CVE-2026-0257
PAN-OS: GlobalProtect Authentication Bypass Vulnerabilities
Authentication bypass vulnerabilities in the GlobalProtect portal and gateway of Palo Alto Networks PAN-OS® software allows the attacker to bypass security restrictions and establish an unauthorized VPN connection. Panorama and Cloud NGFW are not impacted by these issues.
CVSS Vector Breakdown
AV:NAttack VectorAC:LAttack ComplexityPR:NPrivileges RequiredUI:NUser InteractionS:UScopeC:HConfidentialityI:HIntegrityA:NAvailabilityWeaknesses
Affected Products
Exploitability
Required action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Exploit details including PoC links, Metasploit modules, and scanner templates are available after registration.
View exploit detailsNuclei Scanner Templates
1 Nuclei template available for automated vulnerability detection.
- Ready-to-use scanner templates
- Verified detection rules
- Direct integration with Nuclei
References
Timeline
- Palo Alto Warns of Active Exploitation of PAN-OS GlobalProtect VPN Flawen·The Hacker News· Summary only·
- Threat Brief: Active Exploitation of PAN-OS CVE-2026-0257en-us·Palo Alto Unit 42·
- 1st June – Threat Intelligence Reporten-us·Check Point Research·
- Patch Now: Another Palo Alto Auth Bypass Bug Under Active Exploiten·Dark Reading· Source-only·
- ⚡ Weekly Recap: New Linux Flaw, PAN-OS Exploit, AI-Powered Attacks, OAuth Phishing and Moreen·The Hacker News· Summary only·
- PAN-OS GlobalProtect Authentication Bypass (CVE-2026-0257) Under Active Exploitationen·The Hacker News· Summary only·
- Rapid7 Observed Exploitation of PAN-OS GlobalProtect Authentication Bypass Vulnerability (CVE-2026-0257)en·Rapid7 Blog·
Unlock Complete Vulnerability Intelligence
Get the full picture for CVE-2026-0257 and every CVE in our database. Create a free account — no credit card required.
Create Free Account