Main Vulnerability Database Vulnerabilities #VU134589

Improper Protection of Alternate Path in Prisma Access Agent for Linux - CVE-2026-0268

Published: June 16, 2026

Vulnerability identifier: #VU134589

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2026-0268

CWE-ID: CWE-424

Exploitation vector: Local access

Exploit availability: No public exploit available

Vendor: Palo Alto Networks, Inc.

Affected software:
Prisma Access Agent for Linux

Detailed vulnerability description

The vulnerability allows a local user to route network traffic outside the VPN tunnel.

The vulnerability exists due to improper protection of alternate path in Prisma Access Agent for Linux when enforcing VPN traffic routing. A local user can bypass VPN enforcement to route network traffic outside the VPN tunnel.

No special configuration is required.

How to mitigate CVE-2026-0268

Install security update from vendor's website.

Sources

https://security.paloaltonetworks.com/CVE-2026-0268

Improper Protection of Alternate Path in Prisma Access Agent for Linux - CVE-2026-0268

Detailed vulnerability description

How to mitigate CVE-2026-0268

Sources

Please verify you're human