VMWare Aria Operations 8.x < 8.18.6 Multiple Vulnerabilities (VMSA-2026-0001)

According to its self-reported version, the instance of VMWare Aria Operations formerly vRealize Operations running on the remote web server is 8.x 8.18.6. It is, therefore, affected by the following: - VMware Aria Operations contains a command injection vulnerability. A malicious unauthenticated...

CVE-2026-22720

VMware Aria Operations contains a stored cross-site scripting vulnerability. A malicious actor with privileges to create custom benchmarks may be able to inject script to perform administrative actions in VMware Aria Operations. To remediate CVE-2026-22720, apply the patches listed in the 'Fixed...

EUVD-2026-8709

VMware Aria Operations contains a stored cross-site scripting vulnerability. A malicious actor with privileges to create custom benchmarks may be able to inject script to perform administrative actions in VMware Aria Operations. To remediate CVE-2026-22720, apply the patches listed in the 'Fixed...