CVE-2026-0265: Authentication Bypass in Palo Alto Networks PAN-OS
Rapid7, Thursday, May 14th, 2026
Critical authentication bypass vulnerability in Palo Alto Networks PAN-OS affects firewalls and Panorama appliances with Cloud Authentication Service enabled.
Palo Alto Networks disclosed CVE-2026-0265, a signature verification vulnerability with a 7.2 CVSS score that allows remote unauthenticated attackers to bypass authentication on PAN-OS systems when Cloud Authentication Service (CAS) is enabled. The vulnerability affects PA-Series and VM-Series firewalls as well as Panorama appliances, but not Cloud NGFW or Prisma Access
Security researcher Harsh Jaiswal disputed the vendor's severity rating, claiming successful exploitation on multiple organizations' GlobalProtect portals, with full technical details planned for disclosure the week of May 18. Patches are partially available as of May 13, with additional patches expected by May 28, and organizations running affected systems are advised to upgrade on an emergency basis.