This morning we decided to launch a "Vulnerabilities" category to track vulns without further actionable intelligence besides patching and monitoring.

ifin@infosec.exchange

This morning we decided to launch a "Vulnerabilities" category to track vulns without further actionable intelligence besides patching and monitoring. And wouldn't you know it, a crit on Palo Alto's User-ID portal showed up to ring it in!

CVE-2026-0300 - 9.3 CVSS EITW - PAN-OS: Unauthenticated user initiated Buffer Overflow... (Captive Portal)

This one went entirely under the radar for me yesterday. But it looks spicy. No-priv, un-auth. From Palo Alto: Description A buffer overflow vulnerability in the User-ID™ Authentication Portal (aka Captive Portal) s…

IFIN (discourse.ifin.network)

#CVE-2026-0300 #CVE #IFIN

CIRCLE WITH A DOT

This morning we decided to launch a "Vulnerabilities" category to track vulns without further actionable intelligence besides patching and monitoring.

CVE-2026-0300 - 9.3 CVSS EITW - PAN-OS: Unauthenticated user initiated Buffer Overflow... (Captive Portal)