High severityNVD Advisory· Published May 13, 2026· Updated May 14, 2026
CVE-2026-0236
CVE-2026-0236
Description
A code injection vulnerability in Palo Alto Networks Prisma® Browser on macOS fails to properly restrict access to its AppleScript interface allowing a locally authenticated non-admin user to leverage this exposed Apple Event handler to send unauthorized commands to the browser.
Affected products
1Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.