Critical PAN-OS Flaw Under Active Exploitation Enabling Root RCE

May 6, 2026 at 09:50 AM

•

1 min read

Critical PAN-OS Flaw Under Active Exploitation Enabling Root RCE — Photo: The Hacker News

TL;DR Summary

Palo Alto Networks warns of a critical buffer‑overflow flaw in PAN-OS User-ID Authentication Portal (CVE-2026-0300) that allows unauthenticated remote code execution with root privileges on PA-Series and VM-Series firewalls; the bug is under active exploitation, with a CVSS of up to 9.3 when the portal is internet‑exposed and 8.7 otherwise, and PAN-OS 12.1 is listed as affected.

Topics:technology #cve-2026-0300 #palo-alto-networks #pan-os #remote-code-execution #security #vulnerability

Share this article

Palo Alto PAN-OS Flaw Under Active Exploitation Enables Remote Code Execution The Hacker News
Critical Palo Alto Firewalls Vulnerability Exploited in the Wild to Gain Root Access CyberSecurityNews

Reading Insights

Total Reads

Unique Readers

Time Saved

4 min

vs 4 min read

Condensed

93%

764 → 57 words

Want the full story? Read the original article

Read on The Hacker News

JavaScript Required

tl;dr daily news requires JavaScript to be enabled. Please enable JavaScript in your browser settings.

Related Sources

Reading Insights