EUVD-2026-30062

An improper protection of alternate path vulnerability in Palo Alto Networks Prisma® Browser on macOS fails to properly restrict access to an internal automation bridge. This allows a locally authenticated non-admin user to leverage an exposed communication channel to send unauthorized commands t...

CVE-2026-0236

A code injection vulnerability in Palo Alto Networks Prisma® Browser on macOS fails to properly restrict access to its AppleScript interface allowing a locally authenticated non-admin user to leverage this exposed Apple Event handler to send unauthorized commands to the browser...

CVE-2026-0236

CVE-2026-0236 describes a code injection vulnerability in Palo Alto Networks Prisma® Browser for macOS where access to the AppleScript interface is not properly restricted. This allows a locally authenticated non-admin user to exploit an exposed Apple Event handler to send unauthorized commands t...

CVE-2026-0237 Prisma Browser: Improperly Restricted Automation Bridge Allows Security Bypass

An improper protection of alternate path vulnerability in Palo Alto Networks Prisma® Browser on macOS fails to properly restrict access to an internal automation bridge. This allows a locally authenticated non-admin user to leverage an exposed communication channel to send unauthorized commands t...

CVE-2026-0237 Prisma Browser: Improperly Restricted Automation Bridge Allows Security Bypass

An improper protection of alternate path vulnerability in Palo Alto Networks Prisma® Browser on macOS fails to properly restrict access to an internal automation bridge. This allows a locally authenticated non-admin user to leverage an exposed communication channel to send unauthorized commands t...

PT-2026-40710

An improper protection of alternate path vulnerability in Palo Alto Networks Prisma® Browser on macOS fails to properly restrict access to an internal automation bridge. This allows a locally authenticated non-admin user to leverage an exposed communication channel to send unauthorized commands t...

EUVD-2026-27149

Improper privilege management in the log rotation mechanism of the Skylight Workspace Config Service in Amazon WorkSpaces for Windows before 2.6.2034.0 allows a local non-admin authenticated user to place arbitrary files into arbitrary locations bypassing file system permission protections, leadi...

Astra Linux - уязвимость в open-vm-tools

VMware Tools 12.0.0, 11.x.y and 10.x.y contains a local privilege escalation vulnerability. A malicious actor with local non-administrative access to the Guest OS can escalate privileges as a root user in the virtual machine...

CVE-2025-4616

An insufficient validation of an untrusted input vulnerability in Palo Alto Networks Prisma® Browser allows a locally authenticated non-admin user to revert the browser’s security controls...

CVE-2025-4617

An insufficient policy enforcement vulnerability in Palo Alto Networks Prisma® Browser on Windows allows a locally authenticated non-admin user to bypass the screenshot control feature of the browser. Browser self-protection should be enabled to mitigate this issue...

CVE-2025-4618

Technical details (affected versions, root cause, and remediation specifics) are not publicly available in the provided connected documents. Monitor for updates from vendors and security advisories.

CVE-2025-4616 Prisma Browser: Insufficient Validation of Untrusted Input Vulnerability in Prisma Browser

An insufficient validation of an untrusted input vulnerability in Palo Alto Networks Prisma® Browser allows a locally authenticated non-admin user to revert the browser’s security controls...

EUVD-2025-197633

An insufficient validation of an untrusted input vulnerability in Palo Alto Networks Prisma® Browser allows a locally authenticated non-admin user to revert the browser’s security controls...

PT-2025-46991

Name of the Vulnerable Software and Affected Versions Palo Alto Networks Prisma® Browser versions affected versions not specified Description A flaw exists in Palo Alto Networks Prisma® Browser on Windows where a locally authenticated, non-administrator user can circumvent the browser's screensho...

EUVD-2025-25803

Malicious code in bioql PyPI...

EUVD-2023-42983

Malicious code in bioql PyPI...

CVE-2025-44002

Race Condition in the Directory Validation Logic in the TeamViewer Full Client and Host prior version 15.69 on Windows allows a local non-admin user to create arbitrary files with SYSTEM privileges, potentially leading to a denial-of-service condition, via symbolic link manipulation during...

CVE-2025-44002 Arbitrary File Creation via Symbolic Link leading to Denial-of-Service

Race Condition in the Directory Validation Logic in the TeamViewer Full Client and Host prior version 15.69 on Windows allows a local non-admin user to create arbitrary files with SYSTEM privileges, potentially leading to a denial-of-service condition, via symbolic link manipulation during...

PT-2025-34754 · Teamviewer · Teamviewer

Name of the Vulnerable Software and Affected Versions: TeamViewer versions prior to 15.69 Description: A race condition exists in the directory validation logic within the TeamViewer Full Client and Host on Windows. This allows a local, non-administrator user to create arbitrary files with SYSTEM...

CVE-2025-2183

An insufficient certificate validation issue in the Palo Alto Networks GlobalProtect™ app enables attackers to connect the GlobalProtect app to arbitrary servers. This can enable a local non-administrative operating system user or an attacker on the same subnet to install malicious root...