Informational Bulletin: OSS CVEs Fixed in PAN-OS
Low RiskCVSS 0PAN-SA-2026-0005Apr 8, 2026
Palo Alto Networks
IT in OT - Palo Alto firewalls are commonly deployed at IT/OT network boundaries
Summary
Palo Alto Networks has identified and fixed multiple open source software (OSS) CVEs in PAN-OS as a precautionary measure. The vendor determined these CVEs do not have significant impact on PAN-OS functionality or security posture, but elected to remediate them during routine patching cycles.
What this means
What could happen
These CVEs pose minimal direct risk to PAN-OS operations. However, patching eliminates potential future exploitation vectors and improves the overall security posture of your firewall appliances.
Who's at risk
Organizations running Palo Alto Networks PAN-OS firewalls should be aware of these OSS CVE patches. This affects firewall administrators managing perimeter security and network access control.
How it could be exploited
The advisory does not identify practical exploitation paths for these OSS CVEs within PAN-OS. The vendor determined no significant impact, indicating these flaws are not readily exploitable in the context of PAN-OS operation.
Prerequisites
- No specific prerequisites identified; vulnerabilities assessed as having no significant impact on PAN-OS
no significant direct impact on PAN-OSprecautionary fixOSS dependencies in firewall software
Remediation & Mitigation
0/1
Schedule — requires maintenance window
0/1Patching may require device reboot — plan for process interruption
HOTFIXApply PAN-OS updates that include OSS CVE fixes during your next scheduled maintenance window
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/d54c159d-10e4-4748-a5f8-90f6bf87aaa8Get OT security insights every Tuesday
Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.