🔐 CVE Alert

CVE-2026-0277

UNKNOWN 0.0

Prisma Access Agent: Improper Certificate Validation on iOS

CVSS Score
0.0
EPSS Score
0.1%
EPSS Percentile
3th

An improper certificate validation vulnerability in the Prisma® Access Agent for iOS enables an attacker to perform a man-in-the-middle (MitM) attack to intercept VPN traffic. The Prisma Access Agent on Windows, macOS, Linux, Android and ChromeOS are not affected.

CWE CWE-295
Vendor palo alto networks
Product prisma access agent
Published Jul 9, 2026
Last Updated Jul 10, 2026
Stay Ahead of the Next One

Get instant alerts for palo alto networks prisma access agent

Be the first to know when new unknown vulnerabilities affecting palo alto networks prisma access agent are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Palo Alto Networks / Prisma Access Agent
0 < 26.2.1
Palo Alto Networks / Prisma Access Agent
All versions affected

References

NVD ↗ CVE.org ↗ EPSS Data ↗
security.paloaltonetworks.com: https://security.paloaltonetworks.com/CVE-2026-0277

Credits

our internal security research teams