THREAT OPS › CVEs › CVE-2026-0300
CVE-2026-0300 — Palo Alto Networks PAN-OS Out-of-bounds Write Vulnerability
Palo Alto Networks PAN-OS contains an out-of-bounds write vulnerability in the User-ID Authentication Portal (aka Captive Portal) service that can allow an unauthenticated attacker to execute arbitrary code with root privileges on the PA-Series and VM-Series firewalls by sending specially crafted packets.
Vulnerability details
- Affected productsPAN-OS
- KEV remediation due2026-05-09