THE U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a significant vulnerability in Palo Alto Networks PAN-OS, tracked as CVE-2026-0257, to its Known Exploited Vulnerabilities catalog with a CVSS score of 7.8. This vulnerability allows attackers to bypass authentication on the GlobalProtect portal and gateway, establishing unauthorized VPN connections without credentials. Active exploitation was confirmed by Rapid7, with at least two waves of attacks identified.
Palo Alto has advised users to upgrade to patched versions of PAN-OS or adjust configurations to mitigate risks. CISA has mandated federal agencies to address this vulnerability by June 1, 2026, highlighting the need for private organizations to review their security protocols.