{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2026-0265","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","state":"PUBLISHED","assignerShortName":"palo_alto","dateReserved":"2025-11-03T20:44:25.538Z","datePublished":"2026-05-13T17:38:33.822Z","dateUpdated":"2026-05-14T10:31:44.019Z"},"containers":{"cna":{"providerMetadata":{"orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto","dateUpdated":"2026-05-13T17:38:33.822Z"},"title":"PAN-OS: Authentication Bypass with Cloud Authentication Service (CAS) enabled","datePublic":"2026-05-13T16:00:00.000Z","problemTypes":[{"descriptions":[{"lang":"en","cweId":"CWE-347","description":"CWE-347 Improper Verification of Cryptographic Signature","type":"CWE"}]}],"impacts":[{"capecId":"CAPEC-115","descriptions":[{"lang":"en","value":"CAPEC-115 Authentication Bypass"}]}],"affected":[{"vendor":"Palo Alto Networks","product":"Cloud NGFW","versions":[{"status":"unaffected","version":"All","versionType":"custom"}],"defaultStatus":"unaffected"},{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"status":"affected","version":"12.1.0","lessThan":"12.1.7, 12.1.4-h5","changes":[{"at":"12.1.4-h5","status":"unaffected"},{"at":"12.1.7","status":"unaffected"}],"versionType":"custom"},{"status":"affected","version":"11.2.0","lessThan":"11.2.12, 11.2.10-h6, 11.2.7-h13, 11.2.4-h17","changes":[{"at":"11.2.4-h17","status":"unaffected"},{"at":"11.2.7-h13","status":"unaffected"},{"at":"11.2.10-h6","status":"unaffected"},{"at":"11.2.12","status":"unaffected"}],"versionType":"custom"},{"status":"affected","version":"11.1.0","lessThan":"11.1.15, 11.1.13-h5, 11.1.10-h25, 11.1.7-h6, 11.1.6-h32, 11.1.4-h33","changes":[{"at":"11.1.4-h33","status":"unaffected"},{"at":"11.1.6-h32","status":"unaffected"},{"at":"11.1.7-h6","status":"unaffected"},{"at":"11.1.10-h25","status":"unaffected"},{"at":"11.1.13-h5","status":"unaffected"},{"at":"11.1.15","status":"unaffected"}],"versionType":"custom"},{"status":"affected","version":"10.2.0","lessThan":"10.2.18-h6, 10.2.16-h7, 10.2.13-h21, 10.2.10-h36, 10.2.7-h34","changes":[{"at":"10.2.7-h34","status":"unaffected"},{"at":"10.2.10-h36","status":"unaffected"},{"at":"10.2.13-h21","status":"unaffected"},{"at":"10.2.16-h7","status":"unaffected"},{"at":"10.2.18-h6","status":"unaffected"}],"versionType":"custom"}],"defaultStatus":"unaffected","cpes":["cpe:2.3:o:palo_alto_networks:pan-os:12.1.6:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:12.1.5:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.11:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h5:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h12:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h11:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h10:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h8:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h15:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h14:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h12:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h11:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h10:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h9:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h8:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h6:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h5:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.14:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.12:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h21:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h12:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h10:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h9:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h5:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h29:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h25:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h23:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h22:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h21:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h20:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h19:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h18:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h17:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h14:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h10:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h6:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h32:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h27:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h25:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h18:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h17:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h15:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h13:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h12:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h11:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h10:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h9:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h8:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h6:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h5:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h5:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.17:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h6:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.15:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.14:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h18:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h16:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h15:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h10:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h5:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.12:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.11:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h31:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h30:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h27:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h26:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h23:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h21:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h18:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h17:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h14:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h13:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h12:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h11:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h10:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h9:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h8:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h6:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h5:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h32:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h24:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h23:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h22:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h21:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h20:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h19:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h18:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h17:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h16:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h15:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h14:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h13:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h12:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h11:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h10:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h9:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h8:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h6:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h5:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*"]},{"vendor":"Palo Alto Networks","product":"Prisma Access","versions":[{"status":"unaffected","version":"All","versionType":"custom"}],"defaultStatus":"unaffected"}],"cpeApplicability":[{"operator":"OR","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:a:palo_alto_networks:cloud_ngfw:all:*:*:*:*:*:*:*"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"12.1.0","versionEndExcluding":"12.1.7_12.1.4-h5"},{"vulnerable":true,"criteria":"cpe:2.3:a:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"11.2.0","versionEndExcluding":"11.2.12_11.2.10-h6_11.2.7-h13_11.2.4-h17"},{"vulnerable":true,"criteria":"cpe:2.3:a:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"11.1.0","versionEndExcluding":"11.1.15_11.1.13-h5_11.1.10-h25_11.1.7-h6_11.1.6-h32_11.1.4-h33"},{"vulnerable":true,"criteria":"cpe:2.3:a:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"10.2.0","versionEndExcluding":"10.2.18-h6_10.2.16-h7_10.2.13-h21_10.2.10-h36_10.2.7-h34"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:a:palo_alto_networks:prisma_access:all:*:*:*:*:*:*:*"}]}]}],"descriptions":[{"lang":"en","value":"An authentication bypass vulnerability in Palo Alto Networks PAN-OS® software enables an unauthenticated attacker with network access to bypass authentication controls when Cloud Authentication Service (CAS) is enabled.\n\n\n\nThe risk is higher if CAS is enabled on the management interface and lower when any other login interfaces are used.\n\nThe risk of this issue is greatly reduced if you secure access to the management web interface by restricting access to only trusted internal IP addresses according to our recommended best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 .\n\nThis issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series).\n\nCloud NGFW and Prisma Access® are not impacted by this vulnerability.","supportingMedia":[{"type":"text/html","base64":false,"value":"

An authentication bypass vulnerability in Palo Alto Networks PAN-OS® software enables an unauthenticated attacker with network access to bypass authentication controls when Cloud Authentication Service (CAS) is enabled.

The risk is higher if CAS is enabled on the management interface and lower when any other login interfaces are used.

The risk of this issue is greatly reduced if you secure access to the management web interface by restricting access to only trusted internal IP addresses according to our recommended best practice deployment guidelines.

This issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series).

Cloud NGFW and Prisma Access® are not impacted by this vulnerability.

"}]}],"references":[{"url":"https://security.paloaltonetworks.com/CVE-2026-0265","tags":["vendor-advisory"]}],"metrics":[{"format":"CVSS","scenarios":[{"lang":"en","value":"The risk is highest when you allow access to the management interface from external IP addresses on the internet."}],"cvssV4_0":{"attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","subConfidentialityImpact":"NONE","vulnIntegrityImpact":"HIGH","subIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subAvailabilityImpact":"NONE","exploitMaturity":"UNREPORTED","Safety":"NOT_DEFINED","Automatable":"NO","Recovery":"USER","valueDensity":"DIFFUSE","vulnerabilityResponseEffort":"MODERATE","providerUrgency":"RED","version":"4.0","baseSeverity":"HIGH","baseScore":7.2,"vectorString":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Red"}},{"format":"CVSS","scenarios":[{"lang":"en","value":"If you configure restricted access to a jump box that is the only system allowed to access the management interface, you greatly reduce the risk of exploitation because attacks would require privileged access using only those IP addresses."}],"cvssV4_0":{"attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","subConfidentialityImpact":"NONE","vulnIntegrityImpact":"HIGH","subIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subAvailabilityImpact":"NONE","exploitMaturity":"UNREPORTED","Safety":"NOT_DEFINED","Automatable":"NO","Recovery":"USER","valueDensity":"DIFFUSE","vulnerabilityResponseEffort":"MODERATE","providerUrgency":"AMBER","version":"4.0","baseSeverity":"MEDIUM","baseScore":4.8,"vectorString":"CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber"}},{"format":"CVSS","scenarios":[{"lang":"en","value":"If authentication profile with CAS is enabled on any other login based interface, the risk is lower."}],"cvssV4_0":{"attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","subConfidentialityImpact":"HIGH","vulnIntegrityImpact":"NONE","subIntegrityImpact":"HIGH","vulnAvailabilityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"UNREPORTED","Safety":"NOT_DEFINED","Automatable":"NO","Recovery":"USER","valueDensity":"DIFFUSE","vulnerabilityResponseEffort":"MODERATE","providerUrgency":"AMBER","version":"4.0","baseSeverity":"LOW","baseScore":2.7,"vectorString":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber"}}],"configurations":[{"lang":"eng","value":"Customers are impacted if the following conditions are true:\n\n 1. Authentication Profile with CAS is enabled and\n 2. Authentication profile is attached to a login interface.\n\nTo verify if you have CAS enabled, see our documentation on authentication profile in management interface (https://docs.paloaltonetworks.com/ngfw/help/10-2/device/device-authentication-profile/configure-an-authentication-profile). \n\nTo verify if the CAS authentication profile is attached to your configurations in the PAN-OS management interface:\n\n 1. Navigate to Device > Setup > Management > Authentication Settings > Authentication Profile.\n 2. Navigate to Device > User Identification > Authentication Portal Settings.\n 3. Navigate to Network > Gateways > GlobalProtect Gateway Configuration.\n 4. Navigate to Network > Portals > GlobalProtect Portal Configuration.\n\nTo verify if the CAS authentication profile is attached to your configurations in the SCM profile:\n\n 1. Navigate to Configuration > NGFW and Prisma Access in the SCM profile. Go to Identity Services > Authentication > Authentication Profile. \n 2. Navigate to Device > Device Setup > Authentication and Accounting Settings > Authentication profile, and confirm the attached profile is set to CAS as auth method.","supportingMedia":[{"type":"text/html","base64":false,"value":"

Customers are impacted if the following conditions are true:

  1. Authentication Profile with CAS is enabled and
  2. Authentication profile is attached to a login interface.

To verify if you have CAS enabled, see our documentation on authentication profile in management interface

To verify if the CAS authentication profile is attached to your configurations in the PAN-OS management interface:

  1. Navigate to Device > Setup > Management > Authentication Settings > Authentication Profile.
  2. Navigate to Device > User Identification > Authentication Portal Settings.
  3. Navigate to Network > Gateways > GlobalProtect Gateway Configuration.
  4. Navigate to Network > Portals > GlobalProtect Portal Configuration.

To verify if the CAS authentication profile is attached to your configurations in the SCM profile:

  1. Navigate to Configuration > NGFW and Prisma Access in the SCM profile. Go to Identity Services > Authentication > Authentication Profile.  
  2. Navigate to Device > Device Setup > Authentication and Accounting Settings > Authentication profile, and confirm the attached profile is set to CAS as auth method.
"}]}],"workarounds":[{"lang":"eng","value":"The vast majority of firewalls already follow Palo Alto Networks' and industry best practices. However, if you haven’t already, we strongly recommend that you secure access to your management interface according to our best practice deployment guidelines. Specifically, you should restrict access to the management interface to only trusted internal IP addresses to prevent external access from the internet.\n\nReview information about how to secure management access to your Palo Alto Networks firewalls:\n\n * Palo Alto Networks LIVEcommunity article: https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431\n * Palo Alto Networks official and more detailed technical documentation: https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices \n\nTo temporarily mitigate this issue, customers can disable the Cloud Authentication Service (CAS) by changing the associated authentication profile to SAML, RADIUS, or other supported authentication methods.\n\nCustomers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat ID 510008 from Applications and Threats content version 9100-10044 and later. Threat ID 510008 depends on features present in PAN-OS 11.2 and above.\n\nTo ensure the Threat ID provides effective protection against this vulnerability, follow these steps:\n\n * Route incoming traffic for the MGT port through a DP port (https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices#id59206398-3dab-4b2f-9b4b-7ea500d036ba), e.g., enabling management profile on a DP interface for management access. \n * Ensure that vulnerability protection security profile is applied to your GlobalProtect interface (https://live.paloaltonetworks.com/t5/globalprotect-articles/applying-vulnerability-protection-to-globalprotect-interfaces/ta-p/340184). \n * Replace the default certificate for Inbound Traffic Management (https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices#id112f7714-8995-4496-bbf9-781e63dec71c). \n * Decrypt inbound traffic to the management interface so the firewall can inspect it (https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices#idbbd82587-17a2-42b4-9245-d3714e1e13a2). \n * Enable Threat Prevention on the inbound traffic to management services.","supportingMedia":[{"type":"text/html","base64":false,"value":"

The vast majority of firewalls already follow Palo Alto Networks' and industry best practices. However, if you haven’t already, we strongly recommend that you secure access to your management interface according to our best practice deployment guidelines. Specifically, you should restrict access to the management interface to only trusted internal IP addresses to prevent external access from the internet.

Review information about how to secure management access to your Palo Alto Networks firewalls:

To temporarily mitigate this issue, customers can disable the Cloud Authentication Service (CAS) by changing the associated authentication profile to SAML, RADIUS, or other supported authentication methods.

Customers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat ID 510008 from Applications and Threats content version 9100-10044 and later. Threat ID 510008 depends on features present in PAN-OS 11.2 and above.

To ensure the Threat ID provides effective protection against this vulnerability, follow these steps:
"}]}],"solutions":[{"lang":"eng","value":"VERSION MINOR VERSION RANGE SUGGESTED SOLUTION\nCloud NGFW No action needed.\nPAN-OS 12.1 12.1.5 through 12.1.6 Upgrade to 12.1.7 or later.\n 12.1.2 through 12.1.4-h* Upgrade to 12.1.4-h5 or 12.1.7 or later.\nPAN-OS 11.2 11.2.11 or later Upgrade to 11.2.12 or later.\n 11.2.8 through 11.2.10-h* Upgrade to 11.2.10-h6 or 11.2.12 or later.\n 11.2.5 through 11.2.7-h* Upgrade to 11.2.7-h13 or 11.2.12 or later.\n 11.2.0 through 11.2.4-h* Upgrade to 11.2.4-h17 or 11.2.12 or later.\nPAN-OS 11.1 11.1.14 or later Upgrade to 11.1.15 or later.\n 11.1.11 through 11.1.13-h* Upgrade to 11.1.13-h5 or 11.1.15 or later.\n 11.1.8 through 11.1.10-h* Upgrade to 11.1.10-h25 or 11.1.15 or later.\n 11.1.7 through 11.1.7-h* Upgrade to 11.1.7-h6 or 11.1.15 or later.\n 11.1.5 through 11.1.6-h* Upgrade to 11.1.6-h32 or 11.1.15 or later.\n 11.1.0 through 11.1.4-h* Upgrade to 11.1.4-h33 or 11.1.15 or later.\nPAN-OS 10.2 10.2.17 through 10.2.18-h* Upgrade to 10.2.18-h6 or later.\n 10.2.14 through 10.2.16-h* Upgrade to 10.2.16-h7 or 10.2.18-h6 or later.\n 10.2.11 through 10.2.13-h* Upgrade to 10.2.13-h21 or 10.2.18-h6 or later.\n 10.2.8 through 10.2.10-h* Upgrade to 10.2.10-h36 or 10.2.18-h6 or later.\n 10.2.0 through 10.2.7-h* Upgrade to 10.2.7-h34 or 10.2.18-h6 or later.\nAll older Upgrade to a supported fixed version.\nunsupported\nPAN-OS versions\nPrisma Access No action needed.","supportingMedia":[{"type":"text/html","base64":false,"value":"
VersionMinor Version RangeSuggested Solution
Cloud NGFW
No action needed.
PAN-OS 12.112.1.5 through 12.1.6Upgrade to 12.1.7 or later.

12.1.2 through 12.1.4-h*Upgrade to 12.1.4-h5 or 12.1.7 or later.
PAN-OS 11.211.2.11 or laterUpgrade to 11.2.12 or later.

11.2.8 through 11.2.10-h*Upgrade to 11.2.10-h6 or 11.2.12 or later.

11.2.5 through 11.2.7-h*Upgrade to 11.2.7-h13 or 11.2.12 or later.

11.2.0 through 11.2.4-h*Upgrade to 11.2.4-h17 or 11.2.12 or later.
PAN-OS 11.111.1.14 or laterUpgrade to 11.1.15 or later.

11.1.11 through 11.1.13-h*Upgrade to 11.1.13-h5 or 11.1.15 or later.

11.1.8 through 11.1.10-h*Upgrade to 11.1.10-h25 or 11.1.15 or later.

11.1.7 through 11.1.7-h*Upgrade to 11.1.7-h6 or 11.1.15 or later.

11.1.5 through 11.1.6-h*Upgrade to 11.1.6-h32 or 11.1.15 or later.

11.1.0 through 11.1.4-h*Upgrade to 11.1.4-h33 or 11.1.15 or later.
PAN-OS 10.210.2.17 through 10.2.18-h*Upgrade to 10.2.18-h6 or later.

10.2.14 through 10.2.16-h*Upgrade to 10.2.16-h7 or 10.2.18-h6 or later.

10.2.11 through 10.2.13-h*Upgrade to 10.2.13-h21 or 10.2.18-h6 or later.

10.2.8 through 10.2.10-h*Upgrade to 10.2.10-h36 or 10.2.18-h6 or later.

10.2.0 through 10.2.7-h*Upgrade to 10.2.7-h34 or 10.2.18-h6 or later.
All older
unsupported
PAN-OS versions
Upgrade to a supported fixed version.
Prisma Access
No action needed.
"}]}],"exploits":[{"lang":"en","value":"Palo Alto Networks is not aware of any malicious exploitation of this issue.","supportingMedia":[{"type":"text/html","base64":false,"value":"

Palo Alto Networks is not aware of any malicious exploitation of this issue.

"}]}],"timeline":[{"time":"2026-05-13T16:00:00.000Z","lang":"en","value":"Initial Publication."}],"credits":[{"lang":"en","value":"Palo Alto Networks thanks Harsh Jaiswal from Hacktron AI and our internal security research teams for discovering and reporting this issue.","type":"other"}],"source":{"discovery":"EXTERNAL"},"x_generator":{"engine":"Vulnogram 0.1.0-dev"},"x_affectedList":["PAN-OS 12.1.6","PAN-OS 12.1.5","PAN-OS 12.1.4-h3","PAN-OS 12.1.4-h2","PAN-OS 12.1.4","PAN-OS 12.1.3-h3","PAN-OS 12.1.3-h1","PAN-OS 12.1.3","PAN-OS 12.1.2","PAN-OS 11.2.11","PAN-OS 11.2.10-h5","PAN-OS 11.2.10-h4","PAN-OS 11.2.10-h3","PAN-OS 11.2.10-h2","PAN-OS 11.2.10-h1","PAN-OS 11.2.10","PAN-OS 11.2.9","PAN-OS 11.2.8","PAN-OS 11.2.7-h12","PAN-OS 11.2.7-h11","PAN-OS 11.2.7-h10","PAN-OS 11.2.7-h8","PAN-OS 11.2.7-h7","PAN-OS 11.2.7-h4","PAN-OS 11.2.7-h3","PAN-OS 11.2.7-h2","PAN-OS 11.2.7-h1","PAN-OS 11.2.7","PAN-OS 11.2.6","PAN-OS 11.2.5","PAN-OS 11.2.4-h15","PAN-OS 11.2.4-h14","PAN-OS 11.2.4-h12","PAN-OS 11.2.4-h11","PAN-OS 11.2.4-h10","PAN-OS 11.2.4-h9","PAN-OS 11.2.4-h8","PAN-OS 11.2.4-h7","PAN-OS 11.2.4-h6","PAN-OS 11.2.4-h5","PAN-OS 11.2.4-h4","PAN-OS 11.2.4-h3","PAN-OS 11.2.4-h2","PAN-OS 11.2.4-h1","PAN-OS 11.2.4","PAN-OS 11.2.3-h5","PAN-OS 11.2.3-h4","PAN-OS 11.2.3-h3","PAN-OS 11.2.3-h2","PAN-OS 11.2.3-h1","PAN-OS 11.2.3","PAN-OS 11.2.2-h2","PAN-OS 11.2.2-h1","PAN-OS 11.2.1-h1","PAN-OS 11.2.1","PAN-OS 11.2.0-h1","PAN-OS 11.2.0","PAN-OS 11.1.14","PAN-OS 11.1.13-h3","PAN-OS 11.1.13-h2","PAN-OS 11.1.13-h1","PAN-OS 11.1.13","PAN-OS 11.1.12","PAN-OS 11.1.11","PAN-OS 11.1.10-h21","PAN-OS 11.1.10-h12","PAN-OS 11.1.10-h10","PAN-OS 11.1.10-h9","PAN-OS 11.1.10-h7","PAN-OS 11.1.10-h5","PAN-OS 11.1.10-h4","PAN-OS 11.1.10-h1","PAN-OS 11.1.10","PAN-OS 11.1.9","PAN-OS 11.1.8","PAN-OS 11.1.6-h29","PAN-OS 11.1.6-h25","PAN-OS 11.1.6-h23","PAN-OS 11.1.6-h22","PAN-OS 11.1.6-h21","PAN-OS 11.1.6-h20","PAN-OS 11.1.6-h19","PAN-OS 11.1.6-h18","PAN-OS 11.1.6-h17","PAN-OS 11.1.6-h14","PAN-OS 11.1.6-h10","PAN-OS 11.1.6-h7","PAN-OS 11.1.6-h6","PAN-OS 11.1.6-h4","PAN-OS 11.1.6-h3","PAN-OS 11.1.6-h2","PAN-OS 11.1.6-h1","PAN-OS 11.1.6","PAN-OS 11.1.5-h1","PAN-OS 11.1.5","PAN-OS 11.1.4-h32","PAN-OS 11.1.4-h27","PAN-OS 11.1.4-h25","PAN-OS 11.1.4-h18","PAN-OS 11.1.4-h17","PAN-OS 11.1.4-h15","PAN-OS 11.1.4-h13","PAN-OS 11.1.4-h12","PAN-OS 11.1.4-h11","PAN-OS 11.1.4-h10","PAN-OS 11.1.4-h9","PAN-OS 11.1.4-h8","PAN-OS 11.1.4-h7","PAN-OS 11.1.4-h6","PAN-OS 11.1.4-h5","PAN-OS 11.1.4-h4","PAN-OS 11.1.4-h3","PAN-OS 11.1.4-h2","PAN-OS 11.1.4-h1","PAN-OS 11.1.4","PAN-OS 11.1.3-h13","PAN-OS 11.1.3-h12","PAN-OS 11.1.3-h11","PAN-OS 11.1.3-h10","PAN-OS 11.1.3-h9","PAN-OS 11.1.3-h8","PAN-OS 11.1.3-h7","PAN-OS 11.1.3-h6","PAN-OS 11.1.3-h5","PAN-OS 11.1.3-h4","PAN-OS 11.1.3-h3","PAN-OS 11.1.3-h2","PAN-OS 11.1.3-h1","PAN-OS 11.1.3","PAN-OS 11.1.2-h18","PAN-OS 11.1.2-h17","PAN-OS 11.1.2-h16","PAN-OS 11.1.2-h15","PAN-OS 11.1.2-h14","PAN-OS 11.1.2-h13","PAN-OS 11.1.2-h12","PAN-OS 11.1.2-h11","PAN-OS 11.1.2-h10","PAN-OS 11.1.2-h9","PAN-OS 11.1.2-h8","PAN-OS 11.1.2-h7","PAN-OS 11.1.2-h6","PAN-OS 11.1.2-h5","PAN-OS 11.1.2-h4","PAN-OS 11.1.2-h3","PAN-OS 11.1.2-h2","PAN-OS 11.1.2-h1","PAN-OS 11.1.2","PAN-OS 11.1.1-h2","PAN-OS 11.1.1-h1","PAN-OS 11.1.1","PAN-OS 11.1.0-h4","PAN-OS 11.1.0-h3","PAN-OS 11.1.0-h2","PAN-OS 11.1.0-h1","PAN-OS 11.1.0","PAN-OS 10.2.18-h5","PAN-OS 10.2.18-h1","PAN-OS 10.2.18","PAN-OS 10.2.17","PAN-OS 10.2.16-h6","PAN-OS 10.2.16-h4","PAN-OS 10.2.16-h1","PAN-OS 10.2.16","PAN-OS 10.2.15","PAN-OS 10.2.14-h1","PAN-OS 10.2.14","PAN-OS 10.2.13-h18","PAN-OS 10.2.13-h16","PAN-OS 10.2.13-h15","PAN-OS 10.2.13-h10","PAN-OS 10.2.13-h7","PAN-OS 10.2.13-h5","PAN-OS 10.2.13-h4","PAN-OS 10.2.13-h3","PAN-OS 10.2.13-h2","PAN-OS 10.2.13-h1","PAN-OS 10.2.13","PAN-OS 10.2.12-h6","PAN-OS 10.2.12-h5","PAN-OS 10.2.12-h4","PAN-OS 10.2.12-h3","PAN-OS 10.2.12-h2","PAN-OS 10.2.12-h1","PAN-OS 10.2.12","PAN-OS 10.2.11-h13","PAN-OS 10.2.11-h12","PAN-OS 10.2.11-h11","PAN-OS 10.2.11-h10","PAN-OS 10.2.11-h9","PAN-OS 10.2.11-h8","PAN-OS 10.2.11-h7","PAN-OS 10.2.11-h6","PAN-OS 10.2.11-h5","PAN-OS 10.2.11-h4","PAN-OS 10.2.11-h3","PAN-OS 10.2.11-h2","PAN-OS 10.2.11-h1","PAN-OS 10.2.11","PAN-OS 10.2.10-h31","PAN-OS 10.2.10-h30","PAN-OS 10.2.10-h27","PAN-OS 10.2.10-h26","PAN-OS 10.2.10-h23","PAN-OS 10.2.10-h21","PAN-OS 10.2.10-h18","PAN-OS 10.2.10-h17","PAN-OS 10.2.10-h14","PAN-OS 10.2.10-h13","PAN-OS 10.2.10-h12","PAN-OS 10.2.10-h11","PAN-OS 10.2.10-h10","PAN-OS 10.2.10-h9","PAN-OS 10.2.10-h8","PAN-OS 10.2.10-h7","PAN-OS 10.2.10-h6","PAN-OS 10.2.10-h5","PAN-OS 10.2.10-h4","PAN-OS 10.2.10-h3","PAN-OS 10.2.10-h2","PAN-OS 10.2.10-h1","PAN-OS 10.2.10","PAN-OS 10.2.9-h21","PAN-OS 10.2.9-h20","PAN-OS 10.2.9-h19","PAN-OS 10.2.9-h18","PAN-OS 10.2.9-h17","PAN-OS 10.2.9-h16","PAN-OS 10.2.9-h15","PAN-OS 10.2.9-h14","PAN-OS 10.2.9-h13","PAN-OS 10.2.9-h12","PAN-OS 10.2.9-h11","PAN-OS 10.2.9-h10","PAN-OS 10.2.9-h9","PAN-OS 10.2.9-h8","PAN-OS 10.2.9-h7","PAN-OS 10.2.9-h6","PAN-OS 10.2.9-h5","PAN-OS 10.2.9-h4","PAN-OS 10.2.9-h3","PAN-OS 10.2.9-h2","PAN-OS 10.2.9-h1","PAN-OS 10.2.9","PAN-OS 10.2.8-h21","PAN-OS 10.2.8-h20","PAN-OS 10.2.8-h19","PAN-OS 10.2.8-h18","PAN-OS 10.2.8-h17","PAN-OS 10.2.8-h16","PAN-OS 10.2.8-h15","PAN-OS 10.2.8-h14","PAN-OS 10.2.8-h13","PAN-OS 10.2.8-h12","PAN-OS 10.2.8-h11","PAN-OS 10.2.8-h10","PAN-OS 10.2.8-h9","PAN-OS 10.2.8-h8","PAN-OS 10.2.8-h7","PAN-OS 10.2.8-h6","PAN-OS 10.2.8-h5","PAN-OS 10.2.8-h4","PAN-OS 10.2.8-h3","PAN-OS 10.2.8-h2","PAN-OS 10.2.8-h1","PAN-OS 10.2.8","PAN-OS 10.2.7-h32","PAN-OS 10.2.7-h24","PAN-OS 10.2.7-h23","PAN-OS 10.2.7-h22","PAN-OS 10.2.7-h21","PAN-OS 10.2.7-h20","PAN-OS 10.2.7-h19","PAN-OS 10.2.7-h18","PAN-OS 10.2.7-h17","PAN-OS 10.2.7-h16","PAN-OS 10.2.7-h15","PAN-OS 10.2.7-h14","PAN-OS 10.2.7-h13","PAN-OS 10.2.7-h12","PAN-OS 10.2.7-h11","PAN-OS 10.2.7-h10","PAN-OS 10.2.7-h9","PAN-OS 10.2.7-h8","PAN-OS 10.2.7-h7","PAN-OS 10.2.7-h6","PAN-OS 10.2.7-h5","PAN-OS 10.2.7-h4","PAN-OS 10.2.7-h3","PAN-OS 10.2.7-h2","PAN-OS 10.2.7-h1","PAN-OS 10.2.7","PAN-OS 10.2.6-h6","PAN-OS 10.2.6-h5","PAN-OS 10.2.6-h4","PAN-OS 10.2.6-h3","PAN-OS 10.2.6-h2","PAN-OS 10.2.6-h1","PAN-OS 10.2.6","PAN-OS 10.2.5-h9","PAN-OS 10.2.5-h8","PAN-OS 10.2.5-h7","PAN-OS 10.2.5-h6","PAN-OS 10.2.5-h5","PAN-OS 10.2.5-h4","PAN-OS 10.2.5-h3","PAN-OS 10.2.5-h2","PAN-OS 10.2.5-h1","PAN-OS 10.2.5","PAN-OS 10.2.4-h32","PAN-OS 10.2.4-h31","PAN-OS 10.2.4-h30","PAN-OS 10.2.4-h29","PAN-OS 10.2.4-h28","PAN-OS 10.2.4-h27","PAN-OS 10.2.4-h26","PAN-OS 10.2.4-h25","PAN-OS 10.2.4-h24","PAN-OS 10.2.4-h23","PAN-OS 10.2.4-h22","PAN-OS 10.2.4-h21","PAN-OS 10.2.4-h20","PAN-OS 10.2.4-h19","PAN-OS 10.2.4-h18","PAN-OS 10.2.4-h17","PAN-OS 10.2.4-h16","PAN-OS 10.2.4-h15","PAN-OS 10.2.4-h14","PAN-OS 10.2.4-h13","PAN-OS 10.2.4-h12","PAN-OS 10.2.4-h11","PAN-OS 10.2.4-h10","PAN-OS 10.2.4-h9","PAN-OS 10.2.4-h8","PAN-OS 10.2.4-h7","PAN-OS 10.2.4-h6","PAN-OS 10.2.4-h5","PAN-OS 10.2.4-h4","PAN-OS 10.2.4-h3","PAN-OS 10.2.4-h2","PAN-OS 10.2.4-h1","PAN-OS 10.2.4","PAN-OS 10.2.3-h14","PAN-OS 10.2.3-h13","PAN-OS 10.2.3-h12","PAN-OS 10.2.3-h11","PAN-OS 10.2.3-h10","PAN-OS 10.2.3-h9","PAN-OS 10.2.3-h8","PAN-OS 10.2.3-h7","PAN-OS 10.2.3-h6","PAN-OS 10.2.3-h5","PAN-OS 10.2.3-h4","PAN-OS 10.2.3-h3","PAN-OS 10.2.3-h2","PAN-OS 10.2.3-h1","PAN-OS 10.2.3","PAN-OS 10.2.2-h6","PAN-OS 10.2.2-h5","PAN-OS 10.2.2-h4","PAN-OS 10.2.2-h3","PAN-OS 10.2.2-h2","PAN-OS 10.2.2-h1","PAN-OS 10.2.2","PAN-OS 10.2.1-h3","PAN-OS 10.2.1-h2","PAN-OS 10.2.1-h1","PAN-OS 10.2.1","PAN-OS 10.2.0-h4","PAN-OS 10.2.0-h3","PAN-OS 10.2.0-h2","PAN-OS 10.2.0-h1","PAN-OS 10.2.0"]},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2026-05-14T03:56:30.849776Z","id":"CVE-2026-0265","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2026-05-14T10:31:44.019Z"}}]}}