High Threat Security Alert (A26-02-31): Multiple Vulnerabilities in VMware Products

Description:

VMware has published a security advisory to address multiple vulnerabilities in VMware Products. The details of patches can be found at:
https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36947

Reports indicated that the remote code execution vulnerability (CVE-2026-22719) in VMware Products is being exploited in the wild. System administrators are advised to take immediate action to patch your affected systems to mitigate the elevated risk of cyber attacks.

Affected Systems:

• VMware Aria Operations
• VMware Cloud Foundation
• VMware Telco Cloud Infrastructure
• VMware Telco Cloud Platform
• VMware vSphere Foundation

For detailed information of the affected systems, please refer to the corresponding security advisory at vendor's website.

Impact:

Depending on the vulnerabilities being exploited, a successful exploitation could lead to remote code execution or elevation of privilege on an affected system.

Recommendation:

Patches for affected systems are available. System administrators of affected systems should follow the recommendations provided by the vendor and take immediate actions to mitigate the risk.

More Information:

• https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36947
• https://www.hkcert.org/security-bulletin/vmware-products-multiple-vulnerabilities_20260225
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22719 (to CVE-2026-22721)