CVE-2026-1078

UNKNOWN NVD

CVSS Score 0

Severity UNKNOWN

Published Apr 07, 2026

Vendor unknown

Description

An arbitrary file-write vulnerability in Pega Browser Extension (PBE) affects Pega Robotic Automation version 22.1 or R25 users who are running automations that work with Google Chrome or Microsoft Edge. A bad actor could create a website that includes malicious code. The vulnerability could occur if a Robot Runtime user navigates to the malicious website.

References

https://support.pega.com/support-doc/pega-security-advisory-a26-vulnerability-remediation-note