Description
Idira Identity Browser Extension (Chrome, Firefox, and Edge builds) versions prior to 26.8.1 exhibit an origin validation flaw within its internal web-page verification routines. If an authenticated user navigates to a specially crafted webpage, this interaction could potentially allow a remote attacker to trigger unauthorized application interaction or execution parameters within the context of that authenticated browser session. CyberArk Security Bulletin: CA26-21
Published: 2026-06-11
Score: 8.4 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability arises from an origin validation flaw within the extension’s internal page verification, allowing an attacker to craft a malicious webpage that causes the extension to perform actions outside its intended scope. If an authenticated user visits such a page, the attacker could trigger unauthorized commands or adjust execution parameters within the browser session. The primary impact is that the attacker gains the same privileges as the authenticated user in the context of the extension, potentially facilitating further compromise of the user’s system.

Affected Systems

CyberArk’s Identity Browser Extensions for Chrome, Edge, and Firefox versions earlier than 26.8.1 are affected. These extensions run in the user’s browser and are distributed by CyberArk, a Palo Alto Networks company.

Risk and Exploitability

The flaw has a CVSS score of 8.4, reflecting high severity. The EPSS value is not available, and the vulnerability is not currently listed in CISA’s KEV catalog, indicating no known publicly released exploits yet. However, the attack vector requires a social engineering or phishing scenario where an authenticated user is tricked into visiting a crafted webpage, making proactive application of the patch highly advisable.

Generated by OpenCVE AI on June 11, 2026 at 23:21 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the Identity Browser Extension to version 26.8.1 or later on all supported browsers.
  • Verify that the extension’s origin validation is enabled and enforce restrictions on loading content from untrusted origins via browser policies where possible.
  • Disable or block the extension on devices that cannot be immediately upgraded to mitigate risk until the patch is applied.

Generated by OpenCVE AI on June 11, 2026 at 23:21 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 12 Jun 2026 20:45:00 +0000

Type Values Removed Values Added
First Time appeared Cyberark
Cyberark identity Browser Extensions
Vendors & Products Cyberark
Cyberark identity Browser Extensions

Fri, 12 Jun 2026 14:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Thu, 11 Jun 2026 22:15:00 +0000

Type Values Removed Values Added
Description Idira Identity Browser Extension (Chrome, Firefox, and Edge builds) versions prior to 26.8.1 exhibit an origin validation flaw within its internal web-page verification routines. If an authenticated user navigates to a specially crafted webpage, this interaction could potentially allow a remote attacker to trigger unauthorized application interaction or execution parameters within the context of that authenticated browser session. CyberArk Security Bulletin: CA26-21
Title Idira Identity Browser Extension: Unauthorized Application Interaction via Origin Validation Failure
First Time appeared Cyberark Software A Palo Alto Networks Company
Cyberark Software A Palo Alto Networks Company identity Browser Extensions
Weaknesses CWE-346
CPEs cpe:2.3:a:cyberark_software_a_palo_alto_networks_company:identity_browser_extensions:*:*:chrome:*:*:*:*:*
cpe:2.3:a:cyberark_software_a_palo_alto_networks_company:identity_browser_extensions:*:*:edge:*:*:*:*:*
cpe:2.3:a:cyberark_software_a_palo_alto_networks_company:identity_browser_extensions:*:*:firefox:*:*:*:*:*
Vendors & Products Cyberark Software A Palo Alto Networks Company
Cyberark Software A Palo Alto Networks Company identity Browser Extensions
References
Metrics cvssV4_0

{'score': 8.4, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:L/VA:N/SC:H/SI:H/SA:N/U:Amber'}


Subscriptions

Cyberark Identity Browser Extensions
Cyberark Software A Palo Alto Networks Company Identity Browser Extensions
cve-icon MITRE

Status: PUBLISHED

Assigner: palo_alto

Published:

Updated: 2026-06-12T13:40:22.091Z

Reserved: 2026-05-08T23:00:57.503Z

Link: CVE-2026-45173

cve-icon Vulnrichment

Updated: 2026-06-12T13:40:15.408Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-06-11T22:16:57.470

Modified: 2026-06-12T15:30:26.567

Link: CVE-2026-45173

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-12T20:21:27Z

Weaknesses