Security Control Bypass in Prisma Access Agent for Linux by Palo Alto Networks
CVE-2026-0268

4.4MEDIUM

Key Information:

Vendor
CVE Published:
10 June 2026

Badges

👾 Exploit Exists

What is CVE-2026-0268?

A security control bypass vulnerability in the Prisma Access Agent for Linux enables local attackers to route network traffic outside the secure VPN tunnel. This issue is specific to the Linux version of the agent and does not affect the Windows, macOS, iOS, Android, or ChromeOS versions. If exploited, this vulnerability could allow unauthorized access to sensitive data or facilitate other malicious actions.

Affected Version(s)

Prisma Access Agent Linux 0 < 26.2.1

Prisma Access Agent Windows All

References

CVSS V4

Score:
4.4
Severity:
MEDIUM
Confidentiality:
High
Integrity:
Low
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • 👾

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

Credit

our internal security research teams
.