CVE-2026-0257

Warning

Media report

EPSS 58.79%
Published 13.05.2026 18:15:10
Last modified 09.06.2026 12:47:03
Source psirt@paloaltonetworks.com
CVE watchlists
Login
Open
Login

PAN-OS: GlobalProtect Authentication Bypass Vulnerabilities

Authentication bypass vulnerabilities in the GlobalProtect portal and gateway of Palo Alto Networks PAN-OS® software allows the attacker to bypass security restrictions and establish an unauthorized VPN connection.

Panorama and Cloud NGFW are not impacted by these issues.

Affected products Warnungen 1 Metrics 3 CWE 1 References 10

NVD 162 VulnDex Vulnerability Enrichment 2

Data is provided by the National Vulnerability Database (NVD)

Paloaltonetworks ≫ Pan-os Version < 10.2.7

Paloaltonetworks ≫ Pan-os Version10.2.7 Update-

Paloaltonetworks ≫ Pan-os Version10.2.7 Updateh1

Paloaltonetworks ≫ Pan-os Version10.2.7 Updateh12

Paloaltonetworks ≫ Pan-os Version10.2.7 Updateh16

Paloaltonetworks ≫ Pan-os Version10.2.7 Updateh18

Paloaltonetworks ≫ Pan-os Version10.2.7 Updateh19

Paloaltonetworks ≫ Pan-os Version10.2.7 Updateh21

Paloaltonetworks ≫ Pan-os Version10.2.7 Updateh24

Paloaltonetworks ≫ Pan-os Version10.2.7 Updateh3

Paloaltonetworks ≫ Pan-os Version10.2.7 Updateh32

Paloaltonetworks ≫ Pan-os Version10.2.7 Updateh6

Paloaltonetworks ≫ Pan-os Version10.2.7 Updateh8

Paloaltonetworks ≫ Pan-os Version10.2.8

Paloaltonetworks ≫ Pan-os Version10.2.9

Paloaltonetworks ≫ Pan-os Version10.2.10 Update-

Paloaltonetworks ≫ Pan-os Version10.2.10 Updateh10

Paloaltonetworks ≫ Pan-os Version10.2.10 Updateh12

Paloaltonetworks ≫ Pan-os Version10.2.10 Updateh14

Paloaltonetworks ≫ Pan-os Version10.2.10 Updateh17

Paloaltonetworks ≫ Pan-os Version10.2.10 Updateh18

Paloaltonetworks ≫ Pan-os Version10.2.10 Updateh2

Paloaltonetworks ≫ Pan-os Version10.2.10 Updateh21

Paloaltonetworks ≫ Pan-os Version10.2.10 Updateh27

Paloaltonetworks ≫ Pan-os Version10.2.10 Updateh3

Paloaltonetworks ≫ Pan-os Version10.2.10 Updateh30

Paloaltonetworks ≫ Pan-os Version10.2.10 Updateh31

Paloaltonetworks ≫ Pan-os Version10.2.10 Updateh4

Paloaltonetworks ≫ Pan-os Version10.2.10 Updateh5

Paloaltonetworks ≫ Pan-os Version10.2.10 Updateh7

Paloaltonetworks ≫ Pan-os Version10.2.10 Updateh9

Paloaltonetworks ≫ Pan-os Version10.2.11

Paloaltonetworks ≫ Pan-os Version10.2.12

Paloaltonetworks ≫ Pan-os Version10.2.13 Update-

Paloaltonetworks ≫ Pan-os Version10.2.13 Updateh1

Paloaltonetworks ≫ Pan-os Version10.2.13 Updateh10

Paloaltonetworks ≫ Pan-os Version10.2.13 Updateh16

Paloaltonetworks ≫ Pan-os Version10.2.13 Updateh18

Paloaltonetworks ≫ Pan-os Version10.2.13 Updateh2

Paloaltonetworks ≫ Pan-os Version10.2.13 Updateh3

Paloaltonetworks ≫ Pan-os Version10.2.13 Updateh4

Paloaltonetworks ≫ Pan-os Version10.2.13 Updateh5

Paloaltonetworks ≫ Pan-os Version10.2.13 Updateh7

Paloaltonetworks ≫ Pan-os Version10.2.14

Paloaltonetworks ≫ Pan-os Version10.2.15

Paloaltonetworks ≫ Pan-os Version10.2.16 Update-

Paloaltonetworks ≫ Pan-os Version10.2.16 Updateh1

Paloaltonetworks ≫ Pan-os Version10.2.16 Updateh4

Paloaltonetworks ≫ Pan-os Version10.2.16 Updateh6

Paloaltonetworks ≫ Pan-os Version10.2.17

Paloaltonetworks ≫ Pan-os Version10.2.18 Update-

Paloaltonetworks ≫ Pan-os Version10.2.18 Updateh1

Paloaltonetworks ≫ Pan-os Version10.2.18 Updateh5

Paloaltonetworks ≫ Pan-os Version11.1.0

Paloaltonetworks ≫ Pan-os Version11.1.1

Paloaltonetworks ≫ Pan-os Version11.1.2

Paloaltonetworks ≫ Pan-os Version11.1.3

Paloaltonetworks ≫ Pan-os Version11.1.4 Update-

Paloaltonetworks ≫ Pan-os Version11.1.4 Updateh1

Paloaltonetworks ≫ Pan-os Version11.1.4 Updateh13

Paloaltonetworks ≫ Pan-os Version11.1.4 Updateh15

Paloaltonetworks ≫ Pan-os Version11.1.4 Updateh16

Paloaltonetworks ≫ Pan-os Version11.1.4 Updateh17

Paloaltonetworks ≫ Pan-os Version11.1.4 Updateh18

Paloaltonetworks ≫ Pan-os Version11.1.4 Updateh25

Paloaltonetworks ≫ Pan-os Version11.1.4 Updateh27

Paloaltonetworks ≫ Pan-os Version11.1.4 Updateh32

Paloaltonetworks ≫ Pan-os Version11.1.4 Updateh4

Paloaltonetworks ≫ Pan-os Version11.1.4 Updateh7

Paloaltonetworks ≫ Pan-os Version11.1.4 Updateh9

Paloaltonetworks ≫ Pan-os Version11.1.5

Paloaltonetworks ≫ Pan-os Version11.1.6 Update-

Paloaltonetworks ≫ Pan-os Version11.1.6 Updateh1

Paloaltonetworks ≫ Pan-os Version11.1.6 Updateh10

Paloaltonetworks ≫ Pan-os Version11.1.6 Updateh14

Paloaltonetworks ≫ Pan-os Version11.1.6 Updateh17

Paloaltonetworks ≫ Pan-os Version11.1.6 Updateh19

Paloaltonetworks ≫ Pan-os Version11.1.6 Updateh2

Paloaltonetworks ≫ Pan-os Version11.1.6 Updateh20

Paloaltonetworks ≫ Pan-os Version11.1.6 Updateh21

Paloaltonetworks ≫ Pan-os Version11.1.6 Updateh22

Paloaltonetworks ≫ Pan-os Version11.1.6 Updateh23

Paloaltonetworks ≫ Pan-os Version11.1.6 Updateh25

Paloaltonetworks ≫ Pan-os Version11.1.6 Updateh29

Paloaltonetworks ≫ Pan-os Version11.1.6 Updateh3

Paloaltonetworks ≫ Pan-os Version11.1.6 Updateh4

Paloaltonetworks ≫ Pan-os Version11.1.6 Updateh5

Paloaltonetworks ≫ Pan-os Version11.1.6 Updateh6

Paloaltonetworks ≫ Pan-os Version11.1.6 Updateh7

Paloaltonetworks ≫ Pan-os Version11.1.7 Update-

Paloaltonetworks ≫ Pan-os Version11.1.7 Updateh1

Paloaltonetworks ≫ Pan-os Version11.1.7 Updateh2

Paloaltonetworks ≫ Pan-os Version11.1.7 Updateh4

Paloaltonetworks ≫ Pan-os Version11.1.8

Paloaltonetworks ≫ Pan-os Version11.1.9

Paloaltonetworks ≫ Pan-os Version11.1.10 Update-

Paloaltonetworks ≫ Pan-os Version11.1.10 Updateh1

Paloaltonetworks ≫ Pan-os Version11.1.10 Updateh10

Paloaltonetworks ≫ Pan-os Version11.1.10 Updateh12

Paloaltonetworks ≫ Pan-os Version11.1.10 Updateh21

Paloaltonetworks ≫ Pan-os Version11.1.10 Updateh4

Paloaltonetworks ≫ Pan-os Version11.1.10 Updateh5

Paloaltonetworks ≫ Pan-os Version11.1.10 Updateh7

Paloaltonetworks ≫ Pan-os Version11.1.10 Updateh9

Paloaltonetworks ≫ Pan-os Version11.1.11

Paloaltonetworks ≫ Pan-os Version11.1.12

Paloaltonetworks ≫ Pan-os Version11.1.13 Update-

Paloaltonetworks ≫ Pan-os Version11.1.13 Updateh1

Paloaltonetworks ≫ Pan-os Version11.1.13 Updateh2

Paloaltonetworks ≫ Pan-os Version11.1.13 Updateh3

Paloaltonetworks ≫ Pan-os Version11.1.14 Update-

Paloaltonetworks ≫ Pan-os Version11.2.0

Paloaltonetworks ≫ Pan-os Version11.2.1

Paloaltonetworks ≫ Pan-os Version11.2.2

Paloaltonetworks ≫ Pan-os Version11.2.3

Paloaltonetworks ≫ Pan-os Version11.2.4 Update-

Paloaltonetworks ≫ Pan-os Version11.2.4 Updateh1

Paloaltonetworks ≫ Pan-os Version11.2.4 Updateh10

Paloaltonetworks ≫ Pan-os Version11.2.4 Updateh11

Paloaltonetworks ≫ Pan-os Version11.2.4 Updateh12

Paloaltonetworks ≫ Pan-os Version11.2.4 Updateh14

Paloaltonetworks ≫ Pan-os Version11.2.4 Updateh15

Paloaltonetworks ≫ Pan-os Version11.2.4 Updateh2

Paloaltonetworks ≫ Pan-os Version11.2.4 Updateh4

Paloaltonetworks ≫ Pan-os Version11.2.4 Updateh5

Paloaltonetworks ≫ Pan-os Version11.2.4 Updateh6

Paloaltonetworks ≫ Pan-os Version11.2.4 Updateh7

Paloaltonetworks ≫ Pan-os Version11.2.4 Updateh8

Paloaltonetworks ≫ Pan-os Version11.2.4 Updateh9

Paloaltonetworks ≫ Pan-os Version11.2.5

Paloaltonetworks ≫ Pan-os Version11.2.6

Paloaltonetworks ≫ Pan-os Version11.2.7 Update-

Paloaltonetworks ≫ Pan-os Version11.2.7 Updateh1

Paloaltonetworks ≫ Pan-os Version11.2.7 Updateh10

Paloaltonetworks ≫ Pan-os Version11.2.7 Updateh11

Paloaltonetworks ≫ Pan-os Version11.2.7 Updateh12

Paloaltonetworks ≫ Pan-os Version11.2.7 Updateh13

Paloaltonetworks ≫ Pan-os Version11.2.7 Updateh2

Paloaltonetworks ≫ Pan-os Version11.2.7 Updateh3

Paloaltonetworks ≫ Pan-os Version11.2.7 Updateh4

Paloaltonetworks ≫ Pan-os Version11.2.7 Updateh7

Paloaltonetworks ≫ Pan-os Version11.2.7 Updateh8

Paloaltonetworks ≫ Pan-os Version11.2.8

Paloaltonetworks ≫ Pan-os Version11.2.9

Paloaltonetworks ≫ Pan-os Version11.2.10 Update-

Paloaltonetworks ≫ Pan-os Version11.2.10 Updateh1

Paloaltonetworks ≫ Pan-os Version11.2.10 Updateh2

Paloaltonetworks ≫ Pan-os Version11.2.10 Updateh3

Paloaltonetworks ≫ Pan-os Version11.2.10 Updateh4

Paloaltonetworks ≫ Pan-os Version11.2.10 Updateh5

Paloaltonetworks ≫ Pan-os Version11.2.10 Updateh6

Paloaltonetworks ≫ Pan-os Version11.2.11 Update-

Paloaltonetworks ≫ Pan-os Version12.1.2

Paloaltonetworks ≫ Pan-os Version12.1.3

Paloaltonetworks ≫ Pan-os Version12.1.4 Update-

Paloaltonetworks ≫ Pan-os Version12.1.4 Updateh2

Paloaltonetworks ≫ Pan-os Version12.1.4 Updateh3

Paloaltonetworks ≫ Pan-os Version12.1.4 Updateh5

Paloaltonetworks ≫ Pan-os Version12.1.5

Paloaltonetworks ≫ Pan-os Version12.1.6

Paloaltonetworks ≫ Prisma Access Version-

   Paloaltonetworks ≫ Pan-os Version >= 10.2.0 < 10.2.10
   Paloaltonetworks ≫ Pan-os Version >= 11.2.0 < 11.2.7
   Paloaltonetworks ≫ Pan-os Version10.2.10 Update-
   Paloaltonetworks ≫ Pan-os Version10.2.10 Updateh10
   Paloaltonetworks ≫ Pan-os Version10.2.10 Updateh12
   Paloaltonetworks ≫ Pan-os Version10.2.10 Updateh14
   Paloaltonetworks ≫ Pan-os Version10.2.10 Updateh17
   Paloaltonetworks ≫ Pan-os Version10.2.10 Updateh18
   Paloaltonetworks ≫ Pan-os Version10.2.10 Updateh2
   Paloaltonetworks ≫ Pan-os Version10.2.10 Updateh21
   Paloaltonetworks ≫ Pan-os Version10.2.10 Updateh27
   Paloaltonetworks ≫ Pan-os Version10.2.10 Updateh3
   Paloaltonetworks ≫ Pan-os Version10.2.10 Updateh30
   Paloaltonetworks ≫ Pan-os Version10.2.10 Updateh31
   Paloaltonetworks ≫ Pan-os Version10.2.10 Updateh4
   Paloaltonetworks ≫ Pan-os Version10.2.10 Updateh5
   Paloaltonetworks ≫ Pan-os Version10.2.10 Updateh7
   Paloaltonetworks ≫ Pan-os Version10.2.10 Updateh9
   Paloaltonetworks ≫ Pan-os Version11.2.7 Update-
   Paloaltonetworks ≫ Pan-os Version11.2.7 Updateh1
   Paloaltonetworks ≫ Pan-os Version11.2.7 Updateh10
   Paloaltonetworks ≫ Pan-os Version11.2.7 Updateh11
   Paloaltonetworks ≫ Pan-os Version11.2.7 Updateh12
   Paloaltonetworks ≫ Pan-os Version11.2.7 Updateh2
   Paloaltonetworks ≫ Pan-os Version11.2.7 Updateh3
   Paloaltonetworks ≫ Pan-os Version11.2.7 Updateh4
   Paloaltonetworks ≫ Pan-os Version11.2.7 Updateh7
   Paloaltonetworks ≫ Pan-os Version11.2.7 Updateh8

Siemens ≫ Ruggedcom Ape1808 Firmware Version-

Siemens ≫ Ruggedcom Ape1808 Version-

VulnDex Vulnerability Enrichment

This information is available to logged-in users.

29.05.2026: CISA Known Exploited Vulnerabilities (KEV) Catalog

Palo Alto Networks PAN-OS Authentication Bypass Vulnerability

Vulnerability

Palo Alto Networks PAN-OS contains an authentication bypass vulnerability that allows attackers to bypass security restrictions and establish an unauthorized VPN connection.

Description

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Required actions

EPSS Metrics
Type	Source	Score	percentile
EPSS	FIRST.org	58.79%	0.983

CVSS Metrics
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	9.1	3.9	5.2	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
psirt@paloaltonetworks.com	7.8	0	0	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:H/SI:H/SA:N/E:A/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:A/V:D/RE:M/U:Red

CWE-565 Reliance on Cookies without Validation and Integrity Checking

The product relies on the existence or values of cookies when performing security-critical operations, but it does not properly ensure that the setting is valid for the associated user.

Für Zugriff zu Vulnerablity Intelligence ist ein VulnDex Zugang erforderlich.

Media Report

05.06.2026 12:48

Für Zugriff zu Vulnerablity Intelligence ist ein VulnDex Zugang erforderlich.

Media Report

05.06.2026 12:47

Für Zugriff zu Vulnerablity Intelligence ist ein VulnDex Zugang erforderlich.

Media Report

05.06.2026 12:47

Für Zugriff zu Vulnerablity Intelligence ist ein VulnDex Zugang erforderlich.

Media Report

05.06.2026 12:47

https://cert-portal.siemens.com/productcert/html/ssa-967325.html

Third Party Advisory

https://security.paloaltonetworks.com/CVE-2026-0257

Vendor Advisory

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-0257

US Government Resource

https://nvd.nist.gov/vuln/detail/CVE-2026-0257

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-0257

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-0257

EUVD

Team-oriented vulnerability management platformTeam-oriented vulnerability management

Platform features

CVE-2026-0257

29.05.2026: CISA Known Exploited Vulnerabilities (KEV) Catalog