Vmware Cloud Foundation vulnerabilities

CVE-2026-22720 [HIGH] CWE-79 CVE-2026-22720: VMware Aria Operations contains a stored cross-site scripting vulnerability. A malicious actor with VMware Aria Operations contains a stored cross-site scripting vulnerability. A malicious actor with privileges to create custom benchmarks may be able to inject script to perform administrative actions in VMware Aria Operations. To remediate CVE-2026-22720, apply the patches listed in the 'Fixed Version' column of the 'Response Matrix' of VMSA-2026-000

CVE-2026-22721 [MEDIUM] CWE-269 CVE-2026-22721: VMware Aria Operations contains a privilege escalation vulnerability. A malicious actor with privile VMware Aria Operations contains a privilege escalation vulnerability. A malicious actor with privileges in vCenter to access Aria Operations may leverage this vulnerability to obtain administrative access in VMware Aria Operations. To remediate CVE-2026-22721, apply the patches listed in the 'Fixed Version' column of the 'Response Matrix' found in V

CVE-2026-22719 [HIGH] CWE-77 CVE-2026-22719: VMware Aria Operations contains a command injection vulnerability. A malicious unauthenticated actor VMware Aria Operations contains a command injection vulnerability. A malicious unauthenticated actor may exploit this issue to execute arbitrary commands which may lead to remote code execution in VMware Aria Operations while support-assisted product migration is in progress. To remediate CVE-2026-22719, apply the patches listed in the 'Fixed Version'

CVE-2025-41250 [HIGH] CWE-77 CVE-2025-41250: VMware vCenter contains an SMTP header injection vulnerability. A malicious actor with non-administr VMware vCenter contains an SMTP header injection vulnerability. A malicious actor with non-administrative privileges on vCenter who has permission to create scheduled tasks may be able to manipulate the notification emails sent for scheduled tasks.

CVE-2025-41244 [HIGH] CWE-267 CVE-2025-41244: VMware Aria Operations and VMware Tools contain a local privilege escalation vulnerability. A malici VMware Aria Operations and VMware Tools contain a local privilege escalation vulnerability. A malicious local actor with non-administrative privileges having access to a VM with VMware Tools installed and managed by Aria Operations with SDMP enabled may exploit this vulnerability to escalate privileges to root on the same VM.

CVE-2025-41241 [MEDIUM] CWE-754 CVE-2025-41241: VMware vCenter contains a denial-of-service vulnerability. A malicious actor who is authenticated th VMware vCenter contains a denial-of-service vulnerability. A malicious actor who is authenticated through vCenter and has permission to perform API calls for guest OS customisation may trigger this vulnerability to create a denial-of-service condition.

CVE-2025-41236 [CRITICAL] CWE-787 CVE-2025-41236: VMware ESXi, Workstation, and Fusion contain an integer-overflow vulnerability in the VMXNET3 virtua VMware ESXi, Workstation, and Fusion contain an integer-overflow vulnerability in the VMXNET3 virtual network adapter. A malicious actor with local administrative privileges on a virtual machine with VMXNET3 virtual network adapter may exploit this issue to execute code on the host. Non VMXNET3 virtual adapters are not affected by this issue.

CVE-2025-41238 [CRITICAL] CWE-787 CVE-2025-41238: VMware ESXi, Workstation, and Fusion contain a heap-overflow vulnerability in the PVSCSI (Paravirtua VMware ESXi, Workstation, and Fusion contain a heap-overflow vulnerability in the PVSCSI (Paravirtualized SCSI) controller that leads to an out of-bounds write. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. On ESXi, the ex

CVE-2025-41237 [CRITICAL] CWE-787 CVE-2025-41237: VMware ESXi, Workstation, and Fusion contain an integer-underflow in VMCI (Virtual Machine Communica VMware ESXi, Workstation, and Fusion contain an integer-underflow in VMCI (Virtual Machine Communication Interface) that leads to an out-of-bounds write. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. On ESXi, the exploitat

CVE-2025-41239 [HIGH] CWE-908 CVE-2025-41239: VMware ESXi, Workstation, Fusion, and VMware Tools contains an information disclosure vulnerability VMware ESXi, Workstation, Fusion, and VMware Tools contains an information disclosure vulnerability due to the usage of an uninitialised memory in vSockets. A malicious actor with local administrative privileges on a virtual machine may be able to exploit this issue to leak memory from processes communicating with vSockets.

CVE-2025-22243 [HIGH] CWE-79 CVE-2025-22243: VMware NSX Manager UI is vulnerable to a stored Cross-Site Scripting (XSS) attack due to improper in VMware NSX Manager UI is vulnerable to a stored Cross-Site Scripting (XSS) attack due to improper input validation.

CVE-2025-22244 [MEDIUM] CWE-79 CVE-2025-22244: VMware NSX contains a stored Cross-Site Scripting (XSS) vulnerability in the gateway firewall due to VMware NSX contains a stored Cross-Site Scripting (XSS) vulnerability in the gateway firewall due to improper input validation.

CVE-2025-22245 [MEDIUM] CWE-79 CVE-2025-22245: VMware NSX contains a stored Cross-Site Scripting (XSS) vulnerability in the router port due to impr VMware NSX contains a stored Cross-Site Scripting (XSS) vulnerability in the router port due to improper input validation.

CVE-2025-41230 [HIGH] CWE-200 CVE-2025-41230: VMware Cloud Foundation contains an information disclosure vulnerability. A malicious actor with net VMware Cloud Foundation contains an information disclosure vulnerability. A malicious actor with network access to port 443 on VMware Cloud Foundation may exploit this issue to gain access to sensitive information.

CVE-2025-41225 [HIGH] CWE-78 CVE-2025-41225: The vCenter Server contains an authenticated command-execution vulnerability. A malicious actor with The vCenter Server contains an authenticated command-execution vulnerability. A malicious actor with privileges to create or modify alarms and run script action may exploit this issue to run arbitrary commands on the vCenter Server.

CVE-2025-41231 [HIGH] CWE-862 CVE-2025-41231: VMware Cloud Foundation contains a missing authorisation vulnerability. A malicious actor with acces VMware Cloud Foundation contains a missing authorisation vulnerability. A malicious actor with access to VMware Cloud Foundation appliance may be able to perform certain unauthorised actions and access limited sensitive information.

CVE-2025-41229 [HIGH] CWE-22 CVE-2025-41229: VMware Cloud Foundation contains a directory traversal vulnerability. A malicious actor with network VMware Cloud Foundation contains a directory traversal vulnerability. A malicious actor with network access to port 443 on VMware Cloud Foundation may exploit this issue to access certain internal services.

CVE-2025-41228 [MEDIUM] CWE-79 CVE-2025-41228: VMware ESXi and vCenter Server contain a reflected cross-site scripting vulnerability due to imprope VMware ESXi and vCenter Server contain a reflected cross-site scripting vulnerability due to improper input validation. A malicious actor with network access to the login page of certain ESXi host or vCenter Server URL paths may exploit this issue to steal cookies or redirect to malicious websites.

CVE-2025-41226 [MEDIUM] CWE-400 CVE-2025-41226: VMware ESXi contains a denial-of-service vulnerability that occurs when performing a guest operation VMware ESXi contains a denial-of-service vulnerability that occurs when performing a guest operation. A malicious actor with guest operation privileges on a VM, who is already authenticated through vCenter Server or ESXi may trigger this issue to create a denial-of-service condition of guest VMs with VMware Tools running and guest operations enabled

CVE-2025-41227 [MEDIUM] CWE-400 CVE-2025-41227: VMware ESXi, Workstation, and Fusion contain a denial-of-service vulnerability due to certain guest VMware ESXi, Workstation, and Fusion contain a denial-of-service vulnerability due to certain guest options. A malicious actor with non-administrative privileges within a guest operating system may be able to exploit this issue by exhausting memory of the host process leading to a denial-of-service condition.