Critical severity9.1CISA KEVNVD Advisory· Published May 13, 2026· Updated Jun 9, 2026
CVE-2026-0257
CVE-2026-0257
Description
Authentication bypass vulnerabilities in the GlobalProtect portal and gateway of Palo Alto Networks PAN-OS® software allows the attacker to bypass security restrictions and establish an unauthorized VPN connection.
Panorama and Cloud NGFW are not impacted by these issues.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
3- cert-portal.siemens.com/productcert/html/ssa-967325.htmlnvdThird Party Advisory
- security.paloaltonetworks.com/CVE-2026-0257nvdVendor Advisory
- www.cisa.gov/known-exploited-vulnerabilities-catalognvdUS Government Resource
News mentions
19- Palo Alto Warns of GlobalProtect VPN Vulnerability Actively Exploited in the WildCyber Security News · Jun 15, 2026
- Palo Alto Warns of Active Exploitation of PAN-OS GlobalProtect VPN FlawThe Hacker News · Jun 15, 2026
- Threat Brief: Active Exploitation of PAN-OS CVE-2026-0257Unit 42 · Jun 9, 2026
- Week in review: Cisco SD-WAN 0-day exploited, Patch Tuesday forecastHelp Net Security · Jun 7, 2026
- The Good, the Bad and the Ugly in Cybersecurity – Week 23SentinelOne Labs · Jun 5, 2026
- CISA Flags Palo Alto Networks PAN-OS Vulnerability as Exploited in AttacksCyber Security News · Jun 2, 2026
- Attackers are exploiting Palo Alto Networks defect that initially flew under the radarCyberScoop · Jun 1, 2026
- 1st June – Threat Intelligence ReportCheck Point Research · Jun 1, 2026
- Patch Now: Another Palo Alto Auth Bypass Bug Under Active ExploitDark Reading · Jun 1, 2026
- ⚡ Weekly Recap: New Linux Flaw, PAN-OS Exploit, AI-Powered Attacks, OAuth Phishing and MoreThe Hacker News · Jun 1, 2026
- Palo Alto VPN bug graduates from advisory to active exploitationThe Register Security · Jun 1, 2026
- Recent Palo Alto Networks Vulnerability Exploited for WeeksSecurityWeek · Jun 1, 2026
- Hackers are exploiting Palo Alto GlobalProtect VPN authentication bypass (CVE-2026-0257)Help Net Security · Jun 1, 2026
- Palo Alto Warns High-Severity Bug Is Being Actively ExploitedInfosecurity Magazine · Jun 1, 2026
- Palo Alto GlobalProtect VPN auth bypass flaw now exploited in attacksBleepingComputer · May 30, 2026
- PAN-OS GlobalProtect Authentication Bypass (CVE-2026-0257) Under Active ExploitationThe Hacker News · May 30, 2026
- Palo Alto Networks PAN-OS Authentication Vulnerability Bypass Exploited in the WildCyber Security News · May 30, 2026
- Rapid7 Observed Exploitation of PAN-OS GlobalProtect Authentication Bypass Vulnerability (CVE-2026-0257)Rapid7 Blog · May 29, 2026
- CISA Adds One Known Exploited Vulnerability to CatalogCISA Alerts