AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

🔥 This vulnerability is being actively exploited in the wild (CISA Known Exploited Vulnerabilities catalog)

CVE-2026-0257: Palo Alto Networks PAN-OS Authentication Bypass Vulnerability

infovulnerability🔥 Actively Exploited

security

Source: CISA Known Exploited VulnerabilitiesMay 28, 2026CVE-2026-0257

Summary

Palo Alto Networks PAN-OS has an authentication bypass vulnerability (a flaw that lets attackers skip security checks) that allows attackers to create unauthorized VPN (virtual private network, a secure tunnel for remote access) connections without proper credentials. This vulnerability is currently being actively exploited by attackers in real-world attacks.

Solution / Mitigation

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. Mitigation details are available at https://security.paloaltonetworks.com/CVE-2026-0257.

Vulnerability Details

EPSS (30-day exploit probability)

EPSS: 0.1%

Patch Available

Yes

Exploit Maturity

🔥 Actively Exploited

Disclosure Date

May 28, 2026

Classification

Attack SophisticationModerate

Taxonomy References

CWE (Weakness Type)

CWE-565

Monthly digest — independent AI security research

Original source: https://nvd.nist.gov/vuln/detail/CVE-2026-0257

First tracked: May 29, 2026 at 08:00 PM

Classified by LLM (prompt v3) · confidence: 95%