CVE Tools
Back to feed
Rapid7 Blog ·EN Vendor research Exploited in the wildPAN-OSPrisma AccessGlobalProtect

Rapid7 Observed Exploitation of PAN-OS GlobalProtect Authentication Bypass Vulnerability (CVE-2026-0257)

By Rapid7··10 min read

Overview

On May 13, 2026, Palo Alto Networks published a security CVE-2026-0257">advisory for CVE-2026-0257, a medium severity authentication bypass affecting PAN-OS and Prisma Access when a specific configuration is present. Successful exploitation of this vulnerability allows a remote unauthenticated attacker to successfully establish a VPN connection through the GlobalProtect gateway of an affected appliance.…

Continue reading on Rapid7 Blog