CVE-2026-22715

CWE-9234 documents4 sources

Severity

5.9MEDIUM

EPSS

0.0%

top 86.01%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Vmware Fusion Vmware Workstation

Timeline

PublishedFeb 26

Description

VMWare Workstation and Fusion contain a logic flaw in the management of network packets. Known attack vectors: A malicious actor with administrative privileges on a Guest VM may be able to interrupt or intercept network connections of other Guest VM's. Resolution: To remediate CVE-2026-22715 please upgrade to VMware Workstation or Fusion Version 25H2U1

CVSS vector

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:LExploitability: 1.6 | Impact: 4.2

Affected Packages2 packages

▶CVEListV5vmware/fusion13.0 — 25H2U1

▶CVEListV5vmware/workstation17.0 — 25H2U1

🔴Vulnerability Details

CVEList

VMware Workstation/Fusion NAT vulnerability↗2026-02-26

▶

GHSA

GHSA-r6f6-7cf6-c3cg: VMWare Workstation and Fusion contain a logic flaw in the management of network packets↗2026-02-26

▶