patchletter

The current version of PAN-OS is 12.1.7-h1 (as of 22/06/2026).

PAN-OS

Palo Alto Networks · current 12.1.7-h1

Actively exploited vulnerabilities

The US cybersecurity agency CISA lists these vulnerabilities in its catalog of Known Exploited Vulnerabilities. Check your version and patch or mitigate promptly.

  • CVE-2019-1579Palo Alto Networks PAN-OS Remote Code Execution VulnerabilityRansomware
  • CVE-2020-2021Palo Alto Networks PAN-OS Authentication Bypass VulnerabilityRansomware
  • CVE-2024-3400Palo Alto Networks PAN-OS Command Injection VulnerabilityRansomware
  • CVE-2024-0012Palo Alto Networks PAN-OS Management Interface Authentication Bypass VulnerabilityRansomware
  • CVE-2024-9474Palo Alto Networks PAN-OS Management Interface OS Command Injection VulnerabilityRansomware
  • CVE-2017-15944Palo Alto Networks PAN-OS Remote Code Execution Vulnerability
  • CVE-2022-0028Palo Alto Networks PAN-OS Reflected Amplification Denial-of-Service Vulnerability
  • CVE-2024-3393Palo Alto Networks PAN-OS Malicious DNS Packet Vulnerability
  • CVE-2025-0108Palo Alto Networks PAN-OS Authentication Bypass Vulnerability
  • CVE-2025-0111Palo Alto Networks PAN-OS File Read Vulnerability
  • CVE-2026-0300Palo Alto Networks PAN-OS Out-of-bounds Write Vulnerability
  • CVE-2026-0257Palo Alto Networks PAN-OS Authentication Bypass Vulnerability

Source: CISA KEV. The CVE is matched to the product automatically — when in doubt, the linked NVD entry applies.

PAN-OS at a glance

PAN-OS is the operating system on Palo Alto Networks firewalls, a mainstay in larger enterprises. Palo Alto ships PAN-OS releases plus security advisories; as a perimeter platform — and one that has seen actively exploited vulnerabilities — prompt patching is essential.

For admins the right combination of PAN-OS version and content updates matters, along with management/firewall (Panorama) compatibility. Never expose the management interface to the internet, apply advisories on a priority basis, and take a config snapshot before upgrading. On HA pairs follow the documented order, and read the known issues. After upgrading, verify VPN and critical policies. Track the PAN-OS version and its support lifecycle per platform; subscribe to Palo Alto's security advisories.

Support cycles (endoflife.date)

CycleLatest versionStatus
12.112.1.7-h1EOL 28 Aug 28
11.211.2.12EOL 2 May 27
11.111.1.15EOL 3 May 27
11.011.0.6-h1End of Life
10.210.2.18-h7End of Life
10.110.1.14-h20End of Life
10.010.0.12-h6End of Life
9.19.1.19End of Life

Release history · as detected by patchletter

VersionChannelDateNotes
12.1.7-h1STABLE22/06/2026Release notes →

Never miss a PAN-OS update

We check the source daily and email you — instantly or as a digest. Free, one-click unsubscribe.

Watch PAN-OS

Related tools in Firewalls & Security