ctipilot.chSwitzerland · Europe · Public sector

Palo Alto PAN-OS Captive Portal — unauthenticated root RCE (CVSS 9.3, ITW, KEV deadline 2026-05-09)

cve · CVE-2026-0300

First covered
2026-05-07
Last covered
2026-05-08
Appearances
2

All cited sources for this topic (4)

Story timeline

  1. 2026-05-08CTI Daily Brief — 2026-05-08
    updatesUPDATE: CISA KEV deadline is today (2026-05-09). No patch until 2026-05-13. Mitigation (disable Captive Portal or restrict to internal IPs) must be confirmed applied; treat as P0.
  2. 2026-05-07CTI Daily Brief — 2026-05-07
    active_vulnsFirst coverage. Critical unauthenticated RCE in PAN-OS Captive Portal; CERT-EU Critical Advisory 2026-006; CISA KEV deadline 2026-05-09; exploitation since 2026-04-09 by CL-STA-1132 (likely state-sponsored); no patch until 2026-05-13. Deep dive § 5.