Buffer Overflow Vulnerability in Palo Alto Networks PAN-OS DNS Features
CVE-2026-0264

6.6MEDIUM

Key Information:

Vendor: Palo Alto Networks
Status: Cloud Ngfw; Pan-os; Prisma Access
Vendor: CVE Published:; 13 May 2026

🔔 Create Palo Alto Networks Vulnerability Alert

Badges

👾 Exploit Exists

What is CVE-2026-0264?

A vulnerability exists in the DNS proxy and DNS Server functionalities of Palo Alto Networks PAN-OS® Software, which allows unauthorized attackers with network access to disrupt service or potentially execute arbitrary code by sending specially crafted network traffic. This affects all PAN-OS platforms, except for Cloud NGFW and Prisma Access, alongside PA-Series hardware. Proper updates and patches are advised for safeguarding against potential threats.

Affected Version(s)

PAN-OS 12.1.0 < 12.1.7, 12.1.4-h5

PAN-OS 11.2.0 < 11.2.12, 11.2.10-h6, 11.2.7-h13, 11.2.4-h17

PAN-OS 11.1.0 < 11.1.15, 11.1.13-h5, 11.1.10-h25, 11.1.7-h6, 11.1.6-h32, 11.1.4-h33

References

https://security.paloaltonetworks.com/CVE-2026-0264

vendor-advisory

CVSS V4

Score:

6.6

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

👾
Exploit known to exist
May 13, 2026
Vulnerability published
May 13, 2026
Vulnerability Reserved
Nov 3, 2025

Credit

Palo Alto Networks thanks an external reporter and our internal security research teams for discovering and reporting this issue.

CVE-2026-0264 Data

JSON