PALO ALTO NETWORKS Security Advisory
Published Date: May 14, 2026
CVE: CVE-2026-0258
Advisory Summary
Palo Alto Networks has disclosed a Medium severity Server-Side Request Forgery (SSRF) vulnerability identified as CVE-2026-0258 affecting PAN-OS. This issue occurs during the IKEv2 Certificate URL fetching process, which could allow a remote attacker to induce the affected device to make unintended requests. Exploiting this vulnerability may lead to unauthorized internal network scans or access attempts, potentially exposing sensitive infrastructure components.
⚠️ Impact: This SSRF vulnerability primarily threatens the integrity of network perimeter defenses and could facilitate lateral movement or reconnaissance within internal environments.
✔️ Recommended Action: Organizations running PAN-OS are advised to review the official security advisory and apply the latest patches or mitigations published by Palo Alto Networks without delay. Ensuring proper network segmentation and monitoring for unusual outbound requests can also reduce risk exposure.
For IT infrastructure managers and security professionals, prompt attention to this vulnerability will help maintain the resilience of critical firewall and VPN gateway deployments leveraging IKEv2.
🔗
Reference: Vendor Advisory