, , ,

Critical Buffer Overflow Vulnerability in Palo Alto Networks PAN-OS Software

the exploit blog logo
The Exploit: Penetration Testing Insights From The Frontlines
Posted on May 13, 2026
Critical Buffer Overflow Vulnerability in Palo Alto Networks PAN-OS Software

Written by Andrew Trexler

Earlier this month a new vulnerability, CVE-2026-0300, was discovered in Palo Alto’s Authentication Portal. This vulnerability could allow an unauthenticated attacker to execute arbitrary code as the root user. 

If the authentication portal is only exposed to internal and trusted networks, the risk is reduced; however, any authentication portal exposed to the wider internet could allow an attacker to gain root access to the device.

Per Palo Alto this issue affects PA-Series and VM-Series firewalls with User-ID authentication Portal. Limited exploitation has been reported.

What to Do Now

Palo Alto Networks plans to fix the issue in upcoming releases of PAN-OS. They provide instructions to secure access to the User-ID Authentication Portal in the Workaround and Mitigations section of their security advisory and strongly recommend that all affected organizations implement them immediately. 

Andrew Trexler

Andrew Trexler
Andrew graduated from the University of Pittsburgh with a degree in Information Science where he focused on networking and security. He continued his education by obtaining the Offensive Security Certified Professional (OSCP) and the eLearnSecurity Junior Penetration Tester (eJPT) certifications. When not participating in capture the flag events, Andrew works as a pyrotechnic operator setting up and shooting firework shows in the Pittsburgh area.

Search The Exploit Blog

Blog Categories

Stay up to date with the latest in penetration testing

Name(Required)
Newsletter(Required)
Do you wish to join our newsletter? We send out emails once a month that cover the latest in cybersecurity news. We do not sell your information to other parties.