Incorrect Calculation of Buffer Size in Palo Alto PAN-OS - CVE-2026-0280

 

Incorrect Calculation of Buffer Size in Palo Alto PAN-OS - CVE-2026-0280

Published: July 10, 2026


Vulnerability identifier: #VU137309
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2026-0280
CWE-ID: CWE-131
Exploitation vector: Remote access
Exploit availability: No public exploit available
Vendor: Palo Alto Networks, Inc.
Affected software:
Palo Alto PAN-OS

Detailed vulnerability description

The vulnerability allows a remote attacker to bypass firewall security policy enforcement.

The vulnerability exists due to incorrect calculation of buffer size in the dataplane when processing IPv6 packets. A remote attacker can send crafted network traffic to bypass firewall security policy enforcement.

Only firewalls with IPv6 enabled on one or more interfaces are vulnerable. Cloud NGFW and Panorama are not impacted by this vulnerability.


How to mitigate CVE-2026-0280

Install security update from vendor's website.

Sources