Informational Bulletin: Impact assessment of OSS CVEs in PAN-OS
Low RiskCVSS 0PAN-SA-2026-0006Apr 8, 2026
Palo Alto Networks
IT in OT - Palo Alto firewalls are commonly deployed at IT/OT network boundaries
Summary
Palo Alto Networks evaluated multiple open source software CVEs for impact to PAN-OS. The evaluation concluded that while PAN-OS software may include the affected open source packages, no exploitation scenarios exist in PAN-OS and the product is not impacted by these vulnerabilities.
What this means
What could happen
Palo Alto Networks has determined that PAN-OS is not impacted by the open source software CVEs evaluated in this bulletin. No vulnerability exploitation scenarios exist in the PAN-OS context.
Who's at risk
This advisory does not identify any vulnerable scenarios in PAN-OS. Organizations running PAN-OS do not need to take action based on this bulletin.
How it could be exploited
No exploitation path exists. While PAN-OS may include the affected open source packages, the architectural or configuration requirements needed to exploit these vulnerabilities in PAN-OS are not present.
โโ Navigate ยท Esc Close
API:
/api/v1/advisories/87f35b37-947a-4a5e-89ba-624ca53369abGet OT security insights every Tuesday
Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.