Skip to content
The Nexus
DossierENTITY

CVE-2026-0300

Coverage of CVE-2026-0300 in the Nexus archive.

Earliest in view: May 6 · 06:14 UTCMost recent: Jun 1 · 12:15 UTC
Co-mentioned in this coverage
Recent coverage
  • SECURITYJun 1 · 12:15 UTCTHE REGISTER
    Palo Alto VPN bug graduates from advisory to active exploitation

    Palo Alto Networks disclosed a critical security flaw, CVE-2026-0257, in PAN-OS GlobalProtect that allows attackers to bypass authentication and gain unauthorized VPN access. Researchers at Rapid7 confirmed active exploitation since May 17, prompting Palo Alto to elevate the severity rating and CISA to add it to its exploited vulnerabilities catalog with a June 1 patch deadline.

  • SECURITYMay 7 · 13:53 UTCTHE REGISTER
    State-backed hackers hammer Palo Alto firewall zero-day before patch lands

    State-backed hackers have been exploiting a zero-day vulnerability in Palo Alto Networks firewalls, tracked as CVE-2026-0300, to gain root access without login required. The flaw affects the Captive Portal feature in PAN-OS on PA-Series and VM-Series firewalls. Attacks are already underway, tied to a cluster of likely state-sponsored threat activity tracked as CL-STA-1132.

  • SECURITYMay 7 · 13:34 UTCTHE HACKER NEWS
    PAN-OS RCE Exploit Under Active Use Enabling Root Access and Espionage

    Palo Alto Networks disclosed a critical security flaw in their PAN-OS software, which could allow an unauthenticated attacker to exploit a buffer overflow vulnerability. The vulnerability, CVE-2026-0300, has a CVSS score of 9.3/8.7 and may have been attempted to be exploited as early as April 9, 2026. Threat actors may use this flaw for root access and espionage.

  • SECURITYMay 6 · 20:33 UTCRECORDED FUTURE NEWS
    Palo Alto warns of critical software bug used in firewall attacks

    Palo Alto Networks has identified a critical software bug used in firewall attacks, tracked as CVE-2026-0300. A patch for the bug is not yet available but will be included in releases over the next two weeks. The vulnerability poses a significant risk to users until the patch is published.

  • SECURITYMay 6 · 06:14 UTCTHE HACKER NEWS
    Palo Alto PAN-OS Flaw Under Active Exploitation Enables Remote Code Execution

    Palo Alto Networks' PAN-OS software has a critical buffer overflow vulnerability that allows unauthenticated remote code execution, tracked as CVE-2026-0300, with a CVSS score of 9.3. The flaw is under active exploitation and enables access from the internet if the User-ID Authentication Portal is configured accordingly. This poses a significant security risk to affected systems.

CVE-2026-0300 · Dossier · The Nexus