PALO ALTO Security Advisory
Published Date: May 14, 2026
CVE: CVE-2026-0264
Advisory Summary
❗️ Critical Security Alert: PAN-OS Heap-Based Buffer Overflow Vulnerability
Palo Alto Networks has disclosed a high severity vulnerability identified as CVE-2026-0264 in their PAN-OS platform. This vulnerability involves a heap-based buffer overflow within the DNS Proxy and DNS Server components. Critically, it allows unauthenticated remote attackers to execute arbitrary code on affected devices, posing a significant risk to network security.
This flaw could lead to full compromise of the firewall or security appliance, enabling attackers to bypass protections and potentially disrupt or control network traffic. Organizations running PAN-OS are strongly advised to prioritize deploying the available security patches immediately to mitigate this risk.
- Vulnerability affects DNS proxy/server services in PAN-OS.
- Exploitable remotely without authentication.
- High severity with potential for remote code execution.
- Immediate patching recommended to prevent exploitation.
- Review firewall logs and monitor for unusual DNS traffic as a precaution.
This issue underscores the importance of continuous vulnerability management in network infrastructure devices to maintain secure operations.
Reference: Vendor Advisory