Threat Intelligence / CVE / CVE-2026-0257

CVE-2026-0257

CISA KEVRansomware

CVSS 7.8 · EPSS 0.1% · Published 2026-05-13

Authentication bypass vulnerabilities in the GlobalProtect portal and gateway of Palo Alto Networks PAN-OS® software allows the attacker to bypass security restrictions and establish an unauthorized VPN connection. Panorama and Cloud NGFW are not impacted by these issues.

Weaknesses (CWE)

CWE-565

Threats tracking this CVE

Palo Alto Networks PAN-OS / Prisma Access GlobalProtect Authentication Bypass (CVE-2026-0257) — Active Exploitation, CISA KEV — CRITICAL

References

https://security.paloaltonetworks.com/CVE-2026-0257

Full detection coverage & IOCs for threats exploiting CVE-2026-0257 are available via the Threadlinqs MCP server (Purple tier). View plans →

Markdown version · Threadlinqs Intelligence