CVE-2026-0257: PAN-OS GlobalProtect Actively Exploited
🟠 High | Source: The Hacker News Palo Alto Networks has confirmed active exploitation of CVE-2026-0257, an authentication bypass vulnerability (CVSS 7.8) affecting the GlobalProtect portal and gateway components of PAN-OS. An unknown threat actor is leveraging the flaw to gain unauthorised access to GlobalProtect VPN portals. This is particularly concerning as GlobalProtect is widely deployed as a primary remote access solution across enterprise environments. Security Architect’s Take: Prioritise patching PAN-OS to the fixed version immediately, and in the interim restrict access to the GlobalProtect portal to trusted IP ranges or enable Threat Prevention profiles to block known exploit signatures if a Threat Prevention licence is in place. ...