Reports
AI-generated structured vendor updates
Palo Alto Networks
Other
2026-07-12
Palo Alto Networks PAN-OS Vulnerabilities: Buffer Overflow and Active Exploitation
Palo Alto Networks disclosed 13 PAN-OS vulnerabilities, with the most critical being CVE-2026-0288 (CVSS 9.2), a buffer overflow in User-ID TSA allowing unauthenticated RCE. CVE-2026-0257, an authentication bypass in GlobalProtect, is actively exploited in the wild.
Palo Alto Networks
Other
2026-07-02
Active Exploitation of CVE-2026-0257: GlobalProtect VPN Authentication Bypass Threatens Enterprise Networks
Palo Alto Networks confirms active exploitation of CVE-2026-0257 in GlobalProtect VPN. Attackers exploit shared certificates between HTTPS and authentication override to forge cookies, impersonating admins. CISA added to KEV. Urgent upgrade or dedicated cookie encryption certificate recommended.