CVE-2026-0300

N/ACISA KEV

Description

A buffer overflow vulnerability in the User-ID™ Authentication Portal (aka Captive Portal) service of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to execute arbitrary code with root privileges on the PA-Series and VM-Series firewalls by sending specially crafted packets. The risk of this issue is greatly reduced if you secure access to the User-ID™ Authentication Portal per the best practice guidelines https://knowledgebase.paloaltonetworks.com/KCSArticleDetail by restricting access to only trusted internal IP addresses. Prisma Access, Cloud NGFW and Panorama appliances are not impacted by this vulnerability.

CVE Details

CVSS v3.1 ScoreN/A

Published5/6/2026

Last Modified5/7/2026

Sourcenvd

Honeypot Sightings0

CISA KEV

VendorPalo Alto Networks

ProductPAN-OS

Vulnerability NamePalo Alto Networks PAN-OS Out-of-bounds Write Vulnerability

KEV Date Added2026-05-06

Remediation Due Date2026-05-09

Ransomware UseUnknown

Weaknesses (CWE)

CWE-787

References

https://security.paloaltonetworks.com/CVE-2026-0300(psirt@paloaltonetworks.com)

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-0300(134c704f-9b21-4f2e-91b3-4a467353bcc0)

IOC Correlations

No correlations recorded

This product uses data from the NVD API but is not endorsed or certified by the NVD.