PAN-OS CAS Auth Bypass (CVE-2026-0265)
CVE-2026-0265 Published on May 13, 2026

PAN-OS: Authentication Bypass with Cloud Authentication Service (CAS) enabled
An authentication bypass vulnerability in Palo Alto Networks PAN-OS® software enables an unauthenticated attacker with network access to bypass authentication controls when Cloud Authentication Service (CAS) is enabled. The risk is higher if CAS is enabled on the management interface and lower when any other login interfaces are used. The risk of this issue is greatly reduced if you secure access to the management web interface by restricting access to only trusted internal IP addresses according to our recommended best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 . This issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series). Cloud NGFW and Prisma Access® are not impacted by this vulnerability.

Vendor Advisory NVD

Timeline

Initial Publication.

Weakness Type

Improper Verification of Cryptographic Signature

The software does not verify, or incorrectly verifies, the cryptographic signature for data.


Products Associated with CVE-2026-0265

Want to know whenever a new CVE is published for Palo Alto Networks PAN-OS? stack.watch will email you.

Palo Alto Networks PAN-OS
 

Affected Versions

Palo Alto Networks Cloud NGFW: Palo Alto Networks PAN-OS: Palo Alto Networks Prisma Access:

Exploit Probability

EPSS
0.08%
Percentile
22.62%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.