Palo Alto Networks GlobalProtect is under active exploitation via an authentication bypass (CVE-2026-0257, CVSS 9.5) affecting PAN-OS 10.2 through 12.1 and Prisma Access. A concurrent state-sponsored zero-day (CVE-2026-0300) enables unauthenticated RCE on the same edge infrastructure. Any organization using GlobalProtect as its primary remote access perimeter is exposed to unauthenticated VPN infiltration and potential full device compromise without user interaction.