{"uuid": "866a287e-7744-43d2-b73d-d05c4012b8d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-0257", "type": "seen", "source": "https://bsky.app/profile/diesec.bsky.social/post/3mncgve2j4o2n", "content": "CVE-2026-0257: Palo Alto GlobalProtect auth bypass \u2014 no credentials needed. Attacker forges auth cookie via exposed HTTPS cert public key \u2192 full VPN access. Active exploitation since May 17. CISA KEV deadline was June 1. \n\nPatch PAN-OS now.\n\n#CyberSecurity #PaloAlto", "creation_timestamp": "2026-06-02T11:00:07.317075Z"}