CVE Tools

CVE-2026-0265

PAN-OS: Authentication Bypass with Cloud Authentication Service (CAS) enabled

Published: May 13, 2026Updated: Jun 9, 2026 Sources: CVE List NVD BDUCWE-347

9.8CVSSCRITICAL

Patch Available

Description

An authentication bypass vulnerability in Palo Alto Networks PAN-OS® software enables an unauthenticated attacker with network access to bypass authentication controls when Cloud Authentication Service (CAS) is enabled. The risk is higher if CAS is enabled on the management interface and lower when any other login interfaces are used. The risk of this issue is greatly reduced if you secure access to the management web interface by restricting access to only trusted internal IP addresses according to our recommended best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 . This issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series). Cloud NGFW and Prisma Access® are not impacted by this vulnerability.

CVSS Vector Breakdown

Exploitability

AV:NAccess Vector

Network

AC:LAccess Complexity

Low

Impact

C:HConfidentiality

H

I:HIntegrity

H

A:HAvailability

H

Open in CVSS calculator →

Weaknesses

Affected Products

Cloud NGFW Palo Alto Networks Security Products

PAN-OS Palo Alto Networks Security Products

Prisma Access Palo Alto Networks Security Products

PAN-OS Palo Alto Networks Inc.Security Products

palo alto networkscommercialUSSecurity Productsaka pan-os, prisma access, cloud ngfw

palo alto networks inc.commercialUSSecurity Productsaka paloaltonetworks, pan inc.

Attack Graph

Products CVE Techniques Tactics

Click technique nodes to view MITRE ATT&CK details. Scroll to zoom, drag to pan.

Exploitability

0 exploit sources identified

Exploit details including PoC links, Metasploit modules, and scanner templates are available after registration.

View exploit details

Official Patch Available

Workaround Available

MITRE ATT&CK

1 technique

Collection

View detailed technique mapping

References

https://security.paloaltonetworks.com/CVE-2026-0265

security.paloaltonetworks.com

https://security.paloaltonetworks.com/CVE-2026-0265

security.paloaltonetworks.com

https://github.com/tstephens1080/palo-alto-cve-2026-0265-checker

and 1 more references View all →

Timeline

Published

May 13, 2026

Last Updated

Jun 9, 2026

News mentions

1

CVE-2026-0265: Authentication Bypass in Palo Alto Networks PAN-OS
en·Rapid7 Blog·May 14, 2026

Unlock Complete Vulnerability Intelligence

Get the full picture for CVE-2026-0265 and every CVE in our database. Create a free account — no credit card required.

Create Free Account

Plain-language analysis

Impact assessment and exploitation scenario in plain English

Attack graph visualization

Interactive attack path and kill chain mapping

Exploit details & PoC links

ExploitDB, Metasploit, GitHub PoCs with direct links

Nuclei scanner templates

Ready-to-use vulnerability scanner templates

Full remediation guide

Patch instructions, workarounds, and compliance impact

Interactive AI chat

Ask questions about this vulnerability in natural language

Related vulnerabilities

Semantically similar CVEs and attack patterns

REST API & MCP access

Integrate vulnerability data into your workflows