CVE Tools
Back to feed
Palo Alto Unit 42 ·EN-US Vendor research Exploited in the wildPAN-OSGlobalProtect (portal and gateway)

Threat Brief: Active Exploitation of PAN-OS CVE-2026-0257

By Andy Piazza, Unit 42··3 min read

Palo Alto Networks Unit 42 has observed active exploitation of PAN-OS vulnerability CVE-2026-0257">CVE-2026-0257 by an unidentified threat actor attempting to access GlobalProtect. This security flaw involves an authentication bypass in the portal and gateway components of vulnerable versions of PAN-OS® software, which could allow unauthorized attackers to circumvent security controls and initiate VPN connections. This CVE was added to the Known Exploited Vulnerability (KEV) catalog on May 29.…

Continue reading on Palo Alto Unit 42