PALO Alto Networks has released the first round of fixes for CVE-2026-0300, a critical buffer overflow in the PAN-OS User-ID Authentication Portal that could let an unauthenticated attacker run arbitrary code with root privileges by sending specially crafted packets. The company says the flaw has been exploited in limited attacks since at least last month, with threat actors dropping payloads such as EarthWorm and ReverseSocks5.
In related security coverage, Anthropic Mythos examined a cURL model and identified a single confirmed vulnerability among five findings, described as low severity, with details to be published in sync with curl’s next release, 8.21.0, in late June. The discussion emphasises that the remaining findings flagged by Mythos were false positives.
Overall, the bulletin underscores ongoing risk from high-severity bugs in widely used infrastructure and the need for prompt patching and verification of purported security signals.