Rapid7 Blog ·EN Vendor research Exploited in the wildPAN-OSPrisma AccessGlobalProtect
Rapid7 Observed Exploitation of PAN-OS GlobalProtect Authentication Bypass Vulnerability (CVE-2026-0257)
Overview
On May 13, 2026, Palo Alto Networks published a security CVE-2026-0257">advisory for CVE-2026-0257, a medium severity authentication bypass affecting PAN-OS and Prisma Access when a specific configuration is present. Successful exploitation of this vulnerability allows a remote unauthenticated attacker to successfully establish a VPN connection through the GlobalProtect gateway of an affected appliance.…