CERT-EU: critical PAN-OS flaw enables unauthenticated remote code execution as root, limited exploitation observed
CERT-EU's May 6 advisory (2026-006) flags a critical vulnerability in Palo Alto Networks PAN-OS, disclosed the same day in a Palo Alto security advisory, that allows an unauthenticated attacker to execute arbitrary code .
At a glance
- A critical PAN-OS vulnerability allows unauthenticated arbitrary code execution with root privileges, per CERT-EU advisory 2026-006
- Palo Alto observed limited exploitation of the flaw; patches were pending as of May 6 with workarounds recommended in the interim
VERDICT — CONFIRMED
CERT-EU's May 6 advisory (2026-006) flags a critical vulnerability in Palo Alto Networks PAN-OS, disclosed the same day in a Palo Alto security advisory, that allows an unauthenticated attacker to execute arbitrary code with root privileges. Per the advisory, Palo Alto has observed limited exploitation in the wild.
CERT-EU strongly recommends updating affected appliances as soon as patches become available and applying workarounds and mitigations in the meantime. No CVE identifier is stated in the feed text.
Key facts on file
- A critical PAN-OS vulnerability allows unauthenticated arbitrary code execution with root privileges, per CERT-EU advisory 2026-006
- Palo Alto observed limited exploitation of the flaw; patches were pending as of May 6 with workarounds recommended in the interim
