CVE-2026-0237

UNKNOWN 0.0

Prisma Browser: Improperly Restricted Automation Bridge Allows Security Bypass

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

An improper protection of alternate path vulnerability in Palo Alto Networks Prisma® Browser on macOS fails to properly restrict access to an internal automation bridge. This allows a locally authenticated non-admin user to leverage an exposed communication channel to send unauthorized commands to the browser, bypassing security controls.

CWE	CWE-424
Vendor	palo alto networks
Product	prisma browser
Published	May 13, 2026
Last Updated	May 13, 2026

Stay Ahead of the Next One

Get instant alerts for palo alto networks prisma browser

Be the first to know when new unknown vulnerabilities affecting palo alto networks prisma browser are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Palo Alto Networks / Prisma Browser

0 < 146.16.6.165

References

NVD ↗ CVE.org ↗ EPSS Data ↗

security.paloaltonetworks.com: https://security.paloaltonetworks.com/CVE-2026-0237

Credits

Cisors