Vulnerability Details CVE-2026-0236
A code injection vulnerability in Palo Alto Networks Prisma® Browser on macOS fails to properly restrict access to its AppleScript interface allowing a locally authenticated non-admin user to leverage this exposed Apple Event handler to send unauthorized commands to the browser.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 4.1%
CVSS Severity
CVSS v3 Score 7.8
Products affected by CVE-2026-0236
-
cpe:2.3:a:paloaltonetworks:prisma_browser:*
-