QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2026-1079

Back to search

CVE-2026-1079

Published: Apr 7, 2026

Modified: Apr 7, 2026

PUBLISHED

Description

A native messaging host vulnerability in Pega Browser Extension (PBE) affects users of all versions of Pega Robotic Automation who have installed Pega Browser Extension. A bad actor could create a website that contains malicious code that targets PBE. The vulnerability could occur if a user navigates to this website. The malicious website could then present an unexpected message box.

VendorProductVersions

Pegasystems

Pega Browser Extension (PBE)

affected
0 - < 3.1.45

Weaknesses (CWE)

CWE-284

References

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now