On May 6, 2026, the French CERT released a bulletin about a vulnerability in Palo Alto Networks User‑ID Authentication Portal (CVE‑2026‑0300). The flaw allows an attacker to trigger remote arbitrary code execution on affected PAN‑OS systems. Palo Alto Networks confirmed that CVE‑2026‑0300 is being actively exploited. Affected versions include all PAN‑OS 10.2.x, 10.2.7.x, 11.1.x, 11.2.x, 12.1.x releases prior to the specified hotfixes, as detailed in the bulletin. The vendor will issue patches on May 13 and May 28, 2026. Users are advised to consult the vendor’s security bulletin for the latest fixes and to apply the updates as soon as possible.
Summary of content from
Made by AI. If you spot anything of concern write us at contact@cybach.com. We’ll promptly correct irregularities.