Description

An arbitrary file-write vulnerability in Pega Browser Extension (PBE) affects Pega Robotic Automation version 22.1 or R25 users who are running automations that work with Google Chrome or Microsoft Edge. A bad actor could create a website that includes malicious code. The vulnerability could occur if a Robot Runtime user navigates to the malicious website.

INFO

Published Date :

2026-04-07T15:04:32.765Z

Last Modified :

2026-04-07T19:59:49.928Z

Source :

Pega
AFFECTED PRODUCTS

The following products are affected by CVE-2026-1078 vulnerability.

Vendors Products
Pegasystems
  • Pega Robot Studio
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-1078.

URL Resource
https://support.pega.com/support-doc/pega-security-advisory-a26-vulnerability-remediation-note cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Attack Requirements
Privileges Required
User Interaction
VS Confidentiality
VS Integrity
VS Availability
SS Confidentiality
SS Integrity
SS Availability