CVE-2026-0275 PUBLISHED

Prisma Browser: Local Privilege Escalation on macOS

Assigner: palo_alto
Reserved: 03.11.2025 Published: 09.07.2026 Updated: 10.07.2026

A local privilege escalation vulnerability in Palo Alto Networks Prisma® Browser allows a locally authenticated administrator with access to the macOS local filesystem to perform actions on the device with root privileges.

This issue only affects Prisma® Browser on macOS.

Metrics

CVSS Vector: CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber
CVSS Score: 2

Product Status

Vendor Palo Alto Networks
Product Prisma Browser
Versions Default: unaffected
  • affected from 150.33.2.0 to 150.33.2.46 (excl.)

Exploits

Palo Alto Networks is not aware of any malicious exploitation of this issue.

Credits

  • Palo Alto Networks thanks Kun Peeks (@SwayZGl1tZyyy) for discovering and reporting this issue. other

References

Problem Types

  • CWE-269 Improper Privilege Management CWE

Impacts

  • CAPEC-233 Privilege Escalation