VMware vSphere - Server-Side Request Forgery

VMware vSphere HTML5 is susceptible to server-side request forgery due to improper validation of URLs in a vCenter Server plugin. An attacker with network access to port 443 can exploit this issue by sending a POST request to the plugin. This affects VMware vCenter Server 7.x before 7.0 U1c, 6.7...

VMware vSphere Client (HTML5) - Remote Code Execution

The vSphere Client HTML5 contains a remote code execution vulnerability due to lack of input validation in the Virtual SAN Health Check plug-in which is enabled by default in vCenter Server. A malicious actor with network access to port 443 may exploit this issue to execute commands with...

CVE-2026-32281 vulnerabilities

Vulnerabilities for packages: mods, q, tailscale, slsa-verifier, kyverno-notation-aws, local-static-provisioner, cloud-provider-azure, smokescreen, nri-discovery-kubernetes, minio-operator, modelmesh-runtime-adapter, external-dns, rancher-webhook, rancher-loglevel, go-licenses, ip-masq-agent, buf...

GHSA-7MR4-XJXG-34G6 vulnerabilities

Vulnerabilities for packages: dgraph, x509-certificate-exporter, opentelemetry-operator, cilium, crossplane-provider-azure-authorization, goreleaser, tailscale, cloud-sql-proxy, falcoctl, delve, scorecard, go-discover, slsa-verifier, terraform-provider-sendgrid, nuclei, k8s-device-plugin, tetrago...

CVE-2026-32288 vulnerabilities

Vulnerabilities for packages: argo-cd, pulumi-language-java, cert-manager-cmctl, gitlab-kas-fips, atlantis-fips, cluster-autoscaler-fips, gitleaks, kube-arangodb-fips, cerbos, nats-server-fips, juicefs, nuclei, sriov-network-device-plugin-fips, vault-csi-provider, keda-fips, filebrowser,...

GHSA-X4JJ-H2V8-HQQV vulnerabilities

Vulnerabilities for packages: argo-cd, pulumi-language-java, cert-manager-cmctl, gitlab-kas-fips, atlantis-fips, cluster-autoscaler-fips, gitleaks, kube-arangodb-fips, cerbos, nats-server-fips, juicefs, nuclei, sriov-network-device-plugin-fips, vault-csi-provider, keda-fips, filebrowser,...

PT-2026-28315

Name of the Vulnerable Software and Affected Versions Foreman versions prior to 3.16.3 Foreman versions prior to 3.17.2 Foreman versions prior to 3.18.1 Description A flaw exists in Foreman that allows a remote attacker to exploit a command injection vulnerability within the WebSocket proxy...

CVE-2025-61732 vulnerabilities

Vulnerabilities for packages: argo-cd, terraform-provider-pagerduty, chart-testing-fips, glow, kubernetes-dashboard-web, pulumi-language-java, cert-manager-cmctl, apache-exporter, ferretdb, gitlab-kas-fips, atlantis-fips, dataplaneapi-fips, amass, cluster-autoscaler-fips, chaos-mesh-fips,...

GHSA-8JVR-VH7G-F8GX vulnerabilities

Vulnerabilities for packages: argo-cd, terraform-provider-pagerduty, chart-testing-fips, glow, kubernetes-dashboard-web, pulumi-language-java, cert-manager-cmctl, apache-exporter, ferretdb, gitlab-kas-fips, atlantis-fips, dataplaneapi-fips, amass, cluster-autoscaler-fips, chaos-mesh-fips,...

CVE-2025-68121 vulnerabilities

Vulnerabilities for packages: argo-cd, terraform-provider-pagerduty, chart-testing-fips, glow, kubernetes-dashboard-web, pulumi-language-java, cert-manager-cmctl, apache-exporter, ferretdb, gitlab-kas-fips, atlantis-fips, cluster-autoscaler-fips, amass, dataplaneapi-fips, chaos-mesh-fips,...

CVE-2018-1000153

A cross-site request forgery vulnerability exists in Jenkins vSphere Plugin 2.16 and older in Clone.java, CloudSelectorParameter.java, ConvertToTemplate.java, ConvertToVm.java, Delete.java, DeleteSnapshot.java, Deploy.java, ExposeGuestInfo.java, FolderVSphereCloudProperty.java, PowerOff.java,...

CVE-2021-22049

The vSphere Web Client FLEX/Flash contains an SSRF Server Side Request Forgery vulnerability in the vSAN Web Client vSAN UI plug-in. A malicious actor with network access to port 443 on vCenter Server may exploit this issue by accessing a URL request outside of vCenter Server or accessing an...

CVE-2021-22018

The vCenter Server contains an arbitrary file deletion vulnerability in a VMware vSphere Life-cycle Manager plug-in. A malicious actor with network access to port 9087 on vCenter Server may exploit this issue to delete non critical files...

CVE-2022-23235

Active IQ Unified Manager for VMware vSphere, Linux, and Microsoft Windows versions prior to 9.10P1 are susceptible to a vulnerability which could allow an attacker to discover cluster, node and Active IQ Unified Manager specific information via AutoSupport telemetry data that is sent even when...

CVE-2022-23239

Active IQ Unified Manager for VMware vSphere, Linux, and Microsoft Windows versions prior to 9.11P1 are susceptible to a vulnerability which allows administrative users to perform a Stored Cross-Site Scripting XSS attack...

CVE-2023-43029

IBM Storage Virtualize vSphere Remote Plug-in 1.0 and 1.1 could allow a remote user to obtain sensitive credential information after deployment...

CISA Reports PRC Hackers Using BRICKSTORM for Long-Term Access in U.S. Systems

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Thursday released details of a backdoor named BRICKSTORM that has been put to use by state-sponsored threat actors from the People's Republic of China PRC to maintain long-term persistence on compromised systems. "BRICKSTORM is a...

Exploit for CVE-2021-21980

CVE-2021-21980 Vulnerable Test Environment Overview Realis...

Exploit for CVE-2021-21980

Clippy of the Dead - CVE-2021-21980 testing environment and Nucl...

The State of Security Today: Setting the Stage for 2026

As we close out 2025, one thing is clear: the security landscape is evolving faster than most organizations can keep up. From surging ransomware campaigns and AI-enhanced phishing to data extortion, geopolitical fallout, and gaps in cyber readiness, the challenges facing security teams today are ...