VYPR

Prisma® Browser

by Paloaltonetworks

CVEs (8)

  • CVE-2025-0129CriApr 11, 2025
    risk 0.60cvss epss 0.00

    An improper exception check in Palo Alto Networks Prisma Access Browser allows a low privileged user to prevent Prisma Access Browser from applying it's Policy Rules. This enables the user to use Prisma Access Browser without any restrictions.

  • CVE-2026-0236HigMay 13, 2026
    risk 0.47cvss epss 0.00

    A code injection vulnerability in Palo Alto Networks Prisma® Browser on macOS fails to properly restrict access to its AppleScript interface allowing a locally authenticated non-admin user to leverage this exposed Apple Event handler to send unauthorized commands to the browser.

  • CVE-2026-0237HigMay 13, 2026
    risk 0.47cvss epss 0.00

    An improper protection of alternate path vulnerability in Palo Alto Networks Prisma® Browser on macOS fails to properly restrict access to an internal automation bridge. This allows a locally authenticated non-admin user to leverage an exposed communication channel to send…

  • CVE-2026-0235MedMay 13, 2026
    risk 0.38cvss epss 0.00

    A race condition vulnerability in Palo Alto Networks Prisma® Browser enables a locally authenticated non-admin user to bypass certain access and data control policies.

  • CVE-2025-4233MedJun 12, 2025
    risk 0.33cvss epss 0.00

    An insufficient implementation of cache vulnerability in Palo Alto Networks Prisma® Access Browser enables users to bypass certain data control policies.

  • CVE-2025-4618MedNov 14, 2025
    risk 0.29cvss epss 0.00

    A sensitive information disclosure vulnerability in Palo Alto Networks Prisma® Browser allows a locally authenticated non-admin user to retrieve sensitive data from Prisma Browser. Browser self-protection should be enabled to mitigate this issue.

  • CVE-2025-4617LowNov 14, 2025
    risk 0.07cvss epss 0.00

    An insufficient policy enforcement vulnerability in Palo Alto Networks Prisma® Browser on Windows allows a locally authenticated non-admin user to bypass the screenshot control feature of the browser. Browser self-protection should be enabled to mitigate this issue.

  • CVE-2025-4616LowNov 14, 2025
    risk 0.07cvss epss 0.00

    An insufficient validation of an untrusted input vulnerability in Palo Alto Networks Prisma® Browser allows a locally authenticated non-admin user to revert the browser’s security controls.