Improper Check for Unusual or Exceptional Conditions in Palo Alto PAN-OS - CVE-2026-0269
Published: June 16, 2026
Vulnerability identifier: #VU134593
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2026-0269
CWE-ID: CWE-754
Exploitation vector: Adjecent network
Exploit availability:
No public exploit available
Vendor: Palo Alto Networks, Inc.
Affected software:
Palo Alto PAN-OS
Palo Alto PAN-OS
Detailed vulnerability description
The vulnerability allows a remote user to cause a denial of service.
The vulnerability exists due to memory corruption in tunnel traffic processing when handling maliciously crafted tunnel packets. A remote user can send a maliciously crafted packet to cause a denial of service.
Repeated exploitation attempts can cause the firewall to enter maintenance mode. The issue affects firewalls configured with IPSec tunnels or GlobalProtect gateways for remote access.
How to mitigate CVE-2026-0269
Install security update from vendor's website.