Palo Alto Networks confirmed active exploitation of CVE-2026-0257, a CVSS 9.1 authentication bypass in the GlobalProtect VPN component of PAN-OS, corroborated by Rapid7. Unauthenticated attackers are actively gaining network access through GlobalProtect portals and gateways without valid credentials. Organizations using GlobalProtect as their primary remote access gateway face immediate risk of unauthorized network entry and subsequent lateral movement.