CVE-2026-45173: CWE-346: Origin Validation Error in CyberArk Software, a Palo Alto Networks Company Identity Browser Extensions
The Idira Identity Browser Extension for Chrome, Firefox, and Edge versions prior to 26.8.1 contains an origin validation error. This flaw allows a remote attacker to potentially cause unauthorized application interactions or execution parameters within the context of an authenticated user's browser session by tricking the user into visiting a specially crafted webpage. The vulnerability is tracked as CVE-2026-45173 and has a high severity rating with a CVSS score of 8.4.
AI Analysis
Technical Summary
CVE-2026-45173 is an origin validation vulnerability (CWE-346) in CyberArk Software's Idira Identity Browser Extensions (Chrome, Firefox, Edge). Versions prior to 26.8.1 improperly validate the origin of internal web-page interactions. An attacker can exploit this by luring an authenticated user to a malicious webpage, which may trigger unauthorized application interactions or execution parameters within the authenticated browser session context. This could lead to unauthorized actions being performed without the user's explicit consent.
Potential Impact
Successful exploitation could allow a remote attacker to perform unauthorized interactions or execute parameters within the context of an authenticated browser session, potentially compromising the security of the user's session and associated resources. The vulnerability requires user interaction (visiting a crafted webpage) and does not require privileges or authentication by the attacker.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. No official fix or patch link is provided at this time. Users should monitor CyberArk's security bulletins for updates and apply any forthcoming patches or updates promptly. Until a fix is available, users should exercise caution when visiting untrusted websites while using affected versions of the extension.
CVE-2026-45173: CWE-346: Origin Validation Error in CyberArk Software, a Palo Alto Networks Company Identity Browser Extensions
Description
The Idira Identity Browser Extension for Chrome, Firefox, and Edge versions prior to 26.8.1 contains an origin validation error. This flaw allows a remote attacker to potentially cause unauthorized application interactions or execution parameters within the context of an authenticated user's browser session by tricking the user into visiting a specially crafted webpage. The vulnerability is tracked as CVE-2026-45173 and has a high severity rating with a CVSS score of 8.4.
CVSS v4.0
Score 8.4high
Affected software
pkg:npm/identity-browser-extensionsRun on your own infrastructure? Check whether these packages are installed with threat-finder — our free open-source scanner.
Weaknesses
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2026-45173 is an origin validation vulnerability (CWE-346) in CyberArk Software's Idira Identity Browser Extensions (Chrome, Firefox, Edge). Versions prior to 26.8.1 improperly validate the origin of internal web-page interactions. An attacker can exploit this by luring an authenticated user to a malicious webpage, which may trigger unauthorized application interactions or execution parameters within the authenticated browser session context. This could lead to unauthorized actions being performed without the user's explicit consent.
Potential Impact
Successful exploitation could allow a remote attacker to perform unauthorized interactions or execute parameters within the context of an authenticated browser session, potentially compromising the security of the user's session and associated resources. The vulnerability requires user interaction (visiting a crafted webpage) and does not require privileges or authentication by the attacker.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. No official fix or patch link is provided at this time. Users should monitor CyberArk's security bulletins for updates and apply any forthcoming patches or updates promptly. Until a fix is available, users should exercise caution when visiting untrusted websites while using affected versions of the extension.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- palo_alto
- Date Reserved
- 2026-05-08T23:00:57.503Z
- Cvss Version
- 4.0
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a2b336c815e7002b838f06a
Added to database: 6/11/2026, 10:15:08 PM
Last enriched: 6/11/2026, 10:30:00 PM
Last updated: 6/11/2026, 11:28:24 PM
Views: 5
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.