Critical severity9.8CISA KEVNVD Advisory· Published May 6, 2026· Updated May 12, 2026
CVE-2026-0300
CVE-2026-0300
Description
A buffer overflow vulnerability in the User-ID™ Authentication Portal (aka Captive Portal) service of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to execute arbitrary code with root privileges on the PA-Series and VM-Series firewalls by sending specially crafted packets.
The risk of this issue is greatly reduced if you secure access to the User-ID™ Authentication Portal per the best practice guidelines https://knowledgebase.paloaltonetworks.com/KCSArticleDetail by restricting access to only trusted internal IP addresses.
Prisma Access, Cloud NGFW and Panorama appliances are not impacted by this vulnerability.
Affected products
164cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:*:*:*:*:*:*:*+ 161 more
- cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:*:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:*:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:-:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h10:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h12:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h14:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h17:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h18:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h2:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h21:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h27:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h3:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h30:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h31:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h4:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h5:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h7:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h9:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:*:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:10.2.12:*:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:10.2.13:-:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:10.2.13:h1:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:10.2.13:h10:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:10.2.13:h16:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:10.2.13:h18:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:10.2.13:h2:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:10.2.13:h3:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:10.2.13:h4:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:10.2.13:h5:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:10.2.13:h7:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:10.2.14:*:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:10.2.15:*:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:10.2.16:-:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:10.2.16:h1:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:10.2.16:h4:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:10.2.16:h6:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:10.2.17:-:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:10.2.18:-:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:10.2.18:h1:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:10.2.18:h5:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:*:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:*:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:*:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:*:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:*:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:-:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h1:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h12:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h16:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h19:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h21:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h24:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h3:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h32:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h6:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h8:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:*:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:*:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:*:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.1.1:*:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.1.10:-:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.1.10:h1:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.1.10:h10:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.1.10:h12:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.1.10:h21:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.1.10:h4:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.1.10:h5:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.1.10:h7:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.1.10:h9:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.1.11:*:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.1.12:*:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.1.13:-:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.1.13:h1:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.1.13:h2:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.1.13:h3:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.1.14:-:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:*:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:*:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:-:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h1:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h13:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h15:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h16:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h17:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h18:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h25:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h27:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h32:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h4:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h7:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h9:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.1.5:*:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:-:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:h1:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:h10:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:h14:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:h17:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:h19:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:h2:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:h20:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:h21:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:h22:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:h23:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:h25:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:h29:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:h3:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:h4:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:h5:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:h6:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:h7:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.1.7:-:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.1.7:h1:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.1.7:h2:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.1.7:h4:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.1.8:*:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.1.9:*:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.2.0:*:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.2.1:*:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.2.10:-:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.2.10:h1:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.2.10:h2:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.2.10:h3:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.2.10:h4:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.2.10:h5:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.2.11:-:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.2.2:*:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.2.3:*:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:-:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:h1:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:h10:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:h11:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:h12:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:h14:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:h15:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:h2:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:h4:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:h5:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:h6:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:h7:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:h8:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:h9:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.2.5:*:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.2.6:*:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.2.7:-:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.2.7:h1:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.2.7:h10:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.2.7:h11:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.2.7:h12:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.2.7:h2:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.2.7:h3:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.2.7:h4:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.2.7:h7:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.2.7:h8:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.2.8:*:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:11.2.9:*:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:12.1.2:*:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:12.1.3:*:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:12.1.4:-:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:12.1.4:h2:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:12.1.4:h3:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:12.1.5:-:*:*:*:*:*:*
- cpe:2.3:o:paloaltonetworks:pan-os:12.1.6:-:*:*:*:*:*:*
- cpe:2.3:o:siemens:ruggedcom_ape1808_firmware:-:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3- cert-portal.siemens.com/productcert/html/ssa-967325.htmlnvdThird Party Advisory
- security.paloaltonetworks.com/CVE-2026-0300nvdMitigationVendor Advisory
- www.cisa.gov/known-exploited-vulnerabilities-catalognvdUS Government Resource
News mentions
12- CVE-2026-0265: Authentication Bypass in Palo Alto Networks PAN-OSRapid7 Blog · May 14, 2026
- ThreatsDay Bulletin: PAN-OS RCE, Mythos cURL Bug, AI Tokenizer Attacks, and 10+ StoriesThe Hacker News · May 14, 2026
- 11th May – Threat Intelligence ReportCheck Point Research · May 11, 2026
- The Good, the Bad and the Ugly in Cybersecurity – Week 19SentinelOne Labs · May 8, 2026
- PAN-OS RCE Exploit Under Active Use Enabling Root Access and EspionageThe Hacker News · May 7, 2026
- Palo Alto warns of critical software bug used in firewall attacksThe Record · May 6, 2026
- Critical Buffer Overflow in Palo Alto Networks PAN-OS User-ID Authentication Portal (CVE-2026-0300)Rapid7 Blog · May 6, 2026
- Root-level RCE vulnerability in Palo Alto firewalls exploited (CVE-2026-0300)Help Net Security · May 6, 2026
- Palo Alto Networks warns of firewall RCE zero-day exploited in attacksBleepingComputer · May 6, 2026
- Palo Alto PAN-OS Flaw Under Active Exploitation Enables Remote Code ExecutionThe Hacker News · May 6, 2026
- Palo Alto Networks to Patch Zero-Day Exploited to Hack FirewallsSecurityWeek · May 6, 2026
- CISA Adds One Known Exploited Vulnerability to CatalogCISA Alerts