Palo Alto Networks Warns of Critical PAN-OS Vulnerability Being Actively Exploited

Palo Alto Networks issued an advisory warning that a critical buffer overflow vulnerability in its PAN-OS software, tracked as CVE-2026-0300, is being actively exploited in the wild. The flaw enables unauthenticated remote code execution and holds a CVSS score of 9.3 when the User-ID Authentication Portal is configured to allow internet access. No specific attack vectors, threat actors, or affected PAN-OS versions were disclosed in the advisory. The vulnerability’s exploitation status confirms real-world impact, though the scope of compromised systems remains unconfirmed. The notice did not include patch release dates or mitigation steps beyond the advisory.