CVE-2026-0237

Vulnerability Description

An improper protection of alternate path vulnerability in Palo Alto Networks Prisma® Browser on macOS fails to properly restrict access to an internal automation bridge. This allows a locally authenticated non-admin user to leverage an exposed communication channel to send unauthorized commands to the browser, bypassing security controls.

Related Weaknesses (CWE)

CWE-424

References

https://security.paloaltonetworks.com/CVE-2026-0237

FAQ

What is CVE-2026-0237?

CVE-2026-0237 is a documented vulnerability. An improper protection of alternate path vulnerability in Palo Alto Networks Prisma® Browser on macOS fails to properly restrict access to an internal automation bridge. This allows a locally authenti...

How severe is CVE-2026-0237?

CVSS scoring is not yet available for CVE-2026-0237. Check NVD for updates.

Is there a patch for CVE-2026-0237?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.