Stored Cross-Site Scripting Vulnerability in Palo Alto Networks PAN-OS Software
CVE-2026-0256

4.4MEDIUM

Key Information:

Vendor: Palo Alto Networks
Status: Cloud Ngfw; Pan-os; Prisma Access
Vendor: CVE Published:; 13 May 2026

🔔 Create Palo Alto Networks Vulnerability Alert

Badges

👾 Exploit Exists

What is CVE-2026-0256?

A stored cross-site scripting vulnerability exists in Palo Alto Networks PAN-OS software, allowing authenticated administrators to exploit the web interface. By storing malicious JavaScript payloads, an attacker can execute scripts that affect users or manipulate data. This affects PAN-OS running on PA-Series, VM-Series firewalls, and Panorama solutions, posing a potential risk to network security. Notably, Cloud NGFW and Prisma Access are not vulnerable to this issue.

Affected Version(s)

PAN-OS 12.1.0 < 12.1.7

PAN-OS 11.2.0 < 11.2.12

PAN-OS 11.1.0 < 11.1.15

References

https://security.paloaltonetworks.com/CVE-2026-0256

vendor-advisory

CVSS V4

Score:

4.4

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

👾
Exploit known to exist
May 13, 2026
Vulnerability published
May 13, 2026
Vulnerability Reserved
Nov 3, 2025

Credit

Palo Alto Networks thanks our internal security research teams for discovering and reporting this issue.

CVE-2026-0256 Data

JSON