> TritonInfoSec News
Home / May 08, 2026 / Story
0
#1 The Hacker News general May 07, 2026 at 13:34 UTC

PAN-OS RCE Exploit Under Active Use Enabling Root Access and Espionage

By [email protected] (The Hacker News)

AI Summary

Palo Alto Networks confirmed active exploitation of CVE-2026-0300 (CVSS 9.3), a critical buffer overflow in the PAN-OS User-ID Authentication Portal that allows unauthenticated RCE with root-level access. Exploitation attempts were observed as early as April 9, 2026, and the campaign bears hallmarks of Chinese state-sponsored actors. Security teams running affected PAN-OS versions should treat this as an emergency patching priority given the unauthenticated attack vector and active in-the-wild exploitation.

Read full article → https://thehackernews.com/2026/05/pan-os-rce-explo…

Relevance score: 92.0/100

# More from May 08

  1. 2
    Ivanti EPMM CVE-2026-6973 RCE Under Active Exploitation Grants Admin-Level Access The Hacker News
  2. 3
    Canvas Breach Disrupts Schools & Colleges Nationwide Krebs on Security
  3. 4
    Linux Kernel Dirty Frag LPE Exploit Enables Root Access Across Major Distributions The Hacker News
  4. 5
    PCPJack Credential Stealer Exploits 5 CVEs to Spread Worm-Like Across Cloud Systems The Hacker News
  5. 6
    Polish Security Agency Reports ICS Breaches at Five Water Treatment Plants SecurityWeek
  6. 7
    Iranian government hackers using Chaos ransomware as cover, researchers say The Record
  7. 8
    Critical vm2 sandbox bug lets attackers execute code on hosts BleepingComputer
  8. 9
    DAEMON Tools devs confirm breach, release malware-free version BleepingComputer
  9. 10
    New TCLBanker malware self-spreads over WhatsApp and Outlook BleepingComputer