PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-0261 Palo Alto Networks CVE debrief

CVE-2026-0261 is a medium-severity vulnerability (CVSS Score: 6.1) that affects Palo Alto Networks PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series). The vulnerability allows an authenticated administrator to bypass system restrictions and run arbitrary commands as a root user via the PAN-OS CLI or Web UI. The security risk is minimized when CLI access is restricted to a limited group of administrators and by restricting access to the management web interface to only trusted internal IP addresses. Cloud NGFW and Prisma Access are not impacted by these vulnerabilities.

Vendor
Palo Alto Networks
Product
Cloud NGFW
CVSS
MEDIUM 6.1
CISA KEV
Not listed in stored evidence
Original CVE published
2026-05-13
Original CVE updated
2026-06-09
Advisory published
2026-05-13
Advisory updated
2026-06-09

Who should care

Administrators of Palo Alto Networks PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series) should apply patches or mitigations to prevent exploitation.

Technical summary

Multiple command injection vulnerabilities in Palo Alto Networks PAN-OS software enable an authenticated administrator to bypass system restrictions and run arbitrary commands as a root user. To be able to exploit this issue, the user must have access to the PAN-OS CLI or Web UI.

Defensive priority

High

Recommended defensive actions

  • Restrict CLI access to a limited group of administrators.
  • Restrict access to the management web interface to only trusted internal IP addresses.
  • Apply patches or updates provided by Palo Alto Networks.

Evidence notes

The CVE record and details are sourced from official vulnerability databases and vendor notifications.

Official resources

CVE-2026-0261 was published on [2026-05-13T19:17:02.097Z].