THREAT ASSESSMENT: CVE-2026-0300 affects Palo Alto Networks PAN-OS deployments across PA-Series and VM-Series platforms, enabling unauthenticated remote code execution at root privilege level through malformed packet injection against the User-ID Authentication Portal service. Exploitation requires no prior access or authentication, and affected systems remain exposed if patching has not been completed as of 14 March 2026. CISA has assigned this vulnerability to the Known Exploited Vulnerabilities catalog, indicating active exploitation in operational environments. Network perimeter devices running vulnerable PAN-OS versions should be treated as critical mitigation priority given the severity vector and accessibility from untrusted networks.