CVE Catalog

CVE-2026-0269

MediumCVSS 4.6
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.02%

4th percentile — higher than 4% of all known CVEs

Summary

CVE-2026-0269 is a memory corruption vulnerability in the processing of tunnel traffic in Palo Alto Networks PAN-OS® software. It allows an authenticated user to initiate system reboots using a maliciously crafted packet.

Risk Assessment

An attacker can exploit this vulnerability to disrupt the firewall's operation, leading to system downtime. Repeated attempts to initiate a reboot can cause the firewall to enter maintenance mode.

Recommendation

It is recommended to monitor and restrict system access to trusted users only, and to update the software to the latest version to minimize the risk of exploitation of this vulnerability.

Original NVD description (English source)

A memory corruption vulnerability in the processing of tunnel traffic in Palo Alto Networks PAN-OS® software allows an authenticated user to initiate system reboots using a maliciously crafted packet. Repeated attempts to initiate a reboot causes the firewall to enter maintenance mode. Panorama, Cloud NGFW, and Prisma® Access are not impacted by this vulnerability.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS