CVE-2026-0300

CISA Flags Palo Alto PAN-OS Zero-Day as Actively Exploited, Orders Federal Fixes by May 9

The bug in the User-ID Authentication Portal lets remote attackers run code as root on PA- and VM-Series firewalls.