A critical vulnerability (CVE-2026-0300) affecting Palo Alto Networks firewalls is being actively exploited by attackers, the security company acknowledged today, and urged customers to implement mitigations as they are still working on fixes. About CVE-2026-0300 CVE-2026-0300 is a buffer overflow vulnerability in the User-ID Authentication Portal (aka Captive Portal) service of Palo Alto Networks PAN-OS software. The portal enables user identification for unknown traffic, i.e., situations where the firewall cannot automatically map an IP address … More →
The post Root-level RCE vulnerability in Palo Alto firewalls exploited (CVE-2026-0300) appeared first on Help Net Security.