Sale of a 1‑day exploit for vulnerability CVE-2026-0257

🌐 Dark Web2026-06-01, 15:22
For informational purposes only
CVE-2026-0257 is an authentication bypass vulnerability in the GlobalProtect portal and gateway of Palo Alto Networks PAN‑OS. Trusting cookies without verifying their integrity allows a remote unauthenticated attacker to forge authentication‑override cookies, bypass security restrictions, and establish an unauthorized VPN connection.
Vulnerability type: Authentication Bypass Affected software versions: • PAN‑OS 12.1, 11.2, 11.1, 10.2 • Prisma Access 11.2.0 and 10.2.0 Price: 2 BTC (~$143K)
Vulnerabilities
9.1
CVE-2026-0257
Vendors
Palo Alto Networks
Products
Globalprotect Gateway
Globalprotect Portal
Pan‑Os
Prisma Access
Published
2026-06-01, 15:22