CVE-2026-0257 – Palo Alto Networks Cloud NGFW
CVSS 9.1
CRITICAL
“Active exploitation against cloud firewall infrastructure turns perimeter defense into an urgent business risk.”
Palo Alto Networks released patches for two actively exploited vulnerabilities affecting Cloud NGFW. CVE-2026-0257 has a CVSS score of 7.8, which is High severity. CVE-2026-0300 has a CVSS score of 9.3, which is Critical severity.
The update addresses trust and memory safety issues. One vulnerability could allow remote code execution and privilege escalation, making this patch critical for exposed cloud firewall environments.
Key Details
- Affected Product
- Paloaltonetworks Pan-os
- Attack Vector
- Network
- Attack Complexity
- Low
- Privileges Required
- None
- User Interaction
- None
- CWE Classification
- CWE-565
Patch this CVE on all your endpoints in under 5 minutes.
First 200 endpoints are free forever, scale as needed.