CVE-2026-28713

Default credentials set for local privileged user in Virtual Appliance. The following products are affected: Acronis Cyber Protect Cloud Agent VMware before build 36943, Acronis Cyber Protect 17 VMware before build 41186...

CVE-2026-28713

Default credentials set for local privileged user in Virtual Appliance. The following products are affected: Acronis Cyber Protect Cloud Agent VMware before build 36943, Acronis Cyber Protect 17 VMware before build 41186...

CVE-2026-28713

Default credentials set for local privileged user in Virtual Appliance. The following products are affected: Acronis Cyber Protect Cloud Agent VMware before build 36943, Acronis Cyber Protect 17 VMware before build 41186...

PT-2026-23587

Name of the Vulnerable Software and Affected Versions Acronis Cyber Protect Cloud Agent VMware versions prior to build 36943 Acronis Cyber Protect 17 VMware versions prior to build 41186 Description The Virtual Appliance is configured with default credentials for a local privileged user. This...

Vulnerabilities fixed in VMware Aria Operations

Broadcom has fixed vulnerabilities in VMware Aria Operations. The vulnerabilities include privilege escalation, stored cross-site scripting XSS and command injection. The privilege escalation vulnerability could allow an attacker to gain elevated privileges, which could affect system integrity an...

CISA Adds Actively Exploited VMware Aria Operations Flaw CVE-2026-22719 to KEV Catalog

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Tuesday added a recently disclosed security flaw impacting Broadcom VMware Aria Operations to its Known Exploited Vulnerabilities KEV catalog, citing active exploitation in the wild. The high-severity vulnerability, CVE-2026-22719...

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-21385link is external Qualcomm Multiple Chipsets Memory Corruption Vulnerability CVE-2026-22719link is external Broadcom VMware Aria Operations Command...

VMware Aria Operations and VMware Tools contain a local privilege escalation vulnerability

VMware Aria Operations and VMware Tools contain a local privilege escalation vulnerability. A malicious local actor with non-administrative privileges having access to a VM with VMware Tools installed and managed by Aria Operations with SDMP enabled may exploit this vulnerability to escalate...

CVE-2026-22717

Out-of-bound read vulnerability in VMware Workstation 25H1 and below on any platform allows an actor with non-administrative privileges on a guest VM to obtain limited information disclosure from the machine where VMware Workstation is installed...

EUVD-2026-9050

Out-of-bound read vulnerability in VMware Workstation 25H1 and below on any platform allows an actor with non-administrative privileges on a guest VM to obtain limited information disclosure from the machine where VMware Workstation is installed...

EUVD-2026-9043

Out-of-bound read vulnerability in VMware Workstation 25H1 and below on any platform allows an actor with non-administrative privileges on a guest VM to obtain limited information disclosure from the machine where VMware Workstation is installed...

CVE-2026-22717

Out-of-bound read vulnerability in VMware Workstation 25H1 and below on any platform allows an actor with non-administrative privileges on a guest VM to obtain limited information disclosure from the machine where VMware Workstation is installed...

CVE-2026-22715

VMWare Workstation and Fusion contain a logic flaw in the management of network packets. Known attack vectors: A malicious actor with administrative privileges on a Guest VM may be able to interrupt or intercept network connections of other Guest VM's. Resolution: To remediate CVE-2026-22715 plea...

CVE-2026-22716

Out-of-bound write vulnerability in VMware Workstation 25H1 and below on any platform allows an actor with non-administrative privileges on a guest VM to terminate certain Workstation processes...

CVE-2026-22717

CVE-2026-22717 is an out-of-bounds read vulnerability in VMware Workstation. The VMware advisory (VMSA-2026-0002) assigns it a Low severity (CVSSv3 up to 2.7) for VMware Workstation, with attack potential requiring non-administrative privileges on a guest VM and could lead to limited information ...

CVE-2026-22717

Out-of-bound read vulnerability in VMware Workstation 25H1 and below on any platform allows an actor with non-administrative privileges on a guest VM to obtain limited information disclosure from the machine where VMware Workstation is installed...

CVE-2026-22717 VMware Workstation out-of-bound read vulnerability

Out-of-bound read vulnerability in VMware Workstation 25H1 and below on any platform allows an actor with non-administrative privileges on a guest VM to obtain limited information disclosure from the machine where VMware Workstation is installed...

CVE-2026-22717 VMware Workstation out-of-bound read vulnerability

Out-of-bound read vulnerability in VMware Workstation 25H1 and below on any platform allows an actor with non-administrative privileges on a guest VM to obtain limited information disclosure from the machine where VMware Workstation is installed...

CVE-2026-22716 VMware Workstation out-of-bounds write vulnerability

Out-of-bound write vulnerability in VMware Workstation 25H1 and below on any platform allows an actor with non-administrative privileges on a guest VM to terminate certain Workstation processes...

CVE-2026-22716

Out-of-bound write vulnerability in VMware Workstation 25H1 and below on any platform allows an actor with non-administrative privileges on a guest VM to terminate certain Workstation processes...