CVE-2025-22249 — CVSS 8.2 (high): VMware Aria automation contains a DOM based Cross-Site Scripting (XSS) vulnerability. A malicious actor may exploit this issue to steal the…
CVE-2026-41724 — CVSS 8.0 (high): VMware Cloud Foundation Operations contains multiple stored cross-site scripting vulnerabilities.A malicious actor with privileges to…
CVE-2026-22720 — CVSS 8.0 (high): VMware Aria Operations contains a stored cross-site scripting vulnerability. A malicious actor with privileges to create custom benchmarks…
CVE-2026-41722 — CVSS 8.0 (high): VMware Cloud Foundation Operations contains multiple stored cross-site scripting vulnerabilities.A malicious actor with privileges to…
CVE-2026-41723 — CVSS 8.0 (high): VMware Cloud Foundation Operations contains multiple stored cross-site scripting vulnerabilities.A malicious actor with privileges to…
CVE-2025-22244 — CVSS 6.9 (medium): VMware NSX contains a stored Cross-Site Scripting (XSS) vulnerability in the gateway firewall due to improper input validation.
CVE-2026-22721 — CVSS 6.2 (medium): VMware Aria Operations contains a privilege escalation vulnerability. A malicious actor with privileges in vCenter to access Aria…
CVE-2025-22245 — CVSS 5.9 (medium): VMware NSX contains a stored Cross-Site Scripting (XSS) vulnerability in the router port due to improper input validation.