Critical Buffer Overflow Vulnerability in PAN-OS Exploited in-the-Wild

**Executive summary:** A critical unauthenticated remote code execution vulnerability (CVE-2026-0300) in the PAN-OS User-ID Authentication Portal (ports 6081/6082) enables attackers to achieve root code execution; Palo Alto reports a CVSS of 9.3 and limited in-the-wild exploitation, multiple PAN-OS branches/versions are affected, and recommended mitigations include immediate patching, restricting or disabling the portal, and avoiding Internet exposure.