THREATOPS
THREAT OPSThreat News › [NVD] CVE-2026-0237 (HIGH 7.8) — An improper protection of alternate path vulnerability in Palo Alto Networks Prisma® Browser on macOS fails to properly restrict access to an internal automation bridge. This allows a locally authenticated non-admin user to leverage an exposed communication channel to send unauth

[NVD] CVE-2026-0237 (HIGH 7.8) — An improper protection of alternate path vulnerability in Palo Alto Networks Prisma® Browser on macOS fails to properly restrict access to an internal automation bridge. This allows a locally authenticated non-admin user to leverage an exposed communication channel to send unauth

lownvdPublished 2026-05-13

CVE-2026-0237 CVSS: 7.8 HIGH Published: 2026-05-13T18:16:12.990

An improper protection of alternate path vulnerability in Palo Alto Networks Prisma® Browser on macOS fails to properly restrict access to an internal automation bridge. This allows a locally authenticated non-admin user to leverage an exposed communication channel to send unauthorized commands to the browser, bypassing security cont

Indicators of compromise

Original source: https://nvd.nist.gov/vuln/detail/CVE-2026-0237