CVE-2026-0300

CriticalCISA KEVActive Exploitation

Published: 06 May 2026

Published

06 May 2026

Modified

12 May 2026

KEV Added

06 May 2026

Patch

—

CVSS Score 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.1443 94.5th percentile

Risk Priority 48 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-0300 is a critical-severity Out-of-bounds Write (CWE-787) vulnerability in Paloaltonetworks Pan-Os. Its CVSS base score is 9.8 (Critical).

Operationally, ranked in the top 5.5% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog.

Threat & Defense Details

Likely Mitigating ControlsAI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

SI-16 Memory Protection

addresses: CWE-787

Out-of-bounds writes that corrupt control flow or inject shellcode are rendered non-executable by the same memory protections.

NVD Description

A buffer overflow vulnerability in the User-ID™ Authentication Portal (aka Captive Portal) service of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to execute arbitrary code with root privileges on the PA-Series and VM-Series firewalls by sending specially crafted…

packets. The risk of this issue is greatly reduced if you secure access to the User-ID™ Authentication Portal per the best practice guidelines https://knowledgebase.paloaltonetworks.com/KCSArticleDetail by restricting access to only trusted internal IP addresses. Prisma Access, Cloud NGFW and Panorama appliances are not impacted by this vulnerability.

Deeper analysisAI

Automated synthesis unavailable for this CVE.

Details

CWE(s): CWE-787
KEV Date Added: 06 May 2026

Affected Products

paloaltonetworks

pan-os

10.2.0, 10.2.1, 10.2.10, 10.2.11, 10.2.12

siemens

ruggedcom ape1808 firmware

all versions

CVEs Like This One

CVE-2025-0108Same product: Paloaltonetworks Pan-Osboth on KEV

CVE-2024-3400Same product: Paloaltonetworks Pan-Osboth on KEV

CVE-2025-0111Same product: Paloaltonetworks Pan-Osboth on KEV

CVE-2026-24858Same product: Siemens Ruggedcom Ape1808both on KEV

CVE-2025-0282Same product class: VPN / SSL gatewayboth on KEV

CVE-2025-7775Same product class: VPN / SSL gatewayboth on KEV

CVE-2025-53844Same product class: VPN / SSL gateway

CVE-2025-59718Same product class: VPN / SSL gatewayboth on KEV

CVE-2024-55591Same product class: VPN / SSL gatewayboth on KEV

CVE-2026-3055Same product class: VPN / SSL gatewayboth on KEV

References

https://security.paloaltonetworks.com/CVE-2026-0300
Mitigation, Vendor Advisory · psirt@paloaltonetworks.com
https://cert-portal.siemens.com/productcert/html/ssa-967325.html
Third Party Advisory · 0b142b55-0307-4c5a-b3c9-f314f3fb7c5e
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-0300
US Government Resource · 134c704f-9b21-4f2e-91b3-4a467353bcc0