Rapid7 has reported that threat actors are actively exploiting a high-severity authentication bypass vulnerability (CVE-2026-0257) in Palo Alto Networks' PAN-OS GlobalProtect portal and gateway just days after it was publicly disclosed. Organizations are urged to patch their systems promptly, as the US cybersecurity agency CISA has added the vulnerability to its Known Exploited Vulnerabilities catalog.
The most valuable insight for a cybersecurity professional is the urgent need to patch the authentication bypass vulnerability CVE-2026-0257 in Palo Alto Networks PAN-OS devices, as threat actors have quickly begun exploiting it in the wild. Rapid7 has shared a proof-of-concept script and indicators of compromise to aid in identifying vulnerable systems, and CISA has mandated federal agencies to patch the flaw by June 1. Prioritize updating affected systems immediately to mitigate potential breaches.