Zero Day MonitorZDM

← Back to list

7.5

CVE-2026-0263PATCHED

Palo Alto Networks · Cloud NGFW

PAN-OS: Remote Code Execution (RCE) in IKEv2 Processing

Description

A buffer overflow vulnerability in the IKEv2 processing of Palo Alto Networks PAN-OS® software allows an unauthenticated network-based attacker to execute arbitrary code with elevated privileges on the firewall, or cause a denial of service (DoS) condition. Panorama, Cloud NGFW, and Prisma® Access are not impacted by these vulnerabilities.

Affected Products

Vendor	Product	Versions
Palo Alto Networks	Cloud NGFW	12.1.0, 11.2.0, 11.1.0

Also Affects

Downstream vendors/products affected by this vulnerability

Vendor	Product	Source	Confidence
palo alto networks	pan-os	mitre_affected	90%
palo alto networks	prisma access	mitre_affected	90%

References

https://security.paloaltonetworks.com/CVE-2026-0263(vendor-advisory)

Related News (4 articles)

Tier B

BSI Advisories20d ago

[NEU] [hoch] Palo Alto Networks PAN-OS: Mehrere Schwachstellen

→ No new info (linked only)

Tier B

CERT-FR20d ago

Multiples vulnérabilités dans les produits Palo Alto Networks (15 mai 2026)

→ No new info (linked only)

Tier C

VulDB21d ago

CVE-2026-0263 | Palo Alto Cloud NGFW/PAN-OS/Prisma Access IKEv2 out-of-bounds write

→ No new info (linked only)

Tier B

CCCS Canada22d ago

Palo Alto Networks security advisory (AV26-462)

→ No new info (linked only)

CVSS 3.17.5 NONE

CISA KEV❌ No

Actively exploited❌ No

Patch available

All12.1.712.1.4-h511.2.1211.2.10-h611.2.7-h1311.2.4-h1711.1.1511.1.13-h511.1.10-h2511.1.7-h611.1.6-h3211.1.4-h3310.2.0

CWECWE-787

PublishedMay 13, 2026

Last enriched22d agov2

Trending Score5

Source articles4

Independent4

Info Completeness9/14

Missing: epss, kev, exploit, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

HIGHCVE-2026-0257EXP

PAN-OS: GlobalProtect Authentication Bypass Vulnerabilities

NONECVE-2026-0300EXP

PAN-OS: Unauthenticated user initiated Buffer Overflow Vulnerability in User-ID™ Authentication Portal

NONECVE-2026-0264

PAN-OS: Heap-Based Buffer Overflow in DNS Proxy and DNS Server Allows Unauthenticated Remote Code Execution

NONECVE-2026-0265

PAN-OS: Authentication Bypass with Cloud Authentication Service (CAS) enabled

HIGHCVE-2026-0250EXP

GlobalProtect App: Buffer Overflow Vulnerability during connection to Portal or Gateway

Pin to Dashboard

Verification

State: verified

Confidence: 0%

Vulnerability Timeline

CVE Published

May 13, 2026

Discovered by ZDM

May 13, 2026

Updated: affectedVersions, cvssEstimate

May 13, 2026

Patch Available

May 14, 2026

Version History

v2

Last enriched 22d ago

v2Tier B22d ago

Updated affected versions, severity to HIGH, CVSS estimate to 7.5, and marked the vulnerability as actively exploited with an exploit available.

affectedVersionscvssEstimate

via CCCS Canada

v122d ago

Initial creation