CVEFinder.io

CVE-2026-0235

🔶 medium
🔍 Scan for this CVE
Summary

A race condition vulnerability in Palo Alto Networks Prisma® Browser enables a locally authenticated non-admin user to bypass certain access and data control policies.

CVSS Score
-
EPSS Score
0.0
Exploit Probability
Published Date
2026-05-13
First Seen: 2026-05-17
🎯 CISA SSVC Assessment Updated: May 13, 2026
🔍 Exploitation Status
None
No known exploits
⚙️ Automatable
NO
Requires human interaction
💥 Technical Impact
Partial
Limited system impact
🏆 Discovered By
Palo Alto Networks thanks Tan Inn Fung, Yu Ann Ong, Zhang Bosen, Stan Leow and Sean Seah from the GovTech Cybersecurity Group
SSVC data provided by CISA
Last Modified 2026-05-14
Source NVD 🔗
CVSS Vector 4.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:D/RE:M/U:Amber
CWE IDs (Weakness Types)
CWE-754

📦 Affected Products 0

No affected products information available

🔗 References 1

https://security.paloaltonetworks.com/CVE-2026-0235