OS 11.2.4-h4",
            "PAN-OS 11.2.4-h3",
            "PAN-OS 11.2.4-h2",
            "PAN-OS 11.2.4-h1",
            "PAN-OS 11.2.4",
            "PAN-OS 11.2.3-h5",
            "PAN-OS 11.2.3-h4",
            "PAN-OS 11.2.3-h3",
            "PAN-OS 11.2.3-h2",
            "PAN-OS 11.2.3-h1",
            "PAN-OS 11.2.3",
            "PAN-OS 11.2.2-h2",
            "PAN-OS 11.2.2-h1",
            "PAN-OS 11.2.1-h1",
            "PAN-OS 11.2.1",
            "PAN-OS 11.2.0-h1",
            "PAN-OS 11.2.0",
            "PAN-OS 11.1.11",
            "PAN-OS 11.1.10-h5",
            "PAN-OS 11.1.10-h4",
            "PAN-OS 11.1.10-h1",
            "PAN-OS 11.1.10",
            "PAN-OS 11.1.9",
            "PAN-OS 11.1.8",
            "PAN-OS 11.1.6-h20",
            "PAN-OS 11.1.6-h19",
            "PAN-OS 11.1.6-h18",
            "PAN-OS 11.1.6-h17",
            "PAN-OS 11.1.6-h14",
            "PAN-OS 11.1.6-h10",
            "PAN-OS 11.1.6-h7",
            "PAN-OS 11.1.6-h6",
            "PAN-OS 11.1.6-h4",
            "PAN-OS 11.1.6-h3",
            "PAN-OS 11.1.6-h2",
            "PAN-OS 11.1.6-h1",
            "PAN-OS 11.1.6",
            "PAN-OS 11.1.5-h1",
            "PAN-OS 11.1.5",
            "PAN-OS 11.1.4-h32",
            "PAN-OS 11.1.4-h27",
            "PAN-OS 11.1.4-h25",
            "PAN-OS 11.1.4-h18",
            "PAN-OS 11.1.4-h17",
            "PAN-OS 11.1.4-h15",
            "PAN-OS 11.1.4-h13",
            "PAN-OS 11.1.4-h12",
            "PAN-OS 11.1.4-h11",
            "PAN-OS 11.1.4-h10",
            "PAN-OS 11.1.4-h9",
            "PAN-OS 11.1.4-h8",
            "PAN-OS 11.1.4-h7",
            "PAN-OS 11.1.4-h6",
            "PAN-OS 11.1.4-h5",
            "PAN-OS 11.1.4-h4",
            "PAN-OS 11.1.4-h3",
            "PAN-OS 11.1.4-h2",
            "PAN-OS 11.1.4-h1",
            "PAN-OS 11.1.4",
            "PAN-OS 11.1.3-h13",
            "PAN-OS 11.1.3-h12",
            "PAN-OS 11.1.3-h11",
            "PAN-OS 11.1.3-h10",
            "PAN-OS 11.1.3-h9",
            "PAN-OS 11.1.3-h8",
            "PAN-OS 11.1.3-h7",
            "PAN-OS 11.1.3-h6",
            "PAN-OS 11.1.3-h5",
            "PAN-OS 11.1.3-h4",
            "PAN-OS 11.1.3-h3",
            "PAN-OS 11.1.3-h2",
            "PAN-OS 11.1.3-h1",
            "PAN-OS 11.1.3",
            "PAN-OS 11.1.2-h18",
            "PAN-OS 11.1.2-h17",
            "PAN-OS 11.1.2-h16",
            "PAN-OS 11.1.2-h15",
            "PAN-OS 11.1.2-h14",
            "PAN-OS 11.1.2-h13",
            "PAN-OS 11.1.2-h12",
            "PAN-OS 11.1.2-h11",
            "PAN-OS 11.1.2-h10",
            "PAN-OS 11.1.2-h9",
            "PAN-OS 11.1.2-h8",
            "PAN-OS 11.1.2-h7",
            "PAN-OS 11.1.2-h6",
            "PAN-OS 11.1.2-h5",
            "PAN-OS 11.1.2-h4",
            "PAN-OS 11.1.2-h3",
            "PAN-OS 11.1.2-h2",
            "PAN-OS 11.1.2-h1",
            "PAN-OS 11.1.2",
            "PAN-OS 11.1.1-h2",
            "PAN-OS 11.1.1-h1",
            "PAN-OS 11.1.1",
            "PAN-OS 11.1.0-h4",
            "PAN-OS 11.1.0-h3",
            "PAN-OS 11.1.0-h2",
            "PAN-OS 11.1.0-h1",
            "PAN-OS 11.1.0",
            "PAN-OS 10.2.17",
            "PAN-OS 10.2.16-h4",
            "PAN-OS 10.2.16-h1",
            "PAN-OS 10.2.16",
            "PAN-OS 10.2.15",
            "PAN-OS 10.2.14-h1",
            "PAN-OS 10.2.14",
            "PAN-OS 10.2.13-h18",
            "PAN-OS 10.2.13-h16",
            "PAN-OS 10.2.13-h15",
            "PAN-OS 10.2.13-h10",
            "PAN-OS 10.2.13-h7",
            "PAN-OS 10.2.13-h5",
            "PAN-OS 10.2.13-h4",
            "PAN-OS 10.2.13-h3",
            "PAN-OS 10.2.13-h2",
            "PAN-OS 10.2.13-h1",
            "PAN-OS 10.2.13",
            "PAN-OS 10.2.12-h6",
            "PAN-OS 10.2.12-h5",
            "PAN-OS 10.2.12-h4",
            "PAN-OS 10.2.12-h3",
            "PAN-OS 10.2.12-h2",
            "PAN-OS 10.2.12-h1",
            "PAN-OS 10.2.12",
            "PAN-OS 10.2.11-h13",
            "PAN-OS 10.2.11-h12",
            "PAN-OS 10.2.11-h11",
            "PAN-OS 10.2.11-h10",
            "PAN-OS 10.2.11-h9",
            "PAN-OS 10.2.11-h8",
            "PAN-OS 10.2.11-h7",
            "PAN-OS 10.2.11-h6",
            "PAN-OS 10.2.11-h5",
            "PAN-OS 10.2.11-h4",
            "PAN-OS 10.2.11-h3",
            "PAN-OS 10.2.11-h2",
            "PAN-OS 10.2.11-h1",
            "PAN-OS 10.2.11",
            "PAN-OS 10.2.10-h31",
            "PAN-OS 10.2.10-h30",
            "PAN-OS 10.2.10-h27",
            "PAN-OS 10.2.10-h26",
            "PAN-OS 10.2.10-h23",
            "PAN-OS 10.2.10-h21",
            "PAN-OS 10.2.10-h18",
            "PAN-OS 10.2.10-h17",
            "PAN-OS 10.2.10-h14",
            "PAN-OS 10.2.10-h13",
            "PAN-OS 10.2.10-h12",
            "PAN-OS 10.2.10-h11",
            "PAN-OS 10.2.10-h10",
            "PAN-OS 10.2.10-h9",
            "PAN-OS 10.2.10-h8",
            "PAN-OS 10.2.10-h7",
            "PAN-OS 10.2.10-h6",
            "PAN-OS 10.2.10-h5",
            "PAN-OS 10.2.10-h4",
            "PAN-OS 10.2.10-h3",
            "PAN-OS 10.2.10-h2",
            "PAN-OS 10.2.10-h1",
            "PAN-OS 10.2.10",
            "PAN-OS 10.2.9-h21",
            "PAN-OS 10.2.9-h20",
            "PAN-OS 10.2.9-h19",
            "PAN-OS 10.2.9-h18",
            "PAN-OS 10.2.9-h17",
            "PAN-OS 10.2.9-h16",
            "PAN-OS 10.2.9-h15",
            "PAN-OS 10.2.9-h14",
            "PAN-OS 10.2.9-h13",
            "PAN-OS 10.2.9-h12",
            "PAN-OS 10.2.9-h11",
            "PAN-OS 10.2.9-h10",
            "PAN-OS 10.2.9-h9",
            "PAN-OS 10.2.9-h8",
            "PAN-OS 10.2.9-h7",
            "PAN-OS 10.2.9-h6",
            "PAN-OS 10.2.9-h5",
            "PAN-OS 10.2.9-h4",
            "PAN-OS 10.2.9-h3",
            "PAN-OS 10.2.9-h2",
            "PAN-OS 10.2.9-h1",
            "PAN-OS 10.2.9",
            "PAN-OS 10.2.8-h21",
            "PAN-OS 10.2.8-h20",
            "PAN-OS 10.2.8-h19",
            "PAN-OS 10.2.8-h18",
            "PAN-OS 10.2.8-h17",
            "PAN-OS 10.2.8-h16",
            "PAN-OS 10.2.8-h15",
            "PAN-OS 10.2.8-h14",
            "PAN-OS 10.2.8-h13",
            "PAN-OS 10.2.8-h12",
            "PAN-OS 10.2.8-h11",
            "PAN-OS 10.2.8-h10",
            "PAN-OS 10.2.8-h9",
            "PAN-OS 10.2.8-h8",
            "PAN-OS 10.2.8-h7",
            "PAN-OS 10.2.8-h6",
            "PAN-OS 10.2.8-h5",
            "PAN-OS 10.2.8-h4",
            "PAN-OS 10.2.8-h3",
            "PAN-OS 10.2.8-h2",
            "PAN-OS 10.2.8-h1",
            "PAN-OS 10.2.8",
            "PAN-OS 10.2.7-h32",
            "PAN-OS 10.2.7-h24",
            "PAN-OS 10.2.7-h23",
            "PAN-OS 10.2.7-h22",
            "PAN-OS 10.2.7-h21",
            "PAN-OS 10.2.7-h20",
            "PAN-OS 10.2.7-h19",
            "PAN-OS 10.2.7-h18",
            "PAN-OS 10.2.7-h17",
            "PAN-OS 10.2.7-h16",
            "PAN-OS 10.2.7-h15",
            "PAN-OS 10.2.7-h14",
            "PAN-OS 10.2.7-h13",
            "PAN-OS 10.2.7-h12",
            "PAN-OS 10.2.7-h11",
            "PAN-OS 10.2.7-h10",
            "PAN-OS 10.2.7-h9",
            "PAN-OS 10.2.7-h8",
            "PAN-OS 10.2.7-h7",
            "PAN-OS 10.2.7-h6",
            "PAN-OS 10.2.7-h5",
            "PAN-OS 10.2.7-h4",
            "PAN-OS 10.2.7-h3",
            "PAN-OS 10.2.7-h2",
            "PAN-OS 10.2.7-h1",
            "PAN-OS 10.2.7",
            "PAN-OS 10.2.6-h6",
            "PAN-OS 10.2.6-h5",
            "PAN-OS 10.2.6-h4",
            "PAN-OS 10.2.6-h3",
            "PAN-OS 10.2.6-h2",
            "PAN-OS 10.2.6-h1",
            "PAN-OS 10.2.6",
            "PAN-OS 10.2.5-h9",
            "PAN-OS 10.2.5-h8",
            "PAN-OS 10.2.5-h7",
            "PAN-OS 10.2.5-h6",
            "PAN-OS 10.2.5-h5",
            "PAN-OS 10.2.5-h4",
            "PAN-OS 10.2.5-h3",
            "PAN-OS 10.2.5-h2",
            "PAN-OS 10.2.5-h1",
            "PAN-OS 10.2.5",
            "PAN-OS 10.2.4-h32",
            "PAN-OS 10.2.4-h31",
            "PAN-OS 10.2.4-h30",
            "PAN-OS 10.2.4-h29",
            "PAN-OS 10.2.4-h28",
            "PAN-OS 10.2.4-h27",
            "PAN-OS 10.2.4-h26",
            "PAN-OS 10.2.4-h25",
            "PAN-OS 10.2.4-h24",
            "PAN-OS 10.2.4-h23",
            "PAN-OS 10.2.4-h22",
            "PAN-OS 10.2.4-h21",
            "PAN-OS 10.2.4-h20",
            "PAN-OS 10.2.4-h19",
            "PAN-OS 10.2.4-h18",
            "PAN-OS 10.2.4-h17",
            "PAN-OS 10.2.4-h16",
            "PAN-OS 10.2.4-h15",
            "PAN-OS 10.2.4-h14",
            "PAN-OS 10.2.4-h13",
            "PAN-OS 10.2.4-h12",
            "PAN-OS 10.2.4-h11",
            "PAN-OS 10.2.4-h10",
            "PAN-OS 10.2.4-h9",
            "PAN-OS 10.2.4-h8",
            "PAN-OS 10.2.4-h7",
            "PAN-OS 10.2.4-h6",
            "PAN-OS 10.2.4-h5",
            "PAN-OS 10.2.4-h4",
            "PAN-OS 10.2.4-h3",
            "PAN-OS 10.2.4-h2",
            "PAN-OS 10.2.4-h1",
            "PAN-OS 10.2.4",
            "PAN-OS 10.2.3-h14",
            "PAN-OS 10.2.3-h13",
            "PAN-OS 10.2.3-h12",
            "PAN-OS 10.2.3-h11",
            "PAN-OS 10.2.3-h10",
            "PAN-OS 10.2.3-h9",
            "PAN-OS 10.2.3-h8",
            "PAN-OS 10.2.3-h7",
            "PAN-OS 10.2.3-h6",
            "PAN-OS 10.2.3-h5",
            "PAN-OS 10.2.3-h4",
            "PAN-OS 10.2.3-h3",
            "PAN-OS 10.2.3-h2",
            "PAN-OS 10.2.3-h1",
            "PAN-OS 10.2.3",
            "PAN-OS 10.2.2-h6",
            "PAN-OS 10.2.2-h5",
            "PAN-OS 10.2.2-h4",
            "PAN-OS 10.2.2-h3",
            "PAN-OS 10.2.2-h2",
            "PAN-OS 10.2.2-h1",
            "PAN-OS 10.2.2",
            "PAN-OS 10.2.1-h3",
            "PAN-OS 10.2.1-h2",
            "PAN-OS 10.2.1-h1",
            "PAN-OS 10.2.1",
            "PAN-OS 10.2.0-h4",
            "PAN-OS 10.2.0-h3",
            "PAN-OS 10.2.0-h2",
            "PAN-OS 10.2.0-h1",
            "PAN-OS 10.2.0"
          ],
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "assignerShortName": "palo_alto",
        "cveId": "CVE-2026-0269",
        "datePublished": "2026-06-10T20:54:29.102Z",
        "dateReserved": "2025-11-03T20:44:29.323Z",
        "dateUpdated": "2026-06-11T13:55:47.585Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-0266 (GCVE-0-2026-0266)

    Vulnerability from cvelistv5 – Published: 2026-06-10 20:30 – Updated: 2026-06-11 14:36
    VLAI
    Title
    PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in the Web Interface
    Summary
    A cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS® software enables a malicious authenticated administrator to store a JavaScript payload using the web interface. This issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series). Cloud NGFW and Prisma® Access are not affected by this vulnerability.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    References
    Impacted products
    Vendor Product Version
    Palo Alto Networks Cloud NGFW Unaffected: All (custom)
    Create a notification for this product.
    Palo Alto Networks PAN-OS Affected: 12.1.0 , < 12.1.5 (custom)
    Affected: 11.2.0 , < 11.2.11 (custom)
    Affected: 11.1.0 , < 11.1.14 (custom)
    Affected: 10.2.0 (custom)
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.17:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.15:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.14:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.12:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.11:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*
        cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Palo Alto Networks Prisma Access Unaffected: All (custom)
    Create a notification for this product.
    Date Public
    2026-06-10 16:00
    Credits
    Palo Alto Networks thanks Rajnish Gupta (internal reporter), James Otten (internal reporter), and Jasper Westerman of REQON B.V. for discovering and reporting this issue.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-0266",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-11T14:34:49.983330Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-11T14:36:48.227Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Cloud NGFW",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "All",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.17:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.15:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.14:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "PAN-OS",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "12.1.5",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "12.1.5",
                  "status": "affected",
                  "version": "12.1.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "11.2.11",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "11.2.11",
                  "status": "affected",
                  "version": "11.2.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "11.1.14",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "11.1.14",
                  "status": "affected",
                  "version": "11.1.0",
                  "versionType": "custom"
                },
                {
                  "status": "affected",
                  "version": "10.2.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Prisma Access",
              "vendor": "Palo Alto Networks",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "All",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "configurations": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eNo special configuration is required to be affected by this issue.\u003c/p\u003e"
                }
              ],
              "value": "No special configuration is required to be affected by this issue."
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "12.1.5",
                      "versionStartIncluding": "12.1.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.2.11",
                      "versionStartIncluding": "11.2.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.1.14",
                      "versionStartIncluding": "11.1.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                      "versionStartIncluding": "10.2.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "other",
              "value": "Palo Alto Networks thanks Rajnish Gupta (internal reporter), James Otten (internal reporter), and Jasper Westerman of REQON B.V. for discovering and reporting this issue."
            }
          ],
          "datePublic": "2026-06-10T16:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS\u00ae software enables a malicious authenticated administrator to store a JavaScript payload using the web interface. \u003cbr\u003e\u003cbr\u003eThis issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series).\u003cbr\u003e\u003cbr\u003eCloud NGFW and Prisma\u00ae Access are not affected by this vulnerability."
                }
              ],
              "value": "A cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS\u00ae software enables a malicious authenticated administrator to store a JavaScript payload using the web interface. \n\nThis issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series).\n\nCloud NGFW and Prisma\u00ae Access are not affected by this vulnerability."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003ePalo Alto Networks is not aware of any malicious exploitation of this issue.\u003c/p\u003e"
                }
              ],
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-592",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-592 Stored XSS"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NO",
                "Recovery": "USER",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 1.1,
                "baseSeverity": "LOW",
                "exploitMaturity": "UNREPORTED",
                "privilegesRequired": "HIGH",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "PASSIVE",
                "valueDensity": "DIFFUSE",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "MODERATE"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "The risk is highest when you allow access to the management interface from external IP addresses on the internet."
                }
              ]
            },
            {
              "cvssV4_0": {
                "Automatable": "NO",
                "Recovery": "USER",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 0.4,
                "baseSeverity": "LOW",
                "exploitMaturity": "UNREPORTED",
                "privilegesRequired": "HIGH",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "PASSIVE",
                "valueDensity": "DIFFUSE",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "MODERATE"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "You can greatly reduce the risk of exploitation by restricting access to a jump box that is the only system allowed to access the management interface. This will ensure that attacks can succeed only if they obtain privileged access through those specified IP addresses."
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-10T20:30:04.127Z",
            "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
            "shortName": "palo_alto"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://security.paloaltonetworks.com/CVE-2026-0266"
            }
          ],
          "solutions": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003ctable\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eVersion\u003cbr\u003e\u003c/th\u003e\u003cth\u003eMinor Version\u003cbr\u003e\u003c/th\u003e\u003cth\u003eSuggested Solution\u003cbr\u003e\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003eCloud NGFW\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePAN-OS 12.1\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e12.1.2 through 12.1.4\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 12.1.5 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePAN-OS 11.2\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.2.0 through 11.2.10\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.2.11 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePAN-OS 11.1\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.0 through 11.1.13\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.14 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePAN-OS 10.2\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e10.2.0 through 10.2.18\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.14, 11.2.11, 12.1.5 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eAll older\u003cbr\u003eunsupported\u003cbr\u003ePAN-OS versions\u003c/td\u003e\u003ctd\u003e\u0026nbsp;\u003c/td\u003e\u003ctd\u003eUpgrade to a supported fixed version.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePrisma Access\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e"
                }
              ],
              "value": "VERSION           MINOR VERSION            SUGGESTED SOLUTION\nCloud NGFW                                 No action needed.\nPAN-OS 12.1       12.1.2 through 12.1.4    Upgrade to 12.1.5 or later.\nPAN-OS 11.2       11.2.0 through 11.2.10   Upgrade to 11.2.11 or later.\nPAN-OS 11.1       11.1.0 through 11.1.13   Upgrade to 11.1.14 or later.\nPAN-OS 10.2       10.2.0 through 10.2.18   Upgrade to 11.1.14, 11.2.11, 12.1.5 or later.\nAll older         \u00a0                        Upgrade to a supported fixed version.\nunsupported\nPAN-OS versions\nPrisma Access                              No action needed."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "timeline": [
            {
              "lang": "en",
              "time": "2026-06-10T16:00:00.000Z",
              "value": "Initial publication."
            }
          ],
          "title": "PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in the Web Interface",
          "workarounds": [
            {
              "lang": "eng",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eNo known workarounds or mitigations exist for this issue.\u003c/p\u003e"
                }
              ],
              "value": "No known workarounds or mitigations exist for this issue."
            }
          ],
          "x_affectedList": [
            "PAN-OS 12.1.4-h6",
            "PAN-OS 12.1.4-h5",
            "PAN-OS 12.1.4-h3",
            "PAN-OS 12.1.4-h2",
            "PAN-OS 12.1.4",
            "PAN-OS 12.1.3-h3",
            "PAN-OS 12.1.3-h1",
            "PAN-OS 12.1.3",
            "PAN-OS 12.1.2",
            "PAN-OS 11.2.10-h8",
            "PAN-OS 11.2.10-h7",
            "PAN-OS 11.2.10-h6",
            "PAN-OS 11.2.10-h5",
            "PAN-OS 11.2.10-h4",
            "PAN-OS 11.2.10-h3",
            "PAN-OS 11.2.10-h2",
            "PAN-OS 11.2.10-h1",
            "PAN-OS 11.2.10",
            "PAN-OS 11.2.9",
            "PAN-OS 11.2.8",
            "PAN-OS 11.2.7-h15",
            "PAN-OS 11.2.7-h14",
            "PAN-OS 11.2.7-h13",
            "PAN-OS 11.2.7-h12",
            "PAN-OS 11.2.7-h11",
            "PAN-OS 11.2.7-h10",
            "PAN-OS 11.2.7-h8",
            "PAN-OS 11.2.7-h7",
            "PAN-OS 11.2.7-h4",
            "PAN-OS 11.2.7-h3",
            "PAN-OS 11.2.7-h2",
            "PAN-OS 11.2.7-h1",
            "PAN-OS 11.2.7",
            "PAN-OS 11.2.6",
            "PAN-OS 11.2.5",
            "PAN-OS 11.2.4-h17",
            "PAN-OS 11.2.4-h15",
            "PAN-OS 11.2.4-h14",
            "PAN-OS 11.2.4-h12",
            "PAN-OS 11.2.4-h11",
            "PAN-OS 11.2.4-h10",
            "PAN-OS 11.2.4-h9",
            "PAN-OS 11.2.4-h8",
            "PAN-OS 11.2.4-h7",
            "PAN-OS 11.2.4-h6",
            "PAN-OS 11.2.4-h5",
            "PAN-OS 11.2.4-h4",
            "PAN-OS 11.2.4-h3",
            "PAN-OS 11.2.4-h2",
            "PAN-OS 11.2.4-h1",
            "PAN-OS 11.2.4",
            "PAN-OS 11.2.3-h5",
            "PAN-OS 11.2.3-h4",
            "PAN-OS 11.2.3-h3",
            "PAN-OS 11.2.3-h2",
            "PAN-OS 11.2.3-h1",
            "PAN-OS 11.2.3",
            "PAN-OS 11.2.2-h2",
            "PAN-OS 11.2.2-h1",
            "PAN-OS 11.2.1-h1",
            "PAN-OS 11.2.1",
            "PAN-OS 11.2.0-h1",
            "PAN-OS 11.2.0",
            "PAN-OS 11.1.13-h6",
            "PAN-OS 11.1.13-h5",
            "PAN-OS 11.1.13-h3",
            "PAN-OS 11.1.13-h2",
            "PAN-OS 11.1.13-h1",
            "PAN-OS 11.1.13",
            "PAN-OS 11.1.12",
            "PAN-OS 11.1.11",
            "PAN-OS 11.1.10-h26",
            "PAN-OS 11.1.10-h25",
            "PAN-OS 11.1.10-h21",
            "PAN-OS 11.1.10-h12",
            "PAN-OS 11.1.10-h10",
            "PAN-OS 11.1.10-h9",
            "PAN-OS 11.1.10-h7",
            "PAN-OS 11.1.10-h5",
            "PAN-OS 11.1.10-h4",
            "PAN-OS 11.1.10-h1",
            "PAN-OS 11.1.10",
            "PAN-OS 11.1.9",
            "PAN-OS 11.1.8",
            "PAN-OS 11.1.6-h32",
            "PAN-OS 11.1.6-h29",
            "PAN-OS 11.1.6-h25",
            "PAN-OS 11.1.6-h23",
            "PAN-OS 11.1.6-h22",
            "PAN-OS 11.1.6-h21",
            "PAN-OS 11.1.6-h20",
            "PAN-OS 11.1.6-h19",
            "PAN-OS 11.1.6-h18",
            "PAN-OS 11.1.6-h17",
            "PAN-OS 11.1.6-h14",
            "PAN-OS 11.1.6-h10",
            "PAN-OS 11.1.6-h7",
            "PAN-OS 11.1.6-h6",
            "PAN-OS 11.1.6-h4",
            "PAN-OS 11.1.6-h3",
            "PAN-OS 11.1.6-h2",
            "PAN-OS 11.1.6-h1",
            "PAN-OS 11.1.6",
            "PAN-OS 11.1.5-h1",
            "PAN-OS 11.1.5",
            "PAN-OS 11.1.4-h33",
            "PAN-OS 11.1.4-h32",
            "PAN-OS 11.1.4-h27",
            "PAN-OS 11.1.4-h25",
            "PAN-OS 11.1.4-h18",
            "PAN-OS 11.1.4-h17",
            "PAN-OS 11.1.4-h15",
            "PAN-OS 11.1.4-h13",
            "PAN-OS 11.1.4-h12",
            "PAN-OS 11.1.4-h11",
            "PAN-OS 11.1.4-h10",
            "PAN-OS 11.1.4-h9",
            "PAN-OS 11.1.4-h8",
            "PAN-OS 11.1.4-h7",
            "PAN-OS 11.1.4-h6",
            "PAN-OS 11.1.4-h5",
            "PAN-OS 11.1.4-h4",
            "PAN-OS 11.1.4-h3",
            "PAN-OS 11.1.4-h2",
            "PAN-OS 11.1.4-h1",
            "PAN-OS 11.1.4",
            "PAN-OS 11.1.3-h13",
            "PAN-OS 11.1.3-h12",
            "PAN-OS 11.1.3-h11",
            "PAN-OS 11.1.3-h10",
            "PAN-OS 11.1.3-h9",
            "PAN-OS 11.1.3-h8",
            "PAN-OS 11.1.3-h7",
            "PAN-OS 11.1.3-h6",
            "PAN-OS 11.1.3-h5",
            "PAN-OS 11.1.3-h4",
            "PAN-OS 11.1.3-h3",
            "PAN-OS 11.1.3-h2",
            "PAN-OS 11.1.3-h1",
            "PAN-OS 11.1.3",
            "PAN-OS 11.1.2-h18",
            "PAN-OS 11.1.2-h17",
            "PAN-OS 11.1.2-h16",
            "PAN-OS 11.1.2-h15",
            "PAN-OS 11.1.2-h14",
            "PAN-OS 11.1.2-h13",
            "PAN-OS 11.1.2-h12",
            "PAN-OS 11.1.2-h11",
            "PAN-OS 11.1.2-h10",
            "PAN-OS 11.1.2-h9",
            "PAN-OS 11.1.2-h8",
            "PAN-OS 11.1.2-h7",
            "PAN-OS 11.1.2-h6",
            "PAN-OS 11.1.2-h5",
            "PAN-OS 11.1.2-h4",
            "PAN-OS 11.1.2-h3",
            "PAN-OS 11.1.2-h2",
            "PAN-OS 11.1.2-h1",
            "PAN-OS 11.1.2",
            "PAN-OS 11.1.1-h2",
            "PAN-OS 11.1.1-h1",
            "PAN-OS 11.1.1",
            "PAN-OS 11.1.0-h4",
            "PAN-OS 11.1.0-h3",
            "PAN-OS 11.1.0-h2",
            "PAN-OS 11.1.0-h1",
            "PAN-OS 11.1.0",
            "PAN-OS 10.2.18-h6",
            "PAN-OS 10.2.18-h5",
            "PAN-OS 10.2.18-h1",
            "PAN-OS 10.2.18",
            "PAN-OS 10.2.17",
            "PAN-OS 10.2.16-h7",
            "PAN-OS 10.2.16-h6",
            "PAN-OS 10.2.16-h4",
            "PAN-OS 10.2.16-h1",
            "PAN-OS 10.2.16",
            "PAN-OS 10.2.15",
            "PAN-OS 10.2.14-h1",
            "PAN-OS 10.2.14",
            "PAN-OS 10.2.13-h21",
            "PAN-OS 10.2.13-h18",
            "PAN-OS 10.2.13-h16",
            "PAN-OS 10.2.13-h15",
            "PAN-OS 10.2.13-h10",
            "PAN-OS 10.2.13-h7",
            "PAN-OS 10.2.13-h5",
            "PAN-OS 10.2.13-h4",
            "PAN-OS 10.2.13-h3",
            "PAN-OS 10.2.13-h2",
            "PAN-OS 10.2.13-h1",
            "PAN-OS 10.2.13",
            "PAN-OS 10.2.12-h6",
            "PAN-OS 10.2.12-h5",
            "PAN-OS 10.2.12-h4",
            "PAN-OS 10.2.12-h3",
            "PAN-OS 10.2.12-h2",
            "PAN-OS 10.2.12-h1",
            "PAN-OS 10.2.12",
            "PAN-OS 10.2.11-h13",
            "PAN-OS 10.2.11-h12",
            "PAN-OS 10.2.11-h11",
            "PAN-OS 10.2.11-h10",
            "PAN-OS 10.2.11-h9",
            "PAN-OS 10.2.11-h8",
            "PAN-OS 10.2.11-h7",
            "PAN-OS 10.2.11-h6",
            "PAN-OS 10.2.11-h5",
            "PAN-OS 10.2.11-h4",
            "PAN-OS 10.2.11-h3",
            "PAN-OS 10.2.11-h2",
            "PAN-OS 10.2.11-h1",
            "PAN-OS 10.2.11",
            "PAN-OS 10.2.10-h36",
            "PAN-OS 10.2.10-h31",
            "PAN-OS 10.2.10-h30",
            "PAN-OS 10.2.10-h27",
            "PAN-OS 10.2.10-h26",
            "PAN-OS 10.2.10-h23",
            "PAN-OS 10.2.10-h21",
            "PAN-OS 10.2.10-h18",
            "PAN-OS 10.2.10-h17",
            "PAN-OS 10.2.10-h14",
            "PAN-OS 10.2.10-h13",
            "PAN-OS 10.2.10-h12",
            "PAN-OS 10.2.10-h11",
            "PAN-OS 10.2.10-h10",
            "PAN-OS 10.2.10-h9",
            "PAN-OS 10.2.10-h8",
            "PAN-OS 10.2.10-h7",
            "PAN-OS 10.2.10-h6",
            "PAN-OS 10.2.10-h5",
            "PAN-OS 10.2.10-h4",
            "PAN-OS 10.2.10-h3",
            "PAN-OS 10.2.10-h2",
            "PAN-OS 10.2.10-h1",
            "PAN-OS 10.2.10",
            "PAN-OS 10.2.9-h21",
            "PAN-OS 10.2.9-h20",
            "PAN-OS 10.2.9-h19",
            "PAN-OS 10.2.9-h18",
            "PAN-OS 10.2.9-h17",
            "PAN-OS 10.2.9-h16",
            "PAN-OS 10.2.9-h15",
            "PAN-OS 10.2.9-h14",
            "PAN-OS 10.2.9-h13",
            "PAN-OS 10.2.9-h12",
            "PAN-OS 10.2.9-h11",
            "PAN-OS 10.2.9-h10",
            "PAN-OS 10.2.9-h9",
            "PAN-OS 10.2.9-h8",
            "PAN-OS 10.2.9-h7",
            "PAN-OS 10.2.9-h6",
            "PAN-OS 10.2.9-h5",
            "PAN-OS 10.2.9-h4",
            "PAN-OS 10.2.9-h3",
            "PAN-OS 10.2.9-h2",
            "PAN-OS 10.2.9-h1",
            "PAN-OS 10.2.9",
            "PAN-OS 10.2.8-h21",
            "PAN-OS 10.2.8-h20",
            "PAN-OS 10.2.8-h19",
            "PAN-OS 10.2.8-h18",
            "PAN-OS 10.2.8-h17",
            "PAN-OS 10.2.8-h16",
            "PAN-OS 10.2.8-h15",
            "PAN-OS 10.2.8-h14",
            "PAN-OS 10.2.8-h13",
            "PAN-OS 10.2.8-h12",
            "PAN-OS 10.2.8-h11",
            "PAN-OS 10.2.8-h10",
            "PAN-OS 10.2.8-h9",
            "PAN-OS 10.2.8-h8",
            "PAN-OS 10.2.8-h7",
            "PAN-OS 10.2.8-h6",
            "PAN-OS 10.2.8-h5",
            "PAN-OS 10.2.8-h4",
            "PAN-OS 10.2.8-h3",
            "PAN-OS 10.2.8-h2",
            "PAN-OS 10.2.8-h1",
            "PAN-OS 10.2.8",
            "PAN-OS 10.2.7-h34",
            "PAN-OS 10.2.7-h32",
            "PAN-OS 10.2.7-h24",
            "PAN-OS 10.2.7-h23",
            "PAN-OS 10.2.7-h22",
            "PAN-OS 10.2.7-h21",
            "PAN-OS 10.2.7-h20",
            "PAN-OS 10.2.7-h19",
            "PAN-OS 10.2.7-h18",
            "PAN-OS 10.2.7-h17",
            "PAN-OS 10.2.7-h16",
            "PAN-OS 10.2.7-h15",
            "PAN-OS 10.2.7-h14",
            "PAN-OS 10.2.7-h13",
            "PAN-OS 10.2.7-h12",
            "PAN-OS 10.2.7-h11",
            "PAN-OS 10.2.7-h10",
            "PAN-OS 10.2.7-h9",
            "PAN-OS 10.2.7-h8",
            "PAN-OS 10.2.7-h7",
            "PAN-OS 10.2.7-h6",
            "PAN-OS 10.2.7-h5",
            "PAN-OS 10.2.7-h4",
            "PAN-OS 10.2.7-h3",
            "PAN-OS 10.2.7-h2",
            "PAN-OS 10.2.7-h1",
            "PAN-OS 10.2.7",
            "PAN-OS 10.2.6-h6",
            "PAN-OS 10.2.6-h5",
            "PAN-OS 10.2.6-h4",
            "PAN-OS 10.2.6-h3",
            "PAN-OS 10.2.6-h2",
            "PAN-OS 10.2.6-h1",
            "PAN-OS 10.2.6",
            "PAN-OS 10.2.5-h9",
            "PAN-OS 10.2.5-h8",
            "PAN-OS 10.2.5-h7",
            "PAN-OS 10.2.5-h6",
            "PAN-OS 10.2.5-h5",
            "PAN-OS 10.2.5-h4",
            "PAN-OS 10.2.5-h3",
            "PAN-OS 10.2.5-h2",
            "PAN-OS 10.2.5-h1",
            "PAN-OS 10.2.5",
            "PAN-OS 10.2.4-h32",
            "PAN-OS 10.2.4-h31",
            "PAN-OS 10.2.4-h30",
            "PAN-OS 10.2.4-h29",
            "PAN-OS 10.2.4-h28",
            "PAN-OS 10.2.4-h27",
            "PAN-OS 10.2.4-h26",
            "PAN-OS 10.2.4-h25",
            "PAN-OS 10.2.4-h24",
            "PAN-OS 10.2.4-h23",
            "PAN-OS 10.2.4-h22",
            "PAN-OS 10.2.4-h21",
            "PAN-OS 10.2.4-h20",
            "PAN-OS 10.2.4-h19",
            "PAN-OS 10.2.4-h18",
            "PAN-OS 10.2.4-h17",
            "PAN-OS 10.2.4-h16",
            "PAN-OS 10.2.4-h15",
            "PAN-OS 10.2.4-h14",
            "PAN-OS 10.2.4-h13",
            "PAN-OS 10.2.4-h12",
            "PAN-OS 10.2.4-h11",
            "PAN-OS 10.2.4-h10",
            "PAN-OS 10.2.4-h9",
            "PAN-OS 10.2.4-h8",
            "PAN-OS 10.2.4-h7",
            "PAN-OS 10.2.4-h6",
            "PAN-OS 10.2.4-h5",
            "PAN-OS 10.2.4-h4",
            "PAN-OS 10.2.4-h3",
            "PAN-OS 10.2.4-h2",
            "PAN-OS 10.2.4-h1",
            "PAN-OS 10.2.4",
            "PAN-OS 10.2.3-h14",
            "PAN-OS 10.2.3-h13",
            "PAN-OS 10.2.3-h12",
            "PAN-OS 10.2.3-h11",
            "PAN-OS 10.2.3-h10",
            "PAN-OS 10.2.3-h9",
            "PAN-OS 10.2.3-h8",
            "PAN-OS 10.2.3-h7",
            "PAN-OS 10.2.3-h6",
            "PAN-OS 10.2.3-h5",
            "PAN-OS 10.2.3-h4",
            "PAN-OS 10.2.3-h3",
            "PAN-OS 10.2.3-h2",
            "PAN-OS 10.2.3-h1",
            "PAN-OS 10.2.3",
            "PAN-OS 10.2.2-h6",
            "PAN-OS 10.2.2-h5",
            "PAN-OS 10.2.2-h4",
            "PAN-OS 10.2.2-h3",
            "PAN-OS 10.2.2-h2",
            "PAN-OS 10.2.2-h1",
            "PAN-OS 10.2.2",
            "PAN-OS 10.2.1-h3",
            "PAN-OS 10.2.1-h2",
            "PAN-OS 10.2.1-h1",
            "PAN-OS 10.2.1",
            "PAN-OS 10.2.0-h4",
            "PAN-OS 10.2.0-h3",
            "PAN-OS 10.2.0-h2",
            "PAN-OS 10.2.0-h1",
            "PAN-OS 10.2.0"
          ],
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "assignerShortName": "palo_alto",
        "cveId": "CVE-2026-0266",
        "datePublished": "2026-06-10T20:30:04.127Z",
        "dateReserved": "2025-11-03T20:44:26.433Z",
        "dateUpdated": "2026-06-11T14:36:48.227Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }