CISA Adds Palo Alto PAN OS Auth Bypass CVE-2026-0257 to KEV List

ON May 29, 2026, CISA added one new vulnerability, CVE-2026-0257, to its Known Exploited Vulnerabilities (KEV) Catalog. This vulnerability pertains to Palo Alto Networks' PAN-OS Authentication Bypass and represents a significant risk of active exploitation, particularly for federal networks. CISA emphasizes the importance of mitigating risks by adhering to the Binding Operational Directive (BOD) 22-01, which mandates remediation of identified vulnerabilities by Federal Civilian Executive Branch agencies. CISA encourages all organizations to prioritize the remediation of KEV vulnerabilities to enhance their cybersecurity posture.