CVE-2026-1078

Vulnerability Description

An arbitrary file-write vulnerability in Pega Browser Extension (PBE) affects Pega Robotic Automation version 22.1 or R25 users who are running automations that work with Google Chrome or Microsoft Edge. A bad actor could create a website that includes malicious code. The vulnerability could occur if a Robot Runtime user navigates to the malicious website.

Related Weaknesses (CWE)

CWE-284

References

https://support.pega.com/support-doc/pega-security-advisory-a26-vulnerability-re

FAQ

What is CVE-2026-1078?

CVE-2026-1078 is a documented vulnerability. An arbitrary file-write vulnerability in Pega Browser Extension (PBE) affects Pega Robotic Automation version 22.1 or R25 users who are running automations that work with Google Chrome or Microsoft Ed...

How severe is CVE-2026-1078?

CVSS scoring is not yet available for CVE-2026-1078. Check NVD for updates.

Is there a patch for CVE-2026-1078?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.