CVE-2026-0280 PUBLISHED

PAN-OS: IPv6 Firewall Policy Bypass

Assigner: palo_alto
Reserved: 03.11.2025 Published: 09.07.2026 Updated: 09.07.2026

An IPv6 packet processing vulnerability in the dataplane of Palo Alto Networks PAN-OS® software enables an unauthenticated attacker to bypass firewall security policy enforcement, allowing network traffic that should be blocked to reach protected services.

Cloud NGFW and Panorama are not impacted by this vulnerability.

Metrics

CVSS Vector: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/AU:Y/V:D/RE:M/U:Amber
CVSS Score: 1.7

Product Status

Vendor Palo Alto Networks
Product Cloud NGFW
Versions Default: unaffected
  • Version All is unaffected
Vendor Palo Alto Networks
Product PAN-OS
Versions Default: unaffected
  • affected from 12.1.0 to 12.1.8 (excl.)
  • affected from 11.2.0 to 11.2.13 (excl.)
  • affected from 11.1.0 to 11.1.16 (excl.)
  • affected from 10.2.0 to 10.2.18-h8 (excl.)
Vendor Palo Alto Networks
Product Panorama
Versions Default: unaffected
  • Version All is unaffected
Vendor Palo Alto Networks
Product Prisma Access
Versions Default: unaffected
  • affected from 11.2.0 to 11.2.7-h18 (excl.)
  • affected from 10.2.0 to 10.2.10-h39 (excl.)

Affected Configurations

This issue applies to PAN-OS firewalls with IPv6 enabled on one or more interfaces.

You can verify IPv6 is enabled by checking:  Network -> Interfaces -> [Interface with Layer3 type] -> IPv6 > Enable IPv6 on the interface

Exploits

Palo Alto Networks is not aware of any malicious exploitation of this issue.

Credits

  • Curious of TRAPA Security finder

References

Problem Types

  • CWE-131 Incorrect Calculation of Buffer Size CWE

Impacts

  • CAPEC-153 Input Data Manipulation