VMware vSphere - Server-Side Request Forgery

VMware vSphere HTML5 is susceptible to server-side request forgery due to improper validation of URLs in a vCenter Server plugin. An attacker with network access to port 443 can exploit this issue by sending a POST request to the plugin. This affects VMware vCenter Server 7.x before 7.0 U1c, 6.7...

VMware vSphere Client (HTML5) - Remote Code Execution

The vSphere Client HTML5 contains a remote code execution vulnerability due to lack of input validation in the Virtual SAN Health Check plug-in which is enabled by default in vCenter Server. A malicious actor with network access to port 443 may exploit this issue to execute commands with...

GHSA-7MR4-XJXG-34G6 vulnerabilities

Vulnerabilities for packages: dbmate, runc, falco-no-driver, sftpgo-plugin-eventsearch, step-issuer, kwok, tkn, crossplane-provider-azure-sql, harbor, x509-certificate-exporter, cloud-provider-vsphere, envconsul, grafana-pyroscope, terraform-provider-time, xeol, step, karpenter, telegraf,...

CVE-2026-32281 vulnerabilities

Vulnerabilities for packages: sftpgo-plugin-eventsearch, runc, wgcf, q, docker-credential-ecr-login, cloud-provider-vsphere, envconsul, xeol, kubernetes-ingress-defaultbackend, aws-efs-csi-driver, newrelic-k8s-metadata-injection, victoriametrics, amass, influx, mockery, stakater-reloader,...

GHSA-X4JJ-H2V8-HQQV vulnerabilities

Vulnerabilities for packages: trivy, datadog-agent, influxd, caddy, commercial-chainloop-backend, ingress-nginx-controller, elastic-agent, rabbitmq-messaging-topology-operator, kube-state-metrics, rclone-fips, snyk-cli, gatekeeper-fips, ko-fips, gitaly, juicefs, rke2-runtime, sonobuoy, kyverno,...

CVE-2026-32288 vulnerabilities

Vulnerabilities for packages: trivy, datadog-agent, influxd, caddy, commercial-chainloop-backend, ingress-nginx-controller, elastic-agent, rabbitmq-messaging-topology-operator, kube-state-metrics, rclone-fips, snyk-cli, gatekeeper-fips, ko-fips, gitaly, juicefs, rke2-runtime, sonobuoy, kyverno,...

PT-2026-28315

Name of the Vulnerable Software and Affected Versions Foreman versions prior to 3.16.3 Foreman versions prior to 3.17.2 Foreman versions prior to 3.18.1 Description A flaw exists in Foreman that allows a remote attacker to exploit a command injection vulnerability within the WebSocket proxy...

GHSA-8JVR-VH7G-F8GX vulnerabilities

Vulnerabilities for packages: kapp, influxd, restic-fips, caddy, crossplane-provider-azure-managedidentity, fulcio, prometheus-pushgateway-fips, http-echo, gatus-fips, kube-bench, custom-pod-autoscaler-fips, ingress-nginx-controller, opa, postgres-operator-fips, docker-machine-driver-harvester,...

CVE-2025-68121 vulnerabilities

Vulnerabilities for packages: kapp, influxd, restic-fips, caddy, crossplane-provider-azure-managedidentity, fulcio, prometheus-pushgateway-fips, http-echo, gatus-fips, kube-bench, custom-pod-autoscaler-fips, ingress-nginx-controller, opa, postgres-operator-fips, docker-machine-driver-harvester,...

CVE-2025-61732 vulnerabilities

Vulnerabilities for packages: kapp, influxd, restic-fips, caddy, crossplane-provider-azure-managedidentity, fulcio, prometheus-pushgateway-fips, http-echo, gatus-fips, kube-bench, custom-pod-autoscaler-fips, ingress-nginx-controller, opa, postgres-operator-fips, docker-machine-driver-harvester,...

CVE-2018-1000153

A cross-site request forgery vulnerability exists in Jenkins vSphere Plugin 2.16 and older in Clone.java, CloudSelectorParameter.java, ConvertToTemplate.java, ConvertToVm.java, Delete.java, DeleteSnapshot.java, Deploy.java, ExposeGuestInfo.java, FolderVSphereCloudProperty.java, PowerOff.java,...

CVE-2021-22049

The vSphere Web Client FLEX/Flash contains an SSRF Server Side Request Forgery vulnerability in the vSAN Web Client vSAN UI plug-in. A malicious actor with network access to port 443 on vCenter Server may exploit this issue by accessing a URL request outside of vCenter Server or accessing an...

CVE-2021-22018

The vCenter Server contains an arbitrary file deletion vulnerability in a VMware vSphere Life-cycle Manager plug-in. A malicious actor with network access to port 9087 on vCenter Server may exploit this issue to delete non critical files...

CVE-2022-23235

Active IQ Unified Manager for VMware vSphere, Linux, and Microsoft Windows versions prior to 9.10P1 are susceptible to a vulnerability which could allow an attacker to discover cluster, node and Active IQ Unified Manager specific information via AutoSupport telemetry data that is sent even when...

CVE-2022-23239

Active IQ Unified Manager for VMware vSphere, Linux, and Microsoft Windows versions prior to 9.11P1 are susceptible to a vulnerability which allows administrative users to perform a Stored Cross-Site Scripting XSS attack...

CVE-2023-43029

IBM Storage Virtualize vSphere Remote Plug-in 1.0 and 1.1 could allow a remote user to obtain sensitive credential information after deployment...

CISA Reports PRC Hackers Using BRICKSTORM for Long-Term Access in U.S. Systems

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Thursday released details of a backdoor named BRICKSTORM that has been put to use by state-sponsored threat actors from the People's Republic of China PRC to maintain long-term persistence on compromised systems. "BRICKSTORM is a...

Exploit for CVE-2021-21980

CVE-2021-21980 Vulnerable Test Environment Overview Realis...

Exploit for CVE-2021-21980

Clippy of the Dead - CVE-2021-21980 testing environment and Nucl...

The State of Security Today: Setting the Stage for 2026

As we close out 2025, one thing is clear: the security landscape is evolving faster than most organizations can keep up. From surging ransomware campaigns and AI-enhanced phishing to data extortion, geopolitical fallout, and gaps in cyber readiness, the challenges facing security teams today are ...