CVE Tools
Back to feed
Bishop Fox ·EN-US Vendor research Patch releasedPAN-OSPanorama

Detecting CVE-2026-0265 at Scale: PAN-OS CAS Authentication Bypass

By Jon Williams, John Untz, Bishop Fox Researchers··10 min read
TL;DR

CVE-2026-0265">CVE-2026-0265is a pre-authentication JSON Web Token (JWT) signature bypass in PAN-OS and Panorama, reachable only when Cloud Authentication Service (CAS) is attached to an authentication profile. Bishop Fox has published aCVE-2026-0265-check">detection scriptthat returns a definitive vulnerable / not-vulnerable verdict per GlobalProtect portal from a single anonymous HTTP request. Patch to a fixed version (10.2.18+, 11.1.15+, 11.2.12+, 12.1.7+) or detach CAS from affected profiles as a workaround.…

Continue reading on Bishop Fox