Palo Alto Warns High-Severity Bug Is Being Actively Exploited

A high-severity authentication-bypass vulnerability (CVE-2026-0257, CVSS 7.8) in Palo Alto Networks PAN-OS GlobalProtect has been actively exploited in multiple waves, enabling attackers to forge authentication cookies and, in some cases, obtain VPN IP assignment and internal network access; Rapid7 and Palo Alto urge immediate patching or mitigations, and CISA added the CVE to its KEV catalog with a mandated patch deadline.