authentication bypass2 articles
Palo Alto's GlobalProtect Flaw Was Being Actively Exploited Within Days of Disclosure
A high-severity authentication bypass vulnerability (CVE-2026-0257) in Palo Alto Networks' PAN-OS GlobalProtect portal and gateway was patched on May 13, but threat actors began actively exploiting it just four days after public disclosure. Rapid7 observed multiple waves of attacks across customer environments, with attackers using forged cookies to bypass authentication and, in some cases, gain access to internal networks via VPN. CISA has added the flaw to its Known Exploited Vulnerabilities catalog and is urging federal agencies to apply the available patches by June 1.
Cisco's Latest Perfect 10: Secure Workload Flaw Hands Attackers Admin Privileges for Free
Cisco has disclosed a maximum severity (CVSS 10.0) vulnerability, CVE-2026-20223, in its Secure Workload platform, which allows unauthenticated attackers to gain Site Admin privileges by sending crafted API requests to poorly validated internal REST API endpoints. A successful exploit could enable attackers to read sensitive data and make configuration changes across tenant boundaries, affecting both SaaS and on-premises deployments. Cisco says no workarounds exist, fixed versions have been released, and cloud-hosted deployments have already been patched, though the flaw marks another in a growing string of perfect-10 vulnerabilities from the networking giant.