๐Ÿ” CVE Alert

CVE-2026-0288

UNKNOWN 0.0

PAN-OS: Buffer Overflow Vulnerabilities in User-ID Terminal Server Agent

CVSS Score
0.0
EPSS Score
0.5%
EPSS Percentile
41th

Multiple buffer overflow vulnerabilities in the User-ID Terminal Server Agent (TSA) component of Palo Alto Networks PAN-OS software allow an unauthenticated attacker with network access to cause a denial of service (DoS) condition or potentially execute arbitrary code by sending specially crafted network traffic. The security risk posed by this issue is minimized when the User-ID Terminal Server Agent connectivity is restricted to only trusted internal IP addresses according to our recommended best practice deployment guidelines https://docs.paloaltonetworks.com/ngfw/help/10-2/user-identification/device-user-identification-terminal-services-agents#:~:text=To%20minimize%20security%20risk%2C%20restrict%20TS%20Agent%20connectivity%20to%20trusted%20internal%20IP%20addresses%20only. . Panorama is not impacted by this vulnerability.

CWE CWE-787
Vendor palo alto networks
Product cloud ngfw
Published Jul 8, 2026
Last Updated Jul 9, 2026
Stay Ahead of the Next One

Get instant alerts for palo alto networks cloud ngfw

Be the first to know when new unknown vulnerabilities affecting palo alto networks cloud ngfw are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

Affected Versions

Palo Alto Networks / Cloud NGFW
All versions affected
Palo Alto Networks / PAN-OS
12.1.0 < 12.1.8 11.2.0 < 11.2.13 11.1.0 < 11.1.16 10.2.0 < 10.2.7-h36
Palo Alto Networks / Prisma Access
11.2.0 < 11.2.7-h18 10.2.0 < 10.2.10-h39

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
security.paloaltonetworks.com: https://security.paloaltonetworks.com/

Credits

Liang Zhu