Prisma Browser
Approved changes feed: RSS · Atom
cpe:2.3:a:palo_alto_networks:prisma_browser:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Palo Alto Networks (b3fb2ed8-9543-594b-b76a-18c6d89c012d) |
|---|---|
| Product | Prisma Browser (2a242a03-808e-5a14-a3e6-fd448dfd79d9) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2026-0237 |
vulnerable | 2026-06-03 15:14:40.937753 |
Prisma Browser: Improperly Restricted Automation Bridge Allows Security Bypass
An improper protection of alternate path vulnerability in Palo Alto Networks Prisma® Browser on macOS fails to properly restrict access to an internal automation bridge. This allows a locally authenticated non-admin user to leverage an exposed communication channel to send unauthorized commands to the browser, bypassing security controls.
Published: 2026-05-13T17:48:17.677Z
Updated: 2026-05-14T03:56:35.801Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2026-0236 |
vulnerable | 2026-06-03 15:14:40.937244 |
Prisma Browser: Code Injection Enables Security Controls Bypass
A code injection vulnerability in Palo Alto Networks Prisma® Browser on macOS fails to properly restrict access to its AppleScript interface allowing a locally authenticated non-admin user to leverage this exposed Apple Event handler to send unauthorized commands to the browser.
Published: 2026-05-13T17:55:04.370Z
Updated: 2026-05-15T03:56:03.887Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2026-0235 |
vulnerable | 2026-06-03 15:14:40.936806 |
Prisma Browser: Access and Data Rule Bypass
A race condition vulnerability in Palo Alto Networks Prisma® Browser enables a locally authenticated non-admin user to bypass certain access and data control policies.
Published: 2026-05-13T18:14:11.463Z
Updated: 2026-05-14T21:57:43.209Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-4618 |
vulnerable | 2026-06-03 15:01:48.160665 |
Prisma Browser: Sensitive Information Disclosure Vulnerability in Prisma Browser
A sensitive information disclosure vulnerability in Palo Alto Networks Prisma® Browser allows a locally authenticated non-admin user to retrieve sensitive data from Prisma Browser.
Browser self-protection should be enabled to mitigate this issue.
Published: 2025-11-14T17:53:38.487Z
Updated: 2025-11-17T19:14:40.902Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-4617 |
vulnerable | 2026-06-03 15:01:48.160315 |
Prisma Browser: Insufficient Policy Enforcement Vulnerability in Prisma Browser
An insufficient policy enforcement vulnerability in Palo Alto Networks Prisma® Browser on Windows allows a locally authenticated non-admin user to bypass the screenshot control feature of the browser.
Browser self-protection should be enabled to mitigate this issue.
Published: 2025-11-14T17:51:36.442Z
Updated: 2025-11-14T18:45:30.974Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-4616 |
vulnerable | 2026-06-03 15:01:48.159881 |
Prisma Browser: Insufficient Validation of Untrusted Input Vulnerability in Prisma Browser
An insufficient validation of an untrusted input vulnerability in Palo Alto Networks Prisma® Browser allows a locally authenticated non-admin user to revert the browser’s security controls.
Published: 2025-11-14T17:33:21.420Z
Updated: 2025-11-17T20:39:22.564Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.