A previous virtually identical zero day DoS vulnerability was targeted in the wild, and there's already a PoC for this one.

CSO Online offers insights into cybersecurity, risk management, and IT leadership, providing articles, reports, and expert analysis to help security professionals navigate the evolving threat landscape and protect their organizations from cyber attacks. By exploring CSO Online's curated content, CISOs, security managers, and IT executives can learn about threat intelligence, security frameworks, and incident response strategies for building resilient cybersecurity programs. Whether you're defending against ransomware, phishing attacks, or insider threats, CSO Online offers resources to strengthen your security posture and safeguard your digital assets.

CSO Online

Palo Alto Networks released patches for CVE-2026-0227, a high-severity denial-of-service vulnerability affecting PAN-OS firewalls with GlobalProtect enabled. Unauthenticated attackers can exploit this flaw to force firewalls into maintenance mode, causing network outages. Proof-of-concept code exists, and a similar vulnerability was exploited as a zero-day in 2024. Most Prisma Access cloud customers are already patched, but PAN-OS NGFW users must apply patches manually based on their version. The vulnerability poses an availability risk rather than a direct security compromise.

Palo Alto Networks patches firewalls after discovery of a new denial-of-service flaw