216.73.217.22

CVE-2026-0300

· Published 06/05/2026 02:00 · Modified 15/05/2026 16:47 · Author: The MITRE Corporation

Labels: CVE-2026-0300 2026-05-06CVE-2026-0300CWE-787[email protected]

Essential information

Published
06/05/2026 02:00
Modified
15/05/2026 16:47
Author
The MITRE Corporation
Creator
The MITRE Corporation
CVSS
9.8 CRITICAL (v3.1) 9.3 CRITICAL (v4.0)
CISA KEV
Yes
CWE
CWE-787
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS metrics

Description

A buffer overflow vulnerability in the User-ID™ Authentication Portal (aka Captive Portal) service of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to execute arbitrary code with root privileges on the PA-Series and VM-Series firewalls by sending specially crafted packets. The risk of this issue is greatly reduced if you secure access to the User-ID™ Authentication Portal per the best practice guidelines https://knowledgebase.paloaltonetworks.com/KCSArticleDetail by restricting access to only trusted internal IP addresses. Prisma Access, Cloud NGFW and Panorama appliances are not impacted by this vulnerability.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
palo alto networks / pan-os cpe:2.3:a:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*

References

Related entities

Attack reports, intrusion sets, malwares, attack patterns and indicators linked to this vulnerability.

Attack reports (2)