Palo Alto Networks has warned that a recently patched authentication bypass in PAN-OS GlobalProtect, tracked as CVE-2026-0257, is now being actively exploited in the wild. The vulnerability allows attackers to bypass authentication controls and establish unauthorized VPN connections when devices are configured with specific authentication override cookie and certificate settings. Organizations running GlobalProtect should treat this as urgent: apply vendor