PAN-OS RCE Exploit Under Active Use Enabling Root Access and Espionage

Thursday, May 7, 2026 at 01:34 PM UTC·Source: The Hacker News

Updated: Thursday, May 7, 2026 at 02:00 PM UTC

Executive Summary

Palo Alto Networks has disclosed that threat actors may have attempted to unsuccessfully exploit a recently disclosed critical security flaw as early as April 9, 2026. The vulnerability in question is CVE-2026-0300 (CVSS score: 9.3/8.7), a buffer overflow vulnerability in the User-ID Authentication Portal service of Palo Alto Networks PAN-OS software that could allow an unauthenticated attacker

Analysis

Indicators of Compromise (1)

CVE (1)

CVE-2026-0300

NVD MITRE CVE

Source Attribution

Originally published by The Hacker News on May 7, 2026.

Related Threats

MEDIUMApt

Why we use CAPTCHAs, (Mon, May 11th)

A few months ago, I implemented Cloudflare&&#x23;x26;&#x23;39;s Turnstile CAPTCHA on some pages. The reason for implementing these CAPTCHAs is obvious: Bots make up a large percentage of traffic and affect site performance.

4h agoSANS ISC

LOWApt

Final Countdown: Last Chance to Join the Rapid7 Global Cybersecurity Summit

The Rapid7 2026 Global Cybersecurity Summit is just around the corner, and with it, a final opportunity to join the conversations shaping how security teams are adapting to a rapidly changing landscape. Over the past few weeks, we’ve shared a preview of what to expect, from the sessions and speakers to the themes running across the agenda. What has become increasingly clear is how closely these to

6h agoRapid7

MEDIUMApt

OMS embeds Twenty7tec Adapt to keep track of panel product changes

One Mortgage System (OMS), the CRM and loan origination platform for intermediaries and lenders, has announced that Twenty7tec’s ADAPT solution is now fully integrated into its platform, with the functionality live and available to users immediately.

9h agoFinextra