CVE-2026-0277
Severity CVSS v4.0:
MEDIUM
Type:
CWE-295
Improper Certificate Validation
Publication date:
09/07/2026
Last modified:
09/07/2026
Description
An improper certificate validation vulnerability in the Prisma® Access Agent for iOS enables an attacker to perform a man-in-the-middle (MitM) attack to intercept VPN traffic. <br />
<br />
The Prisma Access Agent on Windows, macOS, Linux, Android and ChromeOS are not affected.



