Fixed the support limitation for the Panorama M-600 and M-700 appliances.

Fixed an issue where, when exporting and importing CSV files, the hash values of pre-shared key variables set at template and template stack levels changed inconsistently, which resulted in both variables displaying the same hash value.

Fixed an issue where the web interface did not display a message to commit prior changes before attempting a partial configuration load.

Fixed an issue where the firewall lost the pre-shared key configuration assigned from a PSK variable when an unrelated device group configuration was loaded.

Fixed an issue where the CLI did not display a message to commit prior changes before loading a partial configuration.

Fixed an issue where the configuration audit displayed inaccurate information after partially loading the configuration via the CLI, which caused the audit to flag the configuration as deleted or changed.

(VM-Series firewalls only) Fixed an issue where unexpected failovers occurred on firewalls running PAN-OS 11.2.2-h2.

Fixed an issue where the dscd process stopped responding when Endpoint Serial Number was enabled, which resulted in the Active Directory returning a list of serial numbers for a specific firewall from the Cloud Identity Engine.

Fixed an issue where DNS Security intermittently logs malicious domain URLs as Alert instead of taking a Sinkhole action, even when configured to Sinkhole malicious DNS domains.

Fixed an issue where the detailed log view in Panorama did not display all packet details for traffic logs received from the cloud.

Fixed an issue where the firewall rebooted due to an out-of-bounds memory access that occurred as a result of the SIP content length value being split across packets.

Fixed an issue where the configd process stopped responding during a commit-all validation when there were uncommitted changes and share-unused-objects-with-devices was set to off.

Fixed an issue where the firewall dropped the AAAA DNS server response and caused delays in traffic from Ubuntu or Linux clients when DNS Security was enabled.

(Firewalls in active/passive HA configurations only) Fixed an issue where OSPF failed to establish after a failover from the active firewall to the passive firewall.

A fix was made to address CVE-2025-0116.

Fixed an issue on Panorama where Elasticsearch repeatedly restarted.

Fixed an issue where Preview Changes did not display configuration changes in Commit and push > Push Scope.

Fixed an issue on firewalls in HA configurations where OSPF neighbors were not established after an HA failover.

Fixed an issue where traffic was dropped when Data Loss Prevention or Advanced URL Filtering were enabled. This occurred when the payload size was greater than 3.5 KB.

Fixed an issue on Panorama where the web interface was slower than expected or unresponsive when monitoring definitions were added in the Kubernetes plugin.

Fixed an issue where the firewall dropped DNS traffic when using DNS Security.

A fix was made to address CVE-2025-0115.

Fixed an issue where, when the Advanced Routing Engine was configured with OSPF, the firewall stopped responding when attempting to connect to the neighbor while exchanging route maps.

Fixed an issue where partial commit or partial validation operations failed for non-super user administrators with the error <device-group-name> is invalid. meta data not found for dg <device-group-name>.

Fixed an issue where the displayed NTP information was incorrect if the DNS servers timed out.