PALO ALTO: Reference: CVE-2026-0264 PAN-OS Security Advisory

PALO ALTO Security Advisory

Published Date: May 28, 2026

CVE: CVE-2026-0264

Advisory Summary

❗❗ HIGH SEVERITY SECURITY ALERT ❗❗
A critical heap-based buffer overflow vulnerability (CVE-2026-0264) has been discovered in PAN-OS affecting the DNS Proxy and DNS Server components. This flaw allows unauthenticated remote attackers to execute arbitrary code, posing a significant risk of full system compromise on vulnerable Palo Alto Networks firewalls.

• Remote code execution without authentication
• Potential full device takeover
• Threat to network perimeter security integrity

• Immediate review of the Palo Alto Networks security advisory
• Prioritize patching or updating to the fixed PAN-OS version
• Monitor firewall DNS services for unusual activity

This vulnerability demands swift attention from IT security teams managing Palo Alto infrastructure to maintain robust perimeter defenses and prevent exploitation by threat actors.

Reference: Vendor Advisory