PAN-OS Flaw CVE-2026-0300 Exposes Firewalls to Remote Code Execution

A critical buffer overflow (CVE-2026-0300) in the PAN-OS User-ID Authentication (Captive Portal) enables unauthenticated remote code execution with root privileges (CVSS 9.3) and has been observed in limited active exploitation; the report enumerates impacted PAN-OS versions, scheduled patches (mid–late May 2026), and mitigation steps including restricting or disabling the portal and limiting access to trusted IPs.