Product

VM-Series Firewalls

2 briefs RSS

CVE-2026-0265 PAN-OS Authentication Bypass with Cloud Authentication Service (CAS)

CVE-2026-0265 is an authentication bypass vulnerability in Palo Alto Networks PAN-OS when Cloud Authentication Service (CAS) is enabled, allowing an unauthenticated attacker with network access to bypass authentication controls, impacting confidentiality, integrity, and availability.

PAN-OS +3 authentication-bypass cve-2026-0265 network

2r 1t May 13, 2026

critical advisory

PAN-OS Authentication Portal Remote Code Execution Vulnerability

2 rules 1 TTP

An unauthenticated remote code execution vulnerability exists in the PAN-OS Authentication Portal (Captive Portal) service, potentially allowing attackers to execute arbitrary code with root privileges on PA-Series and VM-Series firewalls by sending crafted network packets.

PAN-OS +2 vulnerability rce network

2r 1t May 7, 2026