Actively exploited in the wild
Palo Alto Networks PAN-OS Authentication Bypass Vulnerability
Palo Alto Networks — PAN-OS · Listed in the CISA KEV since 2026-05-29. This indicates confirmed attacks in production environments.
Required action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
CVE-2026-0257
CriticalCVSS 9.1KEVExploitation Probability (EPSS)
Very high risk98th percentile — higher than 98% of all known CVEs
Summary
CVE-2026-0257 describes authentication bypass vulnerabilities in the GlobalProtect portal and gateway of Palo Alto Networks PAN-OS® software, allowing an attacker to bypass security restrictions and establish an unauthorized VPN connection.
Risk Assessment
The organization may be exposed to unauthorized network access, potentially leading to data breaches or other serious security incidents.
Recommendation
It is recommended to update PAN-OS® software to the latest version to patch these security vulnerabilities.
Original NVD description (English source)
Authentication bypass vulnerabilities in the GlobalProtect portal and gateway of Palo Alto Networks PAN-OS® software allows the attacker to bypass security restrictions and establish an unauthorized VPN connection. Panorama and Cloud NGFW are not impacted by these issues.

