Main Vulnerability Database SB2026061641

SB2026061641 - Denial of service in Palo Alto PAN-OS

Published: June 16, 2026

Security Bulletin ID SB2026061641

CSH Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Adjecent network

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 vulnerability.

1) Improper Check for Unusual or Exceptional Conditions (CVE-ID: CVE-2026-0269)

CWE-ID: CWE-754 - Improper Check for Unusual or Exceptional Conditions

CVSSv4: CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

The vulnerability allows a remote user to cause a denial of service.

The vulnerability exists due to memory corruption in tunnel traffic processing when handling maliciously crafted tunnel packets. A remote user can send a maliciously crafted packet to cause a denial of service.

Repeated exploitation attempts can cause the firewall to enter maintenance mode. The issue affects firewalls configured with IPSec tunnels or GlobalProtect gateways for remote access.

Remediation

Install update from vendor's website.

References

https://security.paloaltonetworks.com/CVE-2026-0269