Sensitive Info Disclosure in Palo Alto Prisma Browser
CVE-2025-4618 Published on November 14, 2025

Prisma Browser: Sensitive Information Disclosure Vulnerability in Prisma Browser
A sensitive information disclosure vulnerability in Palo Alto Networks Prisma® Browser allows a locally authenticated non-admin user to retrieve sensitive data from Prisma Browser. Browser self-protection should be enabled to mitigate this issue.

Vendor Advisory NVD

Timeline

2025-09-10

Initial Publication

Weakness Type

Cleartext Storage of Sensitive Information in Memory

The application stores sensitive information in cleartext in memory.

Products Associated with CVE-2025-4618

Want to know whenever a new CVE is published for Palo Alto Networks Prisma Browser? stack.watch will email you.

Palo Alto Networks Prisma Browser

Affected Versions

Palo Alto Networks Prisma Browser:

Version 142.15.6.0, <= 142.15.6.60 is affected.

Exploit Probability

EPSS

0.01%

Percentile

1.39%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.