PAN-OS: Denial of Service (DoS) in Tunnel Traffic Processing
CVE-2026-0269

4.6MEDIUM

Key Information:

Vendor: Palo Alto Networks
Status: Cloud Ngfw; Pan-os; Panorama; Prisma Access
Vendor: CVE Published:; 10 June 2026

🔔 Create Palo Alto Networks Vulnerability Alert

Badges

👾 Exploit Exists

What is CVE-2026-0269?

A memory corruption vulnerability in the processing of tunnel traffic in Palo Alto Networks PAN-OS® software allows an authenticated user to initiate system reboots using a maliciously crafted packet. Repeated attempts to initiate a reboot causes the firewall to enter maintenance mode.

Panorama, Cloud NGFW, and Prisma® Access are not impacted by this vulnerability.

Affected Version(s)

PAN-OS 12.1.0 < 12.1.5

PAN-OS 11.2.0 < 11.2.10

PAN-OS 11.1.0 < 11.1.6-h21

References

https://security.paloaltonetworks.com/CVE-2026-0269

vendor-advisory

CVSS V4

Score:

4.6

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

👾
Exploit known to exist
Jun 10, 2026
Vulnerability published
Jun 10, 2026
Vulnerability Reserved
Nov 3, 2025

CVE-2026-0269 Data

JSON