Vmware Vmware Cloud Foundation
5 CVEs affecting Vmware Vmware Cloud Foundation. Latest disclosed: 2026-02-25. Critical: 1, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-22224 | Critical | 9.3 | 2025-03-04 | VMware ESXi, and Workstation contain a TOCTOU (Time-of-Check Time-of-Use) vulnerability that leads to an out-of-bounds write. A malicious actor with local admi… |
CVE-2025-22249 | High | 8.2 | 2025-05-13 | VMware Aria automation contains a DOM based Cross-Site Scripting (XSS) vulnerability. A malicious actor may exploit this issue to steal the access token of a l… |
CVE-2025-41244 | High | 7.8 | 2025-09-29 | VMware Aria Operations and VMware Tools contain a local privilege escalation vulnerability. A malicious local actor with non-administrative privileges having a… |
CVE-2026-22721 | Medium | 6.2 | 2026-02-25 | VMware Aria Operations contains a privilege escalation vulnerability. A malicious actor with privileges in vCenter to access Aria Operations may leverage this… |
CVE-2025-41245 | Medium | 4.9 | 2025-09-29 | VMware Aria Operations contains an information disclosure vulnerability. A malicious actor with non-administrative privileges in Aria Operations may exploit th… |