Back to search
CVE-2026-0237
Published: May 13, 2026
Modified: May 14, 2026
PUBLISHED
Description
An improper protection of alternate path vulnerability in Palo Alto Networks Prisma® Browser on macOS fails to properly restrict access to an internal automation bridge. This allows a locally authenticated non-admin user to leverage an exposed communication channel to send unauthorized commands to the browser, bypassing security controls.
| Vendor | Product | Versions |
|---|---|---|
Palo Alto Networks | Prisma Browser | affected 0 - < 146.16.6.165 |
Weaknesses (CWE)
References
https://security.paloaltonetworks.com/CVE-2026-0237
vendor-advisory
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now