CVE-2026-0263
published 2026-05-13CVE-2026-0263: A buffer overflow vulnerability in the IKEv2 processing of Palo Alto Networks PAN-OS® software allows an unauthenticated network-based attacker to execute…
PriorityP351high7.2CVSS 4.0
AVNACHATNPRNUINVCHVIHVAHSCLSILSANEUCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUYRUVCREHURed
EPSS
0.31%
22.6th percentile
A buffer overflow vulnerability in the IKEv2 processing of Palo Alto Networks PAN-OS® software allows an unauthenticated network-based attacker to execute arbitrary code with elevated privileges on the firewall, or cause a denial of service (DoS) condition.
Panorama, Cloud NGFW, and Prisma® Access are not impacted by these vulnerabilities.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| palo_alto_networks | pan-os | >= 11.1.0 < 11.1.15, 11.1.13-h5, 11.1.10-h25, 11.1.7-h6, 11.1.6-h32, 11.1.4-h33 | 11.1.15, 11.1.13-h5, 11.1.10-h25, 11.1.7-h6, 11.1.6-h32, 11.1.4-h33 |
| palo_alto_networks | pan-os | >= 11.2.0 < 11.2.12, 11.2.10-h6, 11.2.7-h13, 11.2.4-h17 | 11.2.12, 11.2.10-h6, 11.2.7-h13, 11.2.4-h17 |
| palo_alto_networks | pan-os | >= 12.1.0 < 12.1.7, 12.1.4-h5 | 12.1.7, 12.1.4-h5 |
| paloalto | cloud_ngfw | — | — |
| paloalto | pan-os | — | — |
| paloalto | prisma_access | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Palo Alto
PAN-OS: Remote Code Execution (RCE) in IKEv2 Processing
vendor_paloalto·CVSS 7.2
CVE-2026-0263 [HIGH] CWE-787 PAN-OS: Remote Code Execution (RCE) in IKEv2 Processing
PAN-OS: Remote Code Execution (RCE) in IKEv2 Processing
A buffer overflow vulnerability in the IKEv2 processing of Palo Alto Networks PAN-OS® software allows an unauthenticated network-based attacker to execute arbitrary code with elevated privileges on the firewall, or cause a denial of service (DoS) condition.
Panorama, Cloud NGFW, and Prisma® Access are not impacted by these vulnerabilities.
Affected products: Cloud NGFW, PAN-OS, Prisma Access
Solution: VERSION MINOR VERSION SUGGESTED SOLUTION
Cloud NGFW No action needed.
PAN-OS 12.1 12.1.5 through 12.1.6 Upgrade to 12.1.7 or later.
12.1.2 through 12.1.4-h* Upgrade to 12.1.4-h5 or 12.1.7 or later.
PAN-OS 11.2 11.2.11 or later Upgrade to 11.2.12 or later.
11.2.8 through 11.2.10-h* Upgrade to 11.2.10-h6 or 11.2.12 or later.
11.2.5 th
GHSA
GHSA-xqxf-q4xj-jxh3: A buffer overflow vulnerability in the IKEv2 processing of Palo Alto Networks PAN-OS® software allows an unauthenticated network-based attacker to exe
ghsa_unreviewed·2026-05-13
CVE-2026-0263 [HIGH] CWE-787 GHSA-xqxf-q4xj-jxh3: A buffer overflow vulnerability in the IKEv2 processing of Palo Alto Networks PAN-OS® software allows an unauthenticated network-based attacker to exe
A buffer overflow vulnerability in the IKEv2 processing of Palo Alto Networks PAN-OS® software allows an unauthenticated network-based attacker to execute arbitrary code with elevated privileges on the firewall, or cause a denial of service (DoS) condition.
Panorama, Cloud NGFW, and Prisma® Access are not impacted by these vulnerabilities.
VulDB
Palo Alto Cloud NGFW/PAN-OS/Prisma Access IKEv2 out-of-bounds write (EUVD-2026-30064)
vuldb·2026-05-13·CVSS 7.2
CVE-2026-0263 [HIGH] Palo Alto Cloud NGFW/PAN-OS/Prisma Access IKEv2 out-of-bounds write (EUVD-2026-30064)
A vulnerability identified as critical has been detected in Palo Alto Cloud NGFW, PAN-OS and Prisma Access. Affected is an unknown function of the component IKEv2 Handler. The manipulation leads to out-of-bounds write.
This vulnerability is traded as CVE-2026-0263. It is possible to initiate the attack remotely. There is no exploit available.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2026-05-13
Published