CVE-2026-0264: CWE-122 Heap-based Buffer Overflow in Palo Alto Networks Cloud NGFW
A buffer overflow vulnerability in the DNS proxy and DNS Server features of Palo Alto Networks PAN-OS® Software allows an unauthenticated attacker with network access to cause a denial of service (DoS) condition (all PAN-OS platforms except Cloud NGFW and Prisma Access) or potentially execute arbitrary code by sending specially crafted network traffic (PA-Series hardware only). Panorama, Cloud NGFW, and Prisma® Access are not impacted by this vulnerability.
AI Analysis
Technical Summary
This vulnerability (CVE-2026-0264) involves a heap-based buffer overflow (CWE-122) in the DNS proxy and DNS Server components of Palo Alto Networks PAN-OS software on PA-Series hardware. Exploitation requires network access and no authentication, allowing an attacker to cause denial of service or potentially execute arbitrary code via specially crafted network traffic. The vulnerability does not affect Panorama, Cloud NGFW, or Prisma Access products. The CVSS 4.0 score is 7.2, indicating high severity. No patch or official remediation level has been provided in the available information.
Potential Impact
Successful exploitation can lead to denial of service or arbitrary code execution on affected PA-Series hardware running PAN-OS. This could disrupt network security functions or allow attacker control over the device. Cloud NGFW and Prisma Access are explicitly not affected, limiting impact to on-premises PA-Series hardware. No known exploits in the wild have been reported to date.
Mitigation Recommendations
Patch status is not yet confirmed — check the Palo Alto Networks vendor advisory for current remediation guidance. Since Panorama, Cloud NGFW, and Prisma Access are not impacted, no action is required for those products. For affected PA-Series hardware, monitor vendor communications for patches or official mitigations. Do not assume a fix is available until confirmed by Palo Alto Networks.
CVE-2026-0264: CWE-122 Heap-based Buffer Overflow in Palo Alto Networks Cloud NGFW
Description
A buffer overflow vulnerability in the DNS proxy and DNS Server features of Palo Alto Networks PAN-OS® Software allows an unauthenticated attacker with network access to cause a denial of service (DoS) condition (all PAN-OS platforms except Cloud NGFW and Prisma Access) or potentially execute arbitrary code by sending specially crafted network traffic (PA-Series hardware only). Panorama, Cloud NGFW, and Prisma® Access are not impacted by this vulnerability.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This vulnerability (CVE-2026-0264) involves a heap-based buffer overflow (CWE-122) in the DNS proxy and DNS Server components of Palo Alto Networks PAN-OS software on PA-Series hardware. Exploitation requires network access and no authentication, allowing an attacker to cause denial of service or potentially execute arbitrary code via specially crafted network traffic. The vulnerability does not affect Panorama, Cloud NGFW, or Prisma Access products. The CVSS 4.0 score is 7.2, indicating high severity. No patch or official remediation level has been provided in the available information.
Potential Impact
Successful exploitation can lead to denial of service or arbitrary code execution on affected PA-Series hardware running PAN-OS. This could disrupt network security functions or allow attacker control over the device. Cloud NGFW and Prisma Access are explicitly not affected, limiting impact to on-premises PA-Series hardware. No known exploits in the wild have been reported to date.
Mitigation Recommendations
Patch status is not yet confirmed — check the Palo Alto Networks vendor advisory for current remediation guidance. Since Panorama, Cloud NGFW, and Prisma Access are not impacted, no action is required for those products. For affected PA-Series hardware, monitor vendor communications for patches or official mitigations. Do not assume a fix is available until confirmed by Palo Alto Networks.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- palo_alto
- Date Reserved
- 2025-11-03T20:44:24.711Z
- Cvss Version
- 4.0
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a04ba1fcbff5d8610f4824a
Added to database: 5/13/2026, 5:51:27 PM
Last enriched: 5/13/2026, 6:08:52 PM
Last updated: 5/14/2026, 6:47:03 AM
Views: 2
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.