PAN-SA-2026-0003 Chromium: Monthly Vulnerability Update (March 2026)

Urgency MODERATE

Exploit Maturity UNREPORTED

Response Effort LOW

Recovery USER

Value Density DIFFUSE

Attack Vector NETWORK

Attack Complexity LOW

Attack Requirements NONE

Automatable NO

User Interaction ACTIVE

Product Confidentiality HIGH

Product Integrity HIGH

Product Availability HIGH

Privileges Required NONE

Subsequent Confidentiality NONE

Subsequent Integrity NONE

Subsequent Availability NONE

Published 2026-03-11

Updated 2026-03-11

Discovered externally

Palo Alto Networks incorporated the following Chromium security fixes into our products:

CVE	Summary
CVE-2026-2314	Heap buffer overflow in Codecs
CVE-2026-2317	Inappropriate implementation in Animation
CVE-2026-2318	Inappropriate implementation in PictureInPicture
CVE-2026-2319	Race in DevTools
CVE-2026-2321	Use after free in Ozone
CVE-2026-2322	Inappropriate implementation in File input
CVE-2026-2323	Inappropriate implementation in Downloads
CVE-2026-2441	Use after free in CSS

Versions	Affected	Unaffected
Prisma Browser	< 145.7.9.76	>= 145.7.9.76

No special configuration is required to be affected by this issue.

Palo Alto Networks is not aware of any malicious exploitation of this issue.

No known workarounds exist for this issue.

cpe:2.3:a:palo_alto_networks:prisma_browser:*:*:*:*:*:*:*:* is vulnerable from (including)145.7.9 and up to (excluding)145.7.9.76

2026-03-11 Initial Publication