Security Control Bypass in Prisma Access Agent for Linux by Palo Alto Networks
CVE-2026-0268
4.4MEDIUM
Key Information:
- Vendor
Palo Alto Networks
- Status
- Vendor
- CVE Published:
- 10 June 2026
Badges
👾 Exploit Exists
What is CVE-2026-0268?
A security control bypass vulnerability in the Prisma Access Agent for Linux enables local attackers to route network traffic outside the secure VPN tunnel. This issue is specific to the Linux version of the agent and does not affect the Windows, macOS, iOS, Android, or ChromeOS versions. If exploited, this vulnerability could allow unauthorized access to sensitive data or facilitate other malicious actions.
Affected Version(s)
Prisma Access Agent Linux 0 < 26.2.1
Prisma Access Agent Windows All
References
CVSS V4
Score:
4.4
Severity:
MEDIUM
Confidentiality:
High
Integrity:
Low
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None
Timeline
- 👾
Exploit known to exist
Vulnerability published
Vulnerability Reserved
Credit
our internal security research teams