CVE-2026-0227 — Vulnetix

CVE-2026-0227 PUBLISHED CVSS 6.599999904632568 MEDIUM

A vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to cause a denial of service (DoS) to the firewall. Repeated attempts to trigger this issue results in the firewall entering into maintenance mode.

EPSS 0.07% · 21.0th percentile

Risk Scores

CVSS v4.0

6.599999904632568

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/AU:Y/R:U/V:D/RE:M/U:Amber

EPSS Score

0.07%

21.0th percentile

Affected Products

Vendor	Product	Versions
Palo Alto Networks	PAN-OS	10.1.0, 10.2.0, 11.1.0
Palo Alto Networks	Prisma Access	10.2, 11.2, 10.2
palo_alto_networks	pan-os	12.1.2, 11.2.0, 11.1.0
paloaltonetworks	prisma_access
paloaltonetworks	pan-os	11.1.11, 10.2.10, 10.2.10
Palo Alto Networks	Cloud NGFW	*, All, All
palo_alto_networks	prisma_access	11.2, 11.2, 10.2

Timeline

Jan 14, 2026 PoC Published
Jan 14, 2026 PoC Published
Jan 14, 2026 PoC Published
Jan 15, 2026 CVE Published
Jan 15, 2026 PoC Published
Jan 15, 2026 PoC Published
Jan 15, 2026 PoC Published
Jan 15, 2026 PoC Published
Jan 15, 2026 PoC Published
Jan 15, 2026 PoC Published
Jan 15, 2026 PoC Published
Jan 15, 2026 PoC Published

References

https://security.paloaltonetworks.com/CVE-2026-0227 vendor-advisory
https://nvd.nist.gov/vuln/detail/CVE-2026-0227 advisory
https://security.paloaltonetworks.com/CVE-2025-4620 url
https://security.paloaltonetworks.com/PAN-SA-2026-0001 advisory

Open in Interactive Console →