Rapid7 Observed Exploitation of PAN-OS GlobalProtect Authentication Bypass Vulnerability (CVE-2026-0257)
Author: Rapid7 Published: May 29, 2026 (last updated June 3, 2026) Source: https://www.rapid7.com/blog/post/etr-rapid7-observed-exploitation-of-pan-os-globalprotect-authentication-bypass-vulnerability-cve-2026-0257/ Summary Rapid7 reports active in-the-wild exploitation of CVE-2026-0257, an authentication bypass in the Palo Alto Networks PAN-OS GlobalProtect portal/gateway. The flaw stems from improper certificate handling in the authentication override feature: when the certificate used to encrypt authentication-override cookies is reused for … Read more