Palo Alto Warns of Active PAN-OS VPN Flaw Exploitation

Palo Alto Networks confirmed active exploitation of CVE-2026-0257, an authentication bypass flaw in PAN-OS GlobalProtect portals. The vulnerability (CVSS 7.8) allows unauthorized VPN access. Initial activity was observed on May 17, 2026, with limited attacks. CISA added the flaw to its KEV catalog, ordering federal agencies to patch by June 1, 2026.