Vulnerability Description
A code injection vulnerability in Palo Alto Networks Prisma® Browser on macOS fails to properly restrict access to its AppleScript interface allowing a locally authenticated non-admin user to leverage this exposed Apple Event handler to send unauthorized commands to the browser.
Related Weaknesses (CWE)
References
FAQ
What is CVE-2026-0236?
CVE-2026-0236 is a documented vulnerability. A code injection vulnerability in Palo Alto Networks Prisma® Browser on macOS fails to properly restrict access to its AppleScript interface allowing a locally authenticated non-admin user to leverage...
How severe is CVE-2026-0236?
CVSS scoring is not yet available for CVE-2026-0236. Check NVD for updates.
Is there a patch for CVE-2026-0236?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.