CVE-2026-0237

Published: Mag 13, 2026 Last Modified: Mag 13, 2026

ExploitDB:

Other exploit source:

Google Dorks:

HIGH 7,3

Source: [email protected]

Attack Vector: local

Attack Complexity: low

Privileges Required: low

User Interaction: none

Confidentiality: N/A

Integrity: N/A

Availability: N/A

Description

AI Translation Available

An improper protection of alternate path vulnerability in Palo Alto Networks Prisma® Browser on macOS fails to properly restrict access to an internal automation bridge. This allows a locally authenticated non-admin user to leverage an exposed communication channel to send unauthorized commands to the browser, bypassing security controls.

424

Improper Protection of Alternate Path

Draft

Abstraction: Class Structure: Simple

Common Consequences

Security Scopes Affected:

Access Control

Potential Impacts:

Bypass Protection Mechanism Gain Privileges Or Assume Identity

Applicable Platforms

Technologies: Not Technology-Specific, Web Based

View CWE Details

https://security.paloaltonetworks.com/CVE-2026-0237

CVE-2026-0237

Description

Improper Protection of Alternate Path

Common Consequences

Applicable Platforms

Iscriviti alla newsletter