VMware vSphere Client (HTML5) - Remote Code Execution

The vSphere Client HTML5 contains a remote code execution vulnerability due to lack of input validation in the Virtual SAN Health Check plug-in which is enabled by default in vCenter Server. A malicious actor with network access to port 443 may exploit this issue to execute commands with...

VMware vSphere - Server-Side Request Forgery

VMware vSphere HTML5 is susceptible to server-side request forgery due to improper validation of URLs in a vCenter Server plugin. An attacker with network access to port 443 can exploit this issue by sending a POST request to the plugin. This affects VMware vCenter Server 7.x before 7.0 U1c, 6.7...

GHSA-7MR4-XJXG-34G6 vulnerabilities

Vulnerabilities for packages: aws-flb-cloudwatch, memcached-exporter, terraform-provider-aws, gitaly, jitsucom-bulker, kserve-rest-proxy, kubernetes, swagger, docker-cli, polaris, flux, terraform-provider-pagerduty, vault-benchmark, vault-secrets-webhook, grafana-mimir, verticadb-operator,...

CVE-2026-32281 vulnerabilities

Vulnerabilities for packages: gke-gcloud-auth-plugin, memcached-exporter, kubernetes, terraform-provider-time, crossplane-provider-gcp, vendir, wal-g, amazon-k8s-cni, esbuild, haproxy-ingress, helm, datadog-agent, argo-events, gostatsd, influx, kube-logging-operator-custom-runner,...

GHSA-X4JJ-H2V8-HQQV vulnerabilities

Vulnerabilities for packages: flux-source-watcher-fips, kube-arangodb-fips, crane-fips, kaf, wal-g, kubescape-server-fips, rke2-runtime-fips, fscrypt, buildkite-agent-fips, kubescape-server, docker-cli-buildx-fips, flux-fips, ko, kubernetes-csi-driver-nfs-fips, osv-scanner, localstack,...

CVE-2026-32288 vulnerabilities

Vulnerabilities for packages: flux-source-watcher-fips, kube-arangodb-fips, crane-fips, kaf, wal-g, kubescape-server-fips, rke2-runtime-fips, fscrypt, buildkite-agent-fips, kubescape-server, docker-cli-buildx-fips, flux-fips, ko, kubernetes-csi-driver-nfs-fips, osv-scanner, localstack,...

PT-2026-28315

Name of the Vulnerable Software and Affected Versions Foreman versions prior to 3.16.3 Foreman versions prior to 3.17.2 Foreman versions prior to 3.18.1 Description A flaw exists in Foreman that allows a remote attacker to exploit a command injection vulnerability within the WebSocket proxy...

GHSA-8JVR-VH7G-F8GX vulnerabilities

Vulnerabilities for packages: flux-source-watcher-fips, kubecolor, kube-arangodb-fips, supercronic, crossplane-provider-sql, thanos-receive-controller-fips, crane-fips, kaf, wal-g, prometheus-alertmanager, gendesk, kubernetes-csi-external-attacher-fips, rke2-cloud-provider-fips,...

CVE-2025-68121 vulnerabilities

Vulnerabilities for packages: flux-source-watcher-fips, kube-arangodb-fips, supercronic, crossplane-provider-sql, thanos-receive-controller-fips, crane-fips, kaf, wal-g, prometheus-alertmanager, gendesk, kubernetes-csi-external-attacher-fips, rke2-cloud-provider-fips,...

CVE-2025-61732 vulnerabilities

Vulnerabilities for packages: flux-source-watcher-fips, kubecolor, kube-arangodb-fips, supercronic, crossplane-provider-sql, thanos-receive-controller-fips, crane-fips, kaf, wal-g, prometheus-alertmanager, gendesk, kubernetes-csi-external-attacher-fips, rke2-cloud-provider-fips,...

CVE-2018-1000153

A cross-site request forgery vulnerability exists in Jenkins vSphere Plugin 2.16 and older in Clone.java, CloudSelectorParameter.java, ConvertToTemplate.java, ConvertToVm.java, Delete.java, DeleteSnapshot.java, Deploy.java, ExposeGuestInfo.java, FolderVSphereCloudProperty.java, PowerOff.java,...

CVE-2021-22049

The vSphere Web Client FLEX/Flash contains an SSRF Server Side Request Forgery vulnerability in the vSAN Web Client vSAN UI plug-in. A malicious actor with network access to port 443 on vCenter Server may exploit this issue by accessing a URL request outside of vCenter Server or accessing an...

CVE-2021-22018

The vCenter Server contains an arbitrary file deletion vulnerability in a VMware vSphere Life-cycle Manager plug-in. A malicious actor with network access to port 9087 on vCenter Server may exploit this issue to delete non critical files...

CVE-2022-23235

Active IQ Unified Manager for VMware vSphere, Linux, and Microsoft Windows versions prior to 9.10P1 are susceptible to a vulnerability which could allow an attacker to discover cluster, node and Active IQ Unified Manager specific information via AutoSupport telemetry data that is sent even when...

CVE-2022-23239

Active IQ Unified Manager for VMware vSphere, Linux, and Microsoft Windows versions prior to 9.11P1 are susceptible to a vulnerability which allows administrative users to perform a Stored Cross-Site Scripting XSS attack...

CVE-2023-43029

IBM Storage Virtualize vSphere Remote Plug-in 1.0 and 1.1 could allow a remote user to obtain sensitive credential information after deployment...

CISA Reports PRC Hackers Using BRICKSTORM for Long-Term Access in U.S. Systems

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Thursday released details of a backdoor named BRICKSTORM that has been put to use by state-sponsored threat actors from the People's Republic of China PRC to maintain long-term persistence on compromised systems. "BRICKSTORM is a...

Exploit for CVE-2021-21980

CVE-2021-21980 Vulnerable Test Environment Overview Realis...

Exploit for CVE-2021-21980

Clippy of the Dead - CVE-2021-21980 testing environment and Nucl...

The State of Security Today: Setting the Stage for 2026

As we close out 2025, one thing is clear: the security landscape is evolving faster than most organizations can keep up. From surging ransomware campaigns and AI-enhanced phishing to data extortion, geopolitical fallout, and gaps in cyber readiness, the challenges facing security teams today are ...