Main Vulnerability Database Exploits ID:12741 - Exploit for Improper Verification of Cryptographic Signature in Palo Alto PAN-OS - CVE-2026-0265

ID:12741 - Exploit for Improper Verification of Cryptographic Signature in Palo Alto PAN-OS - CVE-2026-0265

Published: May 22, 2026

Vulnerability identifier: #VU131771

Vulnerability risk: High

CVE-ID: CVE-2026-0265

CWE-ID: CWE-347

Exploitation vector: Remote access

Vulnerable software:
Palo Alto PAN-OS

Link to public exploit:

https://github.com/tstephens1080/palo-alto-cve-2026-0265-checker

Vulnerability description

The vulnerability allows a remote attacker to bypass authentication controls.

The vulnerability exists due to improper verification of cryptographic signature in the Cloud Authentication Service (CAS) authentication mechanism when handling authentication requests on a login interface with CAS enabled. A remote attacker can send a crafted authentication request to bypass authentication controls.

The risk is higher when CAS is enabled on the management interface.

Remediation

Install security update from vendor's website.

ID:12741 - Exploit for Improper Verification of Cryptographic Signature in Palo Alto PAN-OS - CVE-2026-0265

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human