Unauthenticated DoS in PAN-OS Data Plane via Crafted Traffic
CVE-2026-0287 Published on July 9, 2026
PAN-OS: Denial of Service Vulnerabilities in Network Traffic Processing
Multiple denial of service vulnerabilities in Palo Alto Networks PAN-OS® software allow an unauthenticated attacker with network access to cause a denial of service (DoS) condition by sending specially crafted network traffic to or through a dataplane interface. Repeated attempts to trigger this condition result in the firewall entering maintenance mode.
Panorama is not impacted by these vulnerabilities.
Timeline
Initial publication
Weakness Type
Improper Check for Unusual or Exceptional Conditions
The software does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the software.
Products Associated with CVE-2026-0287
Want to know whenever a new CVE is published for Palo Alto Networks products? stack.watch will email you.
Affected Versions
Palo Alto Networks Cloud NGFW:- Version All is affected.
- Version 12.1.0 and below 12.1.4-h8 is affected.
- Version 11.2.0 and below 11.2.4-h20 is affected.
- Version 11.1.0 and below 11.1.4-h35 is affected.
- Version 10.2.0 and below 10.2.7-h36 is affected.
- Version 11.2.0 and below 11.2.7-h18 is affected.
- Version 10.2.0 and below 10.2.10-h39 is affected.