CVE Vulnerabilities

CVE-2026-0268

Improper Protection of Alternate Path

Published: Jun 10, 2026 | Modified: Jun 11, 2026

CVSS 3.x

N/A

Source:

NVD

CVSS 2.x

RedHat/V2

RedHat/V3

Ubuntu

Vulnerability-free packages from our partners

Additional information

NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-0268
CWE	https://cwe.mitre.org/data/definitions/424.html

A security control bypass vulnerability in Prisma Access Agent for Linux allows a local attacker to route network traffic outside the VPN tunnel.

This does not impact Prisma Access Agent on Windows, macOS, iOS, Android, or ChromeOS.

Weakness

The product does not sufficiently protect all possible paths that a user can take to access restricted functionality or resources.

Potential Mitigations

References

https://security.paloaltonetworks.com/CVE-2026-0268

Aqua Container Security

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.

Copyright © 2026 Aqua Security Software Ltd. Privacy Policy | Terms of Use