CVE-2026-0237

Vulnerability Description

An improper protection of alternate path vulnerability in Palo Alto Networks Prisma® Browser on macOS fails to properly restrict access to an internal automation bridge. This allows a locally authenticated non-admin user to leverage an exposed communication channel to send unauthorized commands to the browser, bypassing security controls.

Vulnerability Details

Published Date

May 13, 2026

Last Modified

May 13, 2026

CWE ID

CWE-424

Source

NVD

External References

https://security.paloaltonetworks.com/CVE-2026-0237

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment