Fixed an issue where SNMP walks returned a value of 0 for the CPS (Connections Per Second) per vsys on firewalls after upgrading to PAN-OS 11.1.6-h3, even when active connections were present.

(VM-Series firewalls on Microsoft Azure environments only) Fixed an issue where firewall failed to bootstrap with a custom image, and VM-Series plugin information was not displayed in the system information.

Fixed an issue where a memory leak occurred related to the configd process when pushing configurations from Panorama to a firewall. This occurred when the configurations contained shared policy rules.

(PA-5400f firewalls only) Fixed an issue where SD-WAN SaaS monitoring did not work with URL monitoring.

Fixed an issue where the preferred_wnd value provided by CTD (Content Threat Detection) was disregarded due to TCP bandwidth estimation, which prevented the window from closing.

Fixed an issue where the MIB ID returned an incorrect value via SNMP.

Fixed an issue where sessions timed out sooner than expected due to the pan_proxy_accumulation _restore_timeout not initiating when the accumulationsession_init failed.

Fixed an issue on Panorama where commits took longer than expected.

Fixed an issue where BGP export policy rules with next-hop matching failed to block the advertisement of static routes, and the firewall incorrectly matched the egress interface IP address instead of the original next-hop IP address of the static route, which caused the deny rule to fail.

Fixed an issue where, when an application stopped responding, a large file was created in the /opt/panlogs directory, which caused the partition to fill up.

Fixed an issue where a large number of logs caused the logrcvr process to stop responding.

A fix was made to address CVE-2025-0133.

Fixed an issue where, when getting transceiver information from ESCC for SFP 25G modules, the transceiver code was incorrectly updated with Unknown instead of 25GBase-SR.

A fix was made to address CVE-2025-4229.

Fixed an issue where IPv6 BGP peering established between virtual routers even without dataplane connectivity. This occurred because the firewall used the kernel for lookups instead of the dataplane.

Fixed an issue where users were unable to log in to Panorama and the following error message was displayed: Timed out while getting config lock. Please try again. This occurred when pushing configurations to a large number of devices.