COOEY // HUBcompliance · community · intelligence

Exposures › CVE-2026-0300

CVE-2026-0300

Severity
high · on CISA KEV actively exploited
Source
CISA-KEV · kev
Published
2026-05-06
Reference
https://nvd.nist.gov/vuln/detail/CVE-2026-0300
⚡ RCE ⌖ exploited in the wild shame 85/100 rceexploited-in-wildransomwaresupply-chaindata-breachdefault-creds

Palo Alto Networks PAN-OS allows unauthenticated attackers to execute arbitrary root code via an out-of-bounds write in the User-ID Authentication Portal.

This critical vulnerability enables remote code execution with root privileges on firewalls without authentication, directly threatening DIB network perimeters and violating NIST 800-171 confidentiality and integrity controls. Organizations must immediately patch PAN-OS to prevent unauthorized access to sensitive systems.

Shame score — A critical RCE vulnerability in a widely deployed firewall product that allows unauthenticated attackers to gain root access represents a severe security failure.

Players implicated

Palo Alto Networks, Inc. · vendorPAN-OS · product

Description

Palo Alto Networks PAN-OS contains an out-of-bounds write vulnerability in the User-ID Authentication Portal (aka Captive Portal) service that can allow an unauthenticated attacker to execute arbitrary code with root privileges on the PA-Series and VM-Series firewalls by sending specially crafted packets.

Affected FedRAMP products 2 in the catalog

ProductProviderStatusMatch
GCS-HIGH Palo Alto Networks, Inc. Ready vendor-exact · 0.90
Palo Alto Networks Government Cloud Services Palo Alto Networks, Inc. Authorized vendor-exact · 0.90