CVE-2026-0237
An improper protection of alternate path vulnerability in Palo Alto Networks Prisma® Browser on macOS fails to properly restrict access to a
CVSS
7.8
Alto
EPSS
0.1%
p5
KEV
—
Exploit Today
1
0-100
Publicado: 13 may 2026 · Última mod.: 14 jul 2026 · CWE-424
0.1%EPSS · 30 días0.1%
2026-06-302026-07-16
An improper protection of alternate path vulnerability in Palo Alto Networks Prisma® Browser on macOS fails to properly restrict access to an internal automation bridge. This allows a locally authenticated non-admin user to leverage an exposed communication channel to send unauthorized commands to the browser, bypassing security controls.