www.securityweek.com 6/1/2026, 10:18:34 AM · external

Palo Alto PANOS flaw exploited days after patch release

CyberSIXT Evidence Panel

Primary Source

security.paloaltonetworks.com

CVE Intel

CVE-2026-0257 - NVD CISA KEV due 2026-06-01 7.8 HIGH

CISA KEV Listed in KEV

Patch Patch Available

THREAT actors are actively targeting a high-severity authentication bypass vulnerability (CVE-2026-0257) in Palo Alto Networks' PAN-OS just four days after its public disclosure. The vulnerability allows attackers to bypass VPN restrictions, and Palo Alto released patches on May 13. As of May 17, exploit attempts have been observed. The U.S. CISA has added this CVE to its Known Exploited Vulnerabilities catalog, urging immediate patching.

Rapid7 indicated that attackers exploited flaws starting May 17 and provided a proof-of-concept script to help organizations identify vulnerabilities. Users are advised to update to patched versions of PAN-OS.

View Primary Source Via www.securityweek.com

Article by CyberSIXT

Timeline Coverage

Swipe to explore timeline

#8 Jun 1, 2026, 02:35 PM

darkreading.com
CVE-2026-0257 flaw lets hackers bypass Palo Alto VPN auth
#7 Jun 1, 2026, 10:00 AM Current article

www.securityweek.com
Palo Alto PANOS flaw exploited days after patch release
#6 Jun 1, 2026, 08:36 AM

securityaffairs.com
CISA flags PAN-OS flaw CVE-2026-0257 as attackers bypass VPN auth
#5 Jun 1, 2026, 08:30 AM

infosecurity-magazine.com
Attackers Exploit CVE-2026-0257 in Palo Alto GlobalProtect VPN
#4 Jun 1, 2026, 01:00 AM

securityonline.info
Critical FreeBSD Kernel Buffer Overflow Disclosed: Public Details & PoC Out
#3 May 31, 2026, 05:52 PM

securityaffairs.com
CVE-2026-0257 flaw lets attackers hijack Palo Alto VPN logins
#2 May 30, 2026, 06:41 AM

thehackernews.com
PAN-OS GlobalProtect Authentication Bypass (CVE-2026-0257) Under Active Exploitation
#1 May 30, 2026, 01:34 AM

securityonline.info
Critical PANOS Flaw Lets Attackers Bypass Authentication