CVE-2026-22722

CWE-476NULL Pointer Dereference3 documents3 sources
Severity
6.1MEDIUM
EPSS
0.0%
top 99.31%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Vmware Workstation
Timeline
PublishedFeb 26

Description

A malicious actor with authenticated user privileges on a Windows based Workstation host may be able to cause a null pointer dereference error. To Remediate CVE-2026-22722, apply the patches listed in the "Fixed version" column of the 'Response Matrix'

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:HExploitability: 1.8 | Impact: 4.2

Affected Packages1 packages

CVEListV5vmware/workstation17.025H2u1

🔴Vulnerability Details

2
CVEList
VMware Workstation for Windows null pointer dereference may allow an authenticated user to trigger a crash2026-02-26
GHSA
GHSA-wgqq-4524-pjw8: A malicious actor with authenticated user privileges on a Windows based Workstation host may be able to cause a null pointer dereference error2026-02-26
CVE-2026-22722 (MEDIUM CVSS 6.1) | A malicious actor with authenticate | cvebase.io