CVE-2026-0258— PAN-OS: Server-Side Request Forgery (SSRF) in IKEv2 Certificate URL Fetching
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-0258
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
PAN-OS: Server-Side Request Forgery (SSRF) in IKEv2 Certificate URL Fetching
Source: NVD (National Vulnerability Database)
Vulnerability Description
A server-side request forgery (SSRF) vulnerability in the IKEv2 implementation of Palo Alto Networks PAN-OS® software allows an unauthenticated attacker to cause the firewall to send network requests to unintended destinations or cause a denial of service (DoS) condition. Panorama, Cloud NGFW and Prisma® Access are not impacted by these vulnerabilities.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
服务端请求伪造(SSRF)
Source: NVD (National Vulnerability Database)
Vulnerability Title
Palo Alto Networks PAN-OS 代码问题漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Palo Alto Networks PAN-OS是美国Palo Alto Networks公司的一套为其防火墙设备开发的操作系统。 Palo Alto Networks PAN-OS存在代码问题漏洞,该漏洞源于IKEv2实现中的服务端请求伪造问题,可能导致未认证攻击者使防火墙向意外目的地发送网络请求或造成拒绝服务条件。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Palo Alto Networks | Cloud NGFW | - | - | |
| Palo Alto Networks | PAN-OS | 12.1.0 ~ 12.1.7, 12.1.4-h5 | cpe:2.3:o:palo_alto_networks:pan-os:12.1.6:*:*:*:*:*:*:* | |
| Palo Alto Networks | Prisma Access | - | - |
II. Public POCs for CVE-2026-0258
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-0258
请登录查看更多情报信息。
Same Patch Batch · Palo Alto Networks · 2026-05-13 · 26 CVEs total
| CVE-2026-0238 | Broker VM: Improper Input Validation in Broker VM Certificate and Key Fields | |
| CVE-2026-0242 | Trust Protection Foundation: SQL Injection Vulnerability | |
| CVE-2026-0245 | Prisma Access Agent: Information Disclosure Vulnerabilities | |
| CVE-2026-0259 | WildFire WF-500 and WF-500-B: Arbitrary File Read and Delete Vulnerability in WildFire App | |
| CVE-2026-0236 | Prisma Browser: Code Injection Enables Security Controls Bypass | |
| CVE-2026-0241 | Trust Protection Foundation: Multiple Authorization Bypass Vulnerabilities | |
| CVE-2026-0261 | PAN-OS: Authenticated Admin Command Injection Vulnerability | |
| CVE-2026-0265 | PAN-OS: Authentication Bypass with Cloud Authentication Service (CAS) enabled | |
| CVE-2026-0243 | Prisma SD-WAN: Denial of Service (DoS) Vulnerability Through IPv6 Crafted Packet | |
| CVE-2026-0262 | PAN-OS: Denial of Service Vulnerabilities in Network Traffic Parsing | |
| CVE-2026-0237 | Prisma Browser: Improperly Restricted Automation Bridge Allows Security Bypass | |
| CVE-2026-0247 | Prisma Access Agent Endpoint DLP: Authorization Bypass Vulnerabilities | |
| CVE-2026-0256 | PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in the Web Interface | |
| CVE-2026-0250 | GlobalProtect App: Buffer Overflow Vulnerability during connection to Portal or Gateway | |
| CVE-2026-0264 | PAN-OS: Heap-Based Buffer Overflow in DNS Proxy and DNS Server Allows Unauthenticated Remo | |
| CVE-2026-0235 | Prisma Browser: Access and Data Rule Bypass | |
| CVE-2026-0251 | GlobalProtect App: Local Privilege Escalation Vulnerabilities | |
| CVE-2026-0249 | GlobalProtect App: Certificate Validation Bypass Vulnerabilities | |
| CVE-2026-0240 | Trust Protection Foundation: Sensitive Information Disclosure Vulnerability | |
| CVE-2026-0244 | Prisma SD-WAN: Improper Certificate Validation Vulnerability |
Showing top 20 of 26 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same product: Cloud NGFW
- CVE-2026-0256
PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in t - CVE-2026-0257
PAN-OS: GlobalProtect Authentication Bypass Vulnerabilities - CVE-2026-0261
PAN-OS: Authenticated Admin Command Injection Vulnerability - CVE-2026-0262
PAN-OS: Denial of Service Vulnerabilities in Network Traffic - CVE-2026-0263
PAN-OS: Remote Code Execution (RCE) in IKEv2 Processing
Same vendor: Palo Alto Networks
- CVE-2026-0243
Prisma SD-WAN: Denial of Service (DoS) Vulnerability Through - CVE-2026-0248
Prisma Access Agent: Improper Certificate Validation Vulnera - CVE-2026-0242
Trust Protection Foundation: SQL Injection Vulnerability - CVE-2026-0244
Prisma SD-WAN: Improper Certificate Validation Vulnerability - CVE-2026-0241
Trust Protection Foundation: Multiple Authorization Bypass V
Same weakness: CWE-918
- CVE-2026-45338
Open WebUI: SSRF via OAuth Profile Picture URL in _process_p - CVE-2026-45347
Open WebUI: Blind server side request forgery (SSRF) via the - CVE-2026-45400
Open WebUI: Server-Side Request Forgery (SSRF) bypass in `va - CVE-2026-45401
Open WebUI: SSRF Bypass via HTTP Redirect Following in Web-F - CVE-2026-45331
Open WebUI: Full SSRF Vulnerability in the RAG Web Search Fe
V. Comments for CVE-2026-0258
No comments yet