CVE-2026-0261
PAN-OS: Authenticated Admin Command Injection Vulnerability
Multiple command injection vulnerabilities in Palo Alto Networks PAN-OS® software enable an authenticated administrator to bypass system restrictions and run arbitrary commands as a root user. To be able to exploit this issue, the user must have access to the PAN-OS CLI or Web UI. The security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of administrators and by restricting access to the management web interface to only trusted internal IP addresses according to our recommended best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 . This issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series). Cloud NGFW and Prisma Access® are not impacted by these vulnerabilities.
| CWE | CWE-78 |
| Vendor | palo alto networks |
| Product | cloud ngfw |
| Published | May 13, 2026 |
| Last Updated | May 13, 2026 |
Get instant alerts for palo alto networks cloud ngfw
Be the first to know when new unknown vulnerabilities affecting palo alto networks cloud ngfw are published — delivered to Slack, Telegram or Discord.