{"document":{"category":"csaf_vex","csaf_version":"2.1","notes":[{"category":"summary","text":"Palo Alto Networks PSIRT provided VEX document. This document is autogenerated.","title":"Chromium: Monthly Vulnerability Update (January 2026)"}],"publisher":{"category":"vendor","name":"Palo Alto Networks","namespace":"https://security.paloaltonetworks.com"},"title":"Palo Alto Networks PSIRT provided VEX document: PAN-SA-2026-0001","distribution":{"text":"Copyright © 2024 Palo Alto Networks. All rights reserved.","tlp":{"label":"CLEAR","url":"https://www.first.org/tlp/"}},"tracking":{"current_release_date":"2026-03-11T22:38:17.562Z","generator":{"date":"2026-03-11T22:38:17.562Z","engine":{"name":"Vulnogram","version":"0.1.0-dev"}},"id":"PAN-SA-2026-0001","initial_release_date":"2026-01-14T17:00:00.000Z","revision_history":[{"number":"1","date":"2026-01-14T09:00:00.000Z","summary":"Initial Publication"}],"status":"final","version":"1"}},"product_tree":{"branches":[{"name":"Palo Alto Networks","category":"vendor","branches":[{"name":"Prisma Browser","category":"product_name","branches":[{"category":"product_version_range","name":"vers:generic/Prisma Browser<142.21.4.163","product":{"name":"Palo Alto Networks Prisma Browser","product_id":"PANW-Prisma-Browser-59"}},{"category":"product_version_range","name":"vers:generic/Prisma Browser>=143.37.2.193","product":{"name":"Palo Alto Networks Prisma Browser","product_id":"PANW-Prisma-Browser-60"}}]}]}]},"vulnerabilities":[{"cve":"CVE-2025-12725","product_status":{"fixed":["PANW-Prisma-Browser-60"],"known_affected":["PANW-Prisma-Browser-59"]},"notes":[{"category":"description","text":"Out of bounds read in WebGPU"}],"references":[{"category":"external","summary":"NVD - CVE-2025-12725","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-12725"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2026-0001","url":"https://security.paloaltonetworks.com/PAN-SA-2026-0001"}],"threats":[{"category":"impact","description":"Out of bounds read in WebGPU"}]},{"cve":"CVE-2025-12726","product_status":{"fixed":["PANW-Prisma-Browser-60"],"known_affected":["PANW-Prisma-Browser-59"]},"notes":[{"category":"description","text":"Inappropriate implementation in Views"}],"references":[{"category":"external","summary":"NVD - CVE-2025-12726","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-12726"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2026-0001","url":"https://security.paloaltonetworks.com/PAN-SA-2026-0001"}],"threats":[{"category":"impact","description":"Inappropriate implementation in Views"}]},{"cve":"CVE-2025-12727","product_status":{"fixed":["PANW-Prisma-Browser-60"],"known_affected":["PANW-Prisma-Browser-59"]},"notes":[{"category":"description","text":"Inappropriate implementation in V8"}],"references":[{"category":"external","summary":"NVD - CVE-2025-12727","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-12727"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2026-0001","url":"https://security.paloaltonetworks.com/PAN-SA-2026-0001"}],"threats":[{"category":"impact","description":"Inappropriate implementation in V8"}]},{"cve":"CVE-2025-12728","product_status":{"fixed":["PANW-Prisma-Browser-60"],"known_affected":["PANW-Prisma-Browser-59"]},"notes":[{"category":"description","text":"Inappropriate implementation in Omnibox"}],"references":[{"category":"external","summary":"NVD - CVE-2025-12728","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-12728"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2026-0001","url":"https://security.paloaltonetworks.com/PAN-SA-2026-0001"}],"threats":[{"category":"impact","description":"Inappropriate implementation in Omnibox"}]},{"cve":"CVE-2025-12729","product_status":{"fixed":["PANW-Prisma-Browser-60"],"known_affected":["PANW-Prisma-Browser-59"]},"notes":[{"category":"description","text":"Inappropriate implementation in Omnibox"}],"references":[{"category":"external","summary":"NVD - CVE-2025-12729","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-12729"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2026-0001","url":"https://security.paloaltonetworks.com/PAN-SA-2026-0001"}],"threats":[{"category":"impact","description":"Inappropriate implementation in Omnibox"}]},{"cve":"CVE-2025-13042","product_status":{"fixed":["PANW-Prisma-Browser-60"],"known_affected":["PANW-Prisma-Browser-59"]},"notes":[{"category":"description","text":"Inappropriate implementation in V8"}],"references":[{"category":"external","summary":"NVD - CVE-2025-13042","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-13042"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2026-0001","url":"https://security.paloaltonetworks.com/PAN-SA-2026-0001"}],"threats":[{"category":"impact","description":"Inappropriate implementation in V8"}]},{"cve":"CVE-2025-13223","product_status":{"fixed":["PANW-Prisma-Browser-60"],"known_affected":["PANW-Prisma-Browser-59"]},"notes":[{"category":"description","text":"Type Confusion in V8"}],"references":[{"category":"external","summary":"NVD - CVE-2025-13223","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-13223"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2026-0001","url":"https://security.paloaltonetworks.com/PAN-SA-2026-0001"}],"threats":[{"category":"impact","description":"Type Confusion in V8"}]},{"cve":"CVE-2025-13224","product_status":{"fixed":["PANW-Prisma-Browser-60"],"known_affected":["PANW-Prisma-Browser-59"]},"notes":[{"category":"description","text":"Type Confusion in V8"}],"references":[{"category":"external","summary":"NVD - CVE-2025-13224","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-13224"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2026-0001","url":"https://security.paloaltonetworks.com/PAN-SA-2026-0001"}],"threats":[{"category":"impact","description":"Type Confusion in V8"}]},{"cve":"CVE-2025-13630","product_status":{"fixed":["PANW-Prisma-Browser-60"],"known_affected":["PANW-Prisma-Browser-59"]},"notes":[{"category":"description","text":"Type Confusion in V8"}],"references":[{"category":"external","summary":"NVD - CVE-2025-13630","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-13630"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2026-0001","url":"https://security.paloaltonetworks.com/PAN-SA-2026-0001"}],"threats":[{"category":"impact","description":"Type Confusion in V8"}]},{"cve":"CVE-2025-13631","product_status":{"fixed":["PANW-Prisma-Browser-60"],"known_affected":["PANW-Prisma-Browser-59"]},"notes":[{"category":"description","text":"Inappropriate implementation in Google Updater"}],"references":[{"category":"external","summary":"NVD - CVE-2025-13631","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-13631"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2026-0001","url":"https://security.paloaltonetworks.com/PAN-SA-2026-0001"}],"threats":[{"category":"impact","description":"Inappropriate implementation in Google Updater"}]},{"cve":"CVE-2025-13632","product_status":{"fixed":["PANW-Prisma-Browser-60"],"known_affected":["PANW-Prisma-Browser-59"]},"notes":[{"category":"description","text":"Inappropriate implementation in DevTools"}],"references":[{"category":"external","summary":"NVD - CVE-2025-13632","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-13632"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2026-0001","url":"https://security.paloaltonetworks.com/PAN-SA-2026-0001"}],"threats":[{"category":"impact","description":"Inappropriate implementation in DevTools"}]},{"cve":"CVE-2025-13633","product_status":{"fixed":["PANW-Prisma-Browser-60"],"known_affected":["PANW-Prisma-Browser-59"]},"notes":[{"category":"description","text":"Use after free in Digital Credentials"}],"references":[{"category":"external","summary":"NVD - CVE-2025-13633","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-13633"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2026-0001","url":"https://security.paloaltonetworks.com/PAN-SA-2026-0001"}],"threats":[{"category":"impact","description":"Use after free in Digital Credentials"}]},{"cve":"CVE-2025-13634","product_status":{"fixed":["PANW-Prisma-Browser-60"],"known_affected":["PANW-Prisma-Browser-59"]},"notes":[{"category":"description","text":"Inappropriate implementation in Downloads"}],"references":[{"category":"external","summary":"NVD - CVE-2025-13634","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-13634"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2026-0001","url":"https://security.paloaltonetworks.com/PAN-SA-2026-0001"}],"threats":[{"category":"impact","description":"Inappropriate implementation in Downloads"}]},{"cve":"CVE-2025-13635","product_status":{"fixed":["PANW-Prisma-Browser-60"],"known_affected":["PANW-Prisma-Browser-59"]},"notes":[{"category":"description","text":"Inappropriate implementation in Downloads"}],"references":[{"category":"external","summary":"NVD - CVE-2025-13635","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-13635"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2026-0001","url":"https://security.paloaltonetworks.com/PAN-SA-2026-0001"}],"threats":[{"category":"impact","description":"Inappropriate implementation in Downloads"}]},{"cve":"CVE-2025-13636","product_status":{"fixed":["PANW-Prisma-Browser-60"],"known_affected":["PANW-Prisma-Browser-59"]},"notes":[{"category":"description","text":"Inappropriate implementation in Split View"}],"references":[{"category":"external","summary":"NVD - CVE-2025-13636","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-13636"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2026-0001","url":"https://security.paloaltonetworks.com/PAN-SA-2026-0001"}],"threats":[{"category":"impact","description":"Inappropriate implementation in Split View"}]},{"cve":"CVE-2025-13637","product_status":{"fixed":["PANW-Prisma-Browser-60"],"known_affected":["PANW-Prisma-Browser-59"]},"notes":[{"category":"description","text":"Inappropriate implementation in Downloads"}],"references":[{"category":"external","summary":"NVD - CVE-2025-13637","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-13637"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2026-0001","url":"https://security.paloaltonetworks.com/PAN-SA-2026-0001"}],"threats":[{"category":"impact","description":"Inappropriate implementation in Downloads"}]},{"cve":"CVE-2025-13638","product_status":{"fixed":["PANW-Prisma-Browser-60"],"known_affected":["PANW-Prisma-Browser-59"]},"notes":[{"category":"description","text":"Use after free in Media Stream"}],"references":[{"category":"external","summary":"NVD - CVE-2025-13638","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-13638"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2026-0001","url":"https://security.paloaltonetworks.com/PAN-SA-2026-0001"}],"threats":[{"category":"impact","description":"Use after free in Media Stream"}]},{"cve":"CVE-2025-13639","product_status":{"fixed":["PANW-Prisma-Browser-60"],"known_affected":["PANW-Prisma-Browser-59"]},"notes":[{"category":"description","text":"Inappropriate implementation in WebRTC"}],"references":[{"category":"external","summary":"NVD - CVE-2025-13639","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-13639"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2026-0001","url":"https://security.paloaltonetworks.com/PAN-SA-2026-0001"}],"threats":[{"category":"impact","description":"Inappropriate implementation in WebRTC"}]},{"cve":"CVE-2025-13640","product_status":{"fixed":["PANW-Prisma-Browser-60"],"known_affected":["PANW-Prisma-Browser-59"]},"notes":[{"category":"description","text":"Inappropriate implementation in Passwords"}],"references":[{"category":"external","summary":"NVD - CVE-2025-13640","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-13640"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2026-0001","url":"https://security.paloaltonetworks.com/PAN-SA-2026-0001"}],"threats":[{"category":"impact","description":"Inappropriate implementation in Passwords"}]},{"cve":"CVE-2025-13720","product_status":{"fixed":["PANW-Prisma-Browser-60"],"known_affected":["PANW-Prisma-Browser-59"]},"notes":[{"category":"description","text":"Bad cast in Loader"}],"references":[{"category":"external","summary":"NVD - CVE-2025-13720","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-13720"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2026-0001","url":"https://security.paloaltonetworks.com/PAN-SA-2026-0001"}],"threats":[{"category":"impact","description":"Bad cast in Loader"}]},{"cve":"CVE-2025-13721","product_status":{"fixed":["PANW-Prisma-Browser-60"],"known_affected":["PANW-Prisma-Browser-59"]},"notes":[{"category":"description","text":"Race in v8"}],"references":[{"category":"external","summary":"NVD - CVE-2025-13721","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-13721"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2026-0001","url":"https://security.paloaltonetworks.com/PAN-SA-2026-0001"}],"threats":[{"category":"impact","description":"Race in v8"}]},{"cve":"CVE-2025-14174","product_status":{"fixed":["PANW-Prisma-Browser-60"],"known_affected":["PANW-Prisma-Browser-59"]},"notes":[{"category":"description","text":"Out of bounds memory access in ANGLE"}],"references":[{"category":"external","summary":"NVD - CVE-2025-14174","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-14174"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2026-0001","url":"https://security.paloaltonetworks.com/PAN-SA-2026-0001"}],"threats":[{"category":"impact","description":"Out of bounds memory access in ANGLE"}]},{"cve":"CVE-2025-14372","product_status":{"fixed":["PANW-Prisma-Browser-60"],"known_affected":["PANW-Prisma-Browser-59"]},"notes":[{"category":"description","text":"Use after free in Password Manager"}],"references":[{"category":"external","summary":"NVD - CVE-2025-14372","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-14372"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2026-0001","url":"https://security.paloaltonetworks.com/PAN-SA-2026-0001"}],"threats":[{"category":"impact","description":"Use after free in Password Manager"}]},{"cve":"CVE-2025-14373","product_status":{"fixed":["PANW-Prisma-Browser-60"],"known_affected":["PANW-Prisma-Browser-59"]},"notes":[{"category":"description","text":"Inappropriate implementation in Toolbar"}],"references":[{"category":"external","summary":"NVD - CVE-2025-14373","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-14373"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2026-0001","url":"https://security.paloaltonetworks.com/PAN-SA-2026-0001"}],"threats":[{"category":"impact","description":"Inappropriate implementation in Toolbar"}]},{"cve":"CVE-2025-14765","product_status":{"fixed":["PANW-Prisma-Browser-60"],"known_affected":["PANW-Prisma-Browser-59"]},"notes":[{"category":"description","text":"Use after free in WebGPU"}],"references":[{"category":"external","summary":"NVD - CVE-2025-14765","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-14765"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2026-0001","url":"https://security.paloaltonetworks.com/PAN-SA-2026-0001"}],"threats":[{"category":"impact","description":"Use after free in WebGPU"}]},{"cve":"CVE-2025-14766","product_status":{"fixed":["PANW-Prisma-Browser-60"],"known_affected":["PANW-Prisma-Browser-59"]},"notes":[{"category":"description","text":"Out of bounds read and write in V8"}],"references":[{"category":"external","summary":"NVD - CVE-2025-14766","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-14766"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2026-0001","url":"https://security.paloaltonetworks.com/PAN-SA-2026-0001"}],"threats":[{"category":"impact","description":"Out of bounds read and write in V8"}]},{"cve":"CVE-2026-0628","product_status":{"fixed":["PANW-Prisma-Browser-60"],"known_affected":["PANW-Prisma-Browser-59"]},"notes":[{"category":"description","text":"Insufficient policy enforcement in WebView tag"}],"references":[{"category":"external","summary":"NVD - CVE-2026-0628","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-0628"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2026-0001","url":"https://security.paloaltonetworks.com/PAN-SA-2026-0001"}],"threats":[{"category":"impact","description":"Insufficient policy enforcement in WebView tag"}]}]}