Vulnerability intelligence
CVE-2026-0257
Authentication bypass vulnerabilities in the GlobalProtect portal and gateway of Palo Alto Networks PAN-OS® software allows the attacker to bypass security restrictions and establish an unauthorized VPN connection. Panorama and Cloud NGFW are not impacted by these issues.
CVSS Score
7.8
High
EPSS — Exploit Probability
59%
Riskier than 98% of all CVEs
Exploitation
Confirmed in the wild
KEV since 2026-05-29
Remediation
Patch available
Federal deadline 2026-06-01
16 articles across 10 outlets · first covered May 29, 2026 · latest Jun 5, 2026
Tracked incidents
Coverage timeline
-
Attackers Exploit PANOS Flaw to Bypass GlobalProtect VPNunit42.paloaltonetworks.com · Jun 5, 2026
-
CVE-2026-0257 flaw lets hackers bypass Palo Alto VPN authwww.darkreading.com · Jun 1, 2026
-
CVE-2026-0257 Cache Warmer RCE Bug Hitssecurityonline.info · Jun 1, 2026
-
Palo Alto PANOS flaw exploited days after patch releasewww.securityweek.com · Jun 1, 2026
-
CISA flags PAN-OS flaw CVE-2026-0257 as attackers bypass VPN authsecurityaffairs.com · Jun 1, 2026
-
Attackers Exploit CVE-2026-0257 in Palo Alto GlobalProtect VPNwww.infosecurity-magazine.com · Jun 1, 2026
-
Critical FreeBSD Kernel Buffer Overflow Disclosed: Public Details & PoC Outsecurityonline.info · Jun 1, 2026
-
Critical Langroid Vulnerability Allows RCE via Prompt Injectionsecurityonline.info · Jun 1, 2026
-
CVE-2026-0257 flaw lets attackers hijack Palo Alto VPN loginssecurityaffairs.com · May 31, 2026
-
CVE-2026-0257 flaw in MCP Toolbox allows site based session hijacksecurityonline.info · May 31, 2026
-
PAN-OS GlobalProtect Authentication Bypass (CVE-2026-0257) Under Active Exploitationthehackernews.com · May 30, 2026
-
Critical PANOS Flaw Lets Attackers Bypass Authenticationsecurityonline.info · May 30, 2026
-
CISA KEV Catalog flags Palo Alto PAN-OS auth bypass flawwww.cisa.gov · May 29, 2026
-
CISA Adds Palo Alto PAN OS Auth Bypass CVE-2026-0257 to KEV Listwww.cisa.gov · May 29, 2026
-
CISA Flags Palo Alto PAN OS Auth Bypass After Active Exploitationcisa.gov · May 29, 2026
-
Rapid7 flags active CVE-2026-0257 exploits in PAN-OS GlobalProtectwww.rapid7.com · May 29, 2026