{"vulnerability": "CVE-2026-0265", "sightings": [{"uuid": "5762a047-a01f-4443-963c-d6a265fb68a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-0265", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1869", "content": "", "creation_timestamp": "2026-05-13T21:00:00.000000Z"}, {"uuid": "cf7d8c0b-b93b-4d8e-879e-c3e45514ba23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-0265", "type": "seen", "source": "https://bsky.app/profile/ripjyr.bsky.social/post/3mlqylasqg32u", "content": "Paloalto\u306e\u8106\u5f31\u6027\u60c5\u5831 \u300cCVE-2026-0265 PAN-OS: Authentication Bypass with Cloud Authentication Service (CAS) enabled (Severity: HIGH)\u300d\u304c\u516c\u958b\u3055\u308c\u307e\u3057\u305f\u3002\n\u2192 https://security.paloaltonetworks.com/CVE-2026-0265", "creation_timestamp": "2026-05-13T19:03:35.453494Z"}, {"uuid": "2069df97-9d6c-4bbd-8381-0ea4046acd30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-0265", "type": "seen", "source": "https://cyber.gc.ca/en/alerts-advisories/palo-alto-networks-security-advisory-av26-462", "content": "", "creation_timestamp": "2026-05-13T10:50:42.000000Z"}, {"uuid": "a59b33fc-56bd-4c5e-bdba-df6fa1eea2cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-0265", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/palo-alto-products-multiple-vulnerabilities_20260514", "content": "", "creation_timestamp": "2026-05-13T20:00:00.000000Z"}, {"uuid": "f764a16b-1399-49eb-a218-af962ab90ed6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-0265", "type": "seen", "source": "https://www.acn.gov.it/portale/w/vulnerabilita-in-prodotti-palo-alto-networks-1", "content": "", "creation_timestamp": "2026-05-14T06:51:24.000000Z"}, {"uuid": "8bb9a7ed-2c78-497a-bd7e-57d222b78e11", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-0265", "type": "seen", "source": "https://bsky.app/profile/vritrasecnews.bsky.social/post/3mltqj7tymf23", "content": "Overview On May 13, 2026, Palo Alto Networks published a security advisory for CVE-2026-0265 , a signature verification vulnerability that facilitates authentication bypass on PAN-OS , t...\n\n\ud83d\udd17 https://www.rapid7.com/blog/post/etr-cve-2026-0265-authentication-bypass-in-palo-alto-networks-pan-os", "creation_timestamp": "2026-05-14T21:17:08.062741Z"}, {"uuid": "2827b430-33bc-421b-9323-ec201d552c10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-0265", "type": "seen", "source": "https://t.me/GithubRedTeam/84524", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a palo-alto-cve-2026-0265-checker\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a tstephens1080\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Python\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-05-17 01:38:37\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nPython script to sweep a fleet of Palo Alto firewalls and Panoramas via SSH, check PAN-OS version against CVE-2026-0265 (Authentication Bypass via Cloud Authentication Service), detect whether CAS is actually configured, and report exploitability in a color-coded summary table.\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-05-17T02:00:04.000000Z"}, {"uuid": "062adf9a-da28-4d7c-b5cb-93a1c7c9c29e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-0265", "type": "published-proof-of-concept", "source": "Telegram/Wx6QkZm835-_19yE13gB_MVu3N8gag6L4PXdaro3dzqL6js", "content": "", "creation_timestamp": "2026-05-17T03:00:11.000000Z"}, {"uuid": "88bbdfea-35bc-4723-9a54-f1ebed51f15f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-0265", "type": "published-proof-of-concept", "source": "Telegram/0LL51wE7H3pCot1BGYY3QqExSd1a0DM520erihe1hgvov-s", "content": "", "creation_timestamp": "2026-05-17T09:00:05.000000Z"}, {"uuid": "ffd7576e-b55b-40ec-9c4f-83184b849f4c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-0265", "type": "seen", "source": "https://bsky.app/profile/infosecbot.bsky.social/post/3mmantwfbcq2j", "content": "CVE-2026-0265, the PAN-OS auth bypass (when Cloud Auth Services are enabled) was fun to reproduce and load into the watchTowr Platform.\n\nOur friends @ \n@HacktronAI\n are publishing their analysis this week, so we won\u2019\u2026\n\n\u2014 from @watchtowrcyber (https://x.com/watchtowrcyber/status/2056736214196048291)", "creation_timestamp": "2026-05-20T00:34:03.079638Z"}, {"uuid": "eabfb91b-ffc0-497a-9fb7-4bacc64a0c2d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-0265", "type": "seen", "source": "https://infosec.exchange/users/obivan/statuses/116613093306635571", "content": "When Your VPN Opens Your Private Network to the Public https://www.hacktron.ai/blog/cve-2026-0265-panos-globalprotect-cas-auth-bypass", "creation_timestamp": "2026-05-21T14:43:13.293427Z"}, {"uuid": "c3dd1620-3db6-4a31-8486-bcad27fab556", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-0265", "type": "published-proof-of-concept", "source": "Telegram/8XMYNKwrAfZdRqR9ubtjXzgzOw6F5g1aYGu8o-Ioo35SIYg", "content": "", "creation_timestamp": "2026-05-20T23:00:11.000000Z"}, {"uuid": "247b7d76-4633-4fff-93ce-8eed83e63b09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-0265", "type": "published-proof-of-concept", "source": "Telegram/cQsvzF46kJX7E7L85VkHoXNqQlxjmPke3dFcldq5Q6Xs2E4", "content": "", "creation_timestamp": "2026-05-21T03:00:10.000000Z"}, {"uuid": "987a142d-11f3-40b5-a6bf-b75732bc7f8a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-0265", "type": "seen", "source": "https://bsky.app/profile/undercode.bsky.social/post/3mme2brhi3c2i", "content": "Palo Alto PAN-OS CAS Authentication Bypass: The 92 JWT Vulnerability That Can Hand Attackers Your GlobalProtect VPN +\u00a0Video\n\nIntroduction: A critical authentication bypass vulnerability, tracked as CVE-2026-0265, has been discovered in Palo Alto Networks\u2019 PAN-OS operating system, which powers its\u2026", "creation_timestamp": "2026-05-21T08:54:31.802277Z"}, {"uuid": "dcde6cf7-f678-4813-90ee-a5c842fde068", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-0265", "type": "seen", "source": "https://t.me/bdufstecru/3177", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430 Cloud Authentication Service (CAS) \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b PAN-OS \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u043e\u0439 \u043a\u0440\u0438\u043f\u0442\u043e\u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u043f\u043e\u0434\u043f\u0438\u0441\u0438. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e, \u043e\u0431\u043e\u0439\u0442\u0438 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0435 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u044b \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438\n\nBDU:2026-07004\nCVE-2026-0265\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f:\nhttps://security.paloaltonetworks.com/CVE-2026-0265", "creation_timestamp": "2026-05-20T14:45:11.000000Z"}, {"uuid": "072e3059-1ee5-47b8-9721-6a9504170284", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-0265", "type": "seen", "source": "https://bsky.app/profile/obivan.infosec.exchange.ap.brid.gy/post/3mmenrhbrld42", "content": "When Your VPN Opens Your Private Network to the Public https://www.hacktron.ai/blog/cve-2026-0265-panos-globalprotect-cas-auth-bypass", "creation_timestamp": "2026-05-21T14:43:22.996580Z"}, {"uuid": "83c4aa08-0595-4265-a134-875bec61e67e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-0265", "type": "seen", "source": "https://mastodon.social/users/hrbrmstr/statuses/116635842939087665", "content": "I thought Palo was part of the Mythos seekrit cabal platform and also had their own advanced AI BS that protected enterprises from everything.\nGiven that, how does CVE-2026-0265 \u2014 an at-scale PAN-OS CAS Authentication Bypass \u2014 happen now?\nSeems like Mythos isn't all its cracked up to be?", "creation_timestamp": "2026-05-25T15:08:45.894931Z"}, {"uuid": "f31fd812-5b28-4c6b-8c83-34ec26659f77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-0265", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3mmmwj2665l2q", "content": "Palo Alto Networks\u88fdPAN-OS\u306b\u304a\u3051\u308b\u8a8d\u8a3c\u56de\u907f\u306e\u8106\u5f31\u6027\uff08CVE-2026-0265\uff09\u306b\u95a2\u3059\u308b\u6ce8\u610f\u559a\u8d77  #JPCERTCC (May 22)\n\nwww.jpcert.or.jp/at/2026/at26...", "creation_timestamp": "2026-05-24T21:40:58.059952Z"}, {"uuid": "260bdf70-ba78-4386-9142-6914b30c7472", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-0265", "type": "seen", "source": "https://bsky.app/profile/hrbrmstr.mastodon.social.ap.brid.gy/post/3mmor2orjzpr2", "content": "I thought Palo was part of the Mythos seekrit cabal platform and also had their own advanced AI BS that protected enterprises from everything.\n\nGiven that, how does CVE-2026-0265 \u2014 an at-scale PAN-OS CAS Authentication Bypass \u2014 happen now?\n\nSeems like Mythos isn't all its cracked up to be?", "creation_timestamp": "2026-05-25T15:08:59.792530Z"}, {"uuid": "df4e26f8-8897-453e-9b14-988178e414c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-0265", "type": "seen", "source": "https://bsky.app/profile/packetstorm.bsky.social/post/3mmp7qnaz6j22", "content": "CVE-2026-0265 Vulnerability Assessment Tool https://packetstorm.news/files/221836 ", "creation_timestamp": "2026-05-25T19:31:41.598414Z"}, {"uuid": "f6872254-7f5c-4a44-8125-d645bb5b4fa8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-0265", "type": "seen", "source": "https://bsky.app/profile/crawler.baldanders.info/post/3mmrdg7os6d23", "content": "\uff1e \u6ce8\u610f\u559a\u8d77: Palo Alto Networks\u88fdPAN-OS\u306b\u304a\u3051\u308b\u8a8d\u8a3c\u56de\u907f\u306e\u8106\u5f31\u6027\uff08CVE-2026-0265\uff09\u306b\u95a2\u3059\u308b\u6ce8\u610f\u559a\u8d77  (\u516c\u958b)\nhttps://www.jpcert.or.jp/at/2026/at260015.html\n", "creation_timestamp": "2026-05-26T15:42:40.686765Z"}, {"uuid": "ee5ed08a-46de-4a7d-aced-79443b080225", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-0265", "type": "seen", "source": "https://bsky.app/profile/sec-news-bot.bsky.social/post/3mmt4vasnsk2j", "content": "\u6ce8\u610f\u559a\u8d77: Palo Alto Networks\u88fdPAN-OS\u306b\u304a\u3051\u308b\u8a8d\u8a3c\u56de\u907f\u306e\u8106\u5f31\u6027\uff08CVE-2026-0265\uff09\n\nPalo Alto Networks\u306ePAN-OS\u306b\u8a8d\u8a3c\u56de\u907f\u8106\u5f31\u6027CVE-2026-0265\u304c\u767a\u898b\u3055\u308c\u307e\u3057\u305f\u3002Cloud Authentication Service\uff08CAS\uff09\u304c\u6709\u52b9\u306a\u74b0\u5883\u3067\u9060\u9694\u306e\u653b\u6483\u8005\u304cGlobalProtect\u306e\u8a8d\u8a3c\u3092\u56de\u907f\u3057\u3066VPN\u63a5\u7d9a\u304c\u53ef\u80fd\u306b\u306a\u308a\u307e\u3059\u3002\u8a73\u7d30\u60c5\u5831\u304c\u516c\u958b\u3055\u308c\u3066\u304a\u308a\u3001\u56fd\u5185\u3067\u306e\u653b\u6483\u62e1\u5927\u306e\u53ef\u80fd\u6027\u304c\u3042\u308b\u305f\u3081\u3001\u5bfe\u8c61\u30d0\u30fc\u30b8\u30e7\u30f3\u306e\u5229\u7528\u8005\u306f\u65e9\u6025\u306a\u30d1\u30c3\u30c1\u9069\u7528\u304c\u5fc5\u8981\u3067\u3059\u3002\n\n#CVE #\u8106\u5f31\u6027 #\u60c5\u5831\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3", "creation_timestamp": "2026-05-27T08:51:08.399812Z"}, {"uuid": "f9be65f6-c7e0-4000-96b6-c2cfb553a124", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-0265", "type": "seen", "source": "https://bsky.app/profile/keiwork35.bsky.social/post/3mmtgnk4gw22j", "content": "\u3010\u8106\u5f31\u6027\u60c5\u5831\u3011 CVE-2026-0265 Palo Alto Networks\u306ePAN-OS\u306e\u8106\u5f31\u6027\u306b\u3064\u3044\u3066\n\nPalo Alto Networks\u306ePAN-OS\u00ae\u30bd\u30d5\u30c8\u30a6\u30a7\u30a2\u306b\u304a\u3051\u308b\u8a8d\u8a3c\u30d0\u30a4\u30d1\u30b9\u306e\u8106\u5f31\u6027\u306b\u3088\u308a\u3001Cloud Authentication Service (CAS)\u304c\u6709\u52b9\u306a\u5834\u5408\u3001", "creation_timestamp": "2026-05-27T11:45:47.150880Z"}]}