Cybersecurity
CISA Adds Palo Alto PAN-OS CVE-2026-0257 to KEV
By Dillip Chowdary • June 19, 2026
CISA added one actively exploited vulnerability to the Known Exploited Vulnerabilities catalog on June 18.
Builder TL;DR
- CVE: The June 18 KEV addition is CVE-2026-0257, a Palo Alto Networks PAN-OS authentication bypass vulnerability.
- Risk posture: CISA says KEV-listed issues are frequent attack vectors and pose significant risk to federal networks.
- Directive: BOD 22-01 requires FCEB agencies to remediate KEV entries by the listed due date.
- Action: Private-sector teams should prioritize exposure checks, internet-facing PAN-OS inventory, and emergency patch planning.
CVE
The June 18 KEV addition is CVE-2026-0257, a Palo Alto Networks PAN-OS authentication bypass vulnerability. For builders, the important shift is operational: the feature changes what must be measured, reviewed, or automated before teams treat the system as production infrastructure.
Risk posture
CISA says KEV-listed issues are frequent attack vectors and pose significant risk to federal networks. For builders, the important shift is operational: the feature changes what must be measured, reviewed, or automated before teams treat the system as production infrastructure.
Directive
BOD 22-01 requires FCEB agencies to remediate KEV entries by the listed due date. For builders, the important shift is operational: the feature changes what must be measured, reviewed, or automated before teams treat the system as production infrastructure.
What Teams Should Do
Treat this as a backlog item, not just a headline. Update owner maps, measure current exposure, and document the approval path before the feature or risk reaches production scale.