PALO ALTO: 📅 Published on May 28, 2026

PALO ALTO Security Advisory

Published Date: May 28, 2026

CVE: CVE-2026-0264

Advisory Summary

▶️ Critical Security Alert: Heap-Based Buffer Overflow in PAN-OS DNS Components

Palo Alto Networks has disclosed a high-severity vulnerability, identified as CVE-2026-0264, affecting PAN-OS. The flaw is a heap-based buffer overflow located in the DNS proxy and DNS server modules. This vulnerability enables unauthenticated remote attackers to execute arbitrary code on the affected devices, posing a significant threat to network security and operational integrity.

Affected organizations relying on PAN-OS for firewall and security operations should prioritize patch deployment. Exploitation could lead to full system compromise and unauthorized control over critical security infrastructure. This risk underscores the importance of timely updates and continuous monitoring of security advisories related to DNS services within security appliances.

• Immediately assess your environment for PAN-OS versions impacted by this vulnerability.
• Apply the official patches provided by Palo Alto Networks without delay.
• Implement additional network protections and monitoring to detect potential exploitation attempts.

Maintaining up-to-date firmware and rigorous security hygiene is essential to defend against sophisticated DNS-based attacks targeting core network defense mechanisms.

Reference: Vendor Advisory