Server-Side Request Forgery Vulnerability in Palo Alto Networks PAN-OS Software
CVE-2026-0258

4.8MEDIUM

Key Information:

Vendor: Palo Alto Networks
Status: Cloud Ngfw; Pan-os; Prisma Access
Vendor: CVE Published:; 13 May 2026

🔔 Create Palo Alto Networks Vulnerability Alert

Badges

👾 Exploit Exists

What is CVE-2026-0258?

A server-side request forgery (SSRF) vulnerability exists in the IKEv2 implementation of Palo Alto Networks PAN-OS software. This flaw could allow an unauthenticated attacker to manipulate the firewall into sending requests to unintended destinations, thereby exposing the network to potential exploitation. Additionally, this vulnerability may lead to a denial of service (DoS) condition, adversely affecting network availability. It is important to note that related products such as Panorama, Cloud NGFW, and Prisma® Access are not impacted by this issue.

Affected Version(s)

PAN-OS 12.1.0 < 12.1.7, 12.1.4-h5

PAN-OS 11.2.0 < 11.2.12, 11.2.10-h6, 11.2.7-h13, 11.2.4-h17

PAN-OS 11.1.0 < 11.1.15, 11.1.13-h5, 11.1.10-h25, 11.1.7-h6, 11.1.6-h32, 11.1.4-h33

References

https://security.paloaltonetworks.com/CVE-2026-0258

vendor-advisory

CVSS V4

Score:

4.8

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

👾
Exploit known to exist
May 13, 2026
Vulnerability published
May 13, 2026
Vulnerability Reserved
Nov 3, 2025

Credit

Palo Alto Networks thanks our internal security research teams for discovering and reporting this issue.

CVE-2026-0258 Data

JSON