Palo Alto Networks Security Advisories

Clear
version
severity
product
Clear
1 - 25 of 155
VersionsAffectedUnaffected
7.2CVE-2026-0265 PAN-OS: Authentication Bypass with Cloud Authentication Service (CAS) enabled
Cloud NGFW
PAN-OS 12.1
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 10.2
Prisma Access
None
< 12.1.4-h5, < 12.1.7
< 11.2.4-h17, < 11.2.7-h13, < 11.2.10-h6, < 11.2.12
< 11.1.4-h33, < 11.1.6-h32, < 11.1.7-h6, < 11.1.10-h25, < 11.1.13-h5, < 11.1.15
< 10.2.7-h34, < 10.2.10-h36, < 10.2.13-h21, < 10.2.16-h7, < 10.2.18-h6
None
All
>= 12.1.4-h5, >= 12.1.7 (ETA: 05/28)
>= 11.2.4-h17 (ETA: 05/28), >= 11.2.7-h13, >= 11.2.10-h6, >= 11.2.12 (ETA: 05/28)
>= 11.1.4-h33, >= 11.1.6-h32, >= 11.1.7-h6 (ETA: 05/28), >= 11.1.10-h25, >= 11.1.13-h5, >= 11.1.15 (ETA: 05/28)
>= 10.2.7-h34, >= 10.2.10-h36, >= 10.2.13-h21, >= 10.2.16-h7, >= 10.2.18-h6
All
2026-05-132026-05-20
7.2CVE-2026-0264 PAN-OS: Heap-Based Buffer Overflow in DNS Proxy and DNS Server Allows Unauthenticated Remote Code Execution
Cloud NGFW
PAN-OS 12.1
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 10.2
Prisma Access
None on AWS, None on Azure
< 12.1.4-h5, < 12.1.7
< 11.2.4-h17, < 11.2.7-h13, < 11.2.10-h6, < 11.2.12
< 11.1.4-h33, < 11.1.6-h32, < 11.1.7-h6, < 11.1.10-h25, < 11.1.13-h5, < 11.1.15
< 10.2.7-h34, < 10.2.10-h36, < 10.2.13-h21, < 10.2.16-h7, < 10.2.18-h6
None
All on AWS, All on Azure unless you have been contacted by Palo Alto Networks
>= 12.1.4-h5, >= 12.1.7 (ETA: 05/28)
>= 11.2.4-h17 (ETA: 05/28), >= 11.2.7-h13, >= 11.2.10-h6, >= 11.2.12 (ETA: 05/28)
>= 11.1.4-h33, >= 11.1.6-h32, >= 11.1.7-h6 (ETA: 05/28), >= 11.1.10-h25, >= 11.1.13-h5, >= 11.1.15 (ETA: 05/28)
>= 10.2.7-h34, >= 10.2.10-h36, >= 10.2.13-h21, >= 10.2.16-h7, >= 10.2.18-h6
All
2026-05-132026-05-20
7.2CVE-2026-0263 PAN-OS: Remote Code Execution (RCE) in IKEv2 Processing
Cloud NGFW
PAN-OS 12.1
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 10.2
Prisma Access
None
< 12.1.4-h5, < 12.1.7
< 11.2.4-h17, < 11.2.7-h13, < 11.2.10-h6, < 11.2.12
< 11.1.4-h33, < 11.1.6-h32, < 11.1.7-h6, < 11.1.10-h25, < 11.1.13-h5, < 11.1.15
None
None
All
>= 12.1.4-h5, >= 12.1.7 (ETA: 05/28)
>= 11.2.4-h17 (ETA: 05/28), >= 11.2.7-h13, >= 11.2.10-h6, >= 11.2.12 (ETA: 05/28)
>= 11.1.4-h33, >= 11.1.6-h32, >= 11.1.7-h6 (ETA: 05/28), >= 11.1.10-h25, >= 11.1.13-h5, >= 11.1.15 (ETA: 05/28)
All
All
2026-05-132026-05-13
7.2CVE-2026-0234 Cortex XSOAR: Improper Verification of Cryptographic Signature in Microsoft Teams integration
Cortex XSIAM Microsoft Teams Marketplace 1.5.0
Cortex XSOAR Microsoft Teams Marketplace 1.5.0
< 1.5.52
< 1.5.52
>= 1.5.52
>= 1.5.52
2026-04-082026-04-08
1 - 25 of 155 Download
Terms of usePrivacyProduct Security Assurance and Vulnerability Disclosure PolicyReport vulnerabilitiesManage subscriptions
© 2026 Palo Alto Networks, Inc. All rights reserved.