Lucene search
K
VmwareCloud Foundation9.0

5 matches found

CVE
CVE
added 2026/06/08 7:5 a.m.440 views

CVE-2026-41722

CVE-2026-41722 is a stored cross-site scripting vulnerability affecting VMware Cloud Foundation Operations and related products. The NVD/Broadcom advisory describes that a malicious actor with privileges to create policies, views, or text-widgets can inject scripts to perform administrative actio...

8CVSS5.2AI score0.00399EPSS
CVE
CVE
added 2026/02/25 7:18 p.m.101 views

CVE-2026-22719

CVE-2026-22719 describes a command injection vulnerability in VMware Aria Operations that could allow an unauthenticated attacker to execute arbitrary commands and potentially achieve remote code execution during support‑assisted product migration. Affected product is VMware Aria Operations (8.x ...

8.1CVSS6.7AI score0.17424EPSS
In wild
CVE
CVE
added 2026/06/08 7:6 a.m.76 views

CVE-2026-41723

VMware Cloud Foundation Operations is affected by CVE-2026-41723 (and related CVEs) with multiple stored cross-site scripting vulnerabilities. The NVD/NVD-derived details indicate an issue in VMware Cloud Foundation Operations where a malicious actor with privileges to create policies, views, or ...

8CVSS5.2AI score0.00399EPSS
CVE
CVE
added 2026/02/25 8:0 p.m.52 views

CVE-2026-22721

CVE-2026-22721 affects VMware Aria Operations (8.x) prior to 8.18.6. A privileged actor in vCenter who can access Aria Operations can escalate to administrative rights. Remediation is via patches listed in the Fixed Version column of the VMSA-2026-0001 response matrix (Broadcom VMware security ad...

7.2CVSS5.3AI score0.00686EPSS
CVE
CVE
added 2026/02/25 7:33 p.m.25 views

CVE-2026-22720

CVE-2026-22720 affects VMware Aria Operations 8.x prior to 8.18.6, with a stored XSS in custom benchmarks. Remediation is to apply the fixes listed in VMSA-2026-0001 (Aria Operations 8.18.6). Connected sources also note CVE-2026-22719 (command injection) and CVE-2026-22721 (privilege escalation) ...

9CVSS4.9AI score0.00411EPSS