Home
LOW: 1.7 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/AU:Y/V:D/RE:M/U:AmberDefault status
unaffected
All (custom)
unaffected
Default status
unaffected
12.1.0 (custom) before 12.1.8
affected
11.2.0 (custom) before 11.2.13
affected
11.1.0 (custom) before 11.1.16
affected
10.2.0 (custom) before 10.2.18-h8
affected
Default status
unaffected
All (custom)
unaffected
Default status
unaffected
11.2.0 (custom) before 11.2.7-h18
affected
10.2.0 (custom) before 10.2.10-h39
affected
Description
An IPv6 packet processing vulnerability in the dataplane of Palo Alto Networks PAN-OS® software enables an unauthenticated attacker to bypass firewall security policy enforcement, allowing network traffic that should be blocked to reach protected services. Cloud NGFW and Panorama are not impacted by this vulnerability.
Problem types
CWE-131 Incorrect Calculation of Buffer Size
Product status
All (custom)
12.1.0 (custom) before 12.1.8
11.2.0 (custom) before 11.2.13
11.1.0 (custom) before 11.1.16
10.2.0 (custom) before 10.2.18-h8
All (custom)
11.2.0 (custom) before 11.2.7-h18
10.2.0 (custom) before 10.2.10-h39
Timeline
| 2026-07-08: | Initial Publication |
Credits
Curious of TRAPA Security
References
security.paloaltonetworks.com/CVE-2026-0280