Vmware cloud foundation
This hub aggregates every CVE we track for Vmware cloud foundation, a product in the cloud saas space. Use it to gauge the current risk picture and drill into individual advisories.
168
CVEs tracked
25
Critical
81
High
22
In CISA KEV
Severity distribution
HIGH81MEDIUM60CRITICAL25LOW2
Monthly trend
0
0
2
2
0
0
6
1
3
1
8
3
5
0
6
0
0
0
0
3
0
0
0
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Vmware cloud foundation.
- CVE-2026-22721VMware Aria Operations privilege escalation vulnerability6.2
- CVE-2026-22720VMware Aria Operations stored cross-site scripting vulnerability8.0
- CVE-2026-22719VMware Aria Operations command injection vulnerabilityKEV8.1
- CVE-2025-41252Username enumeration vulnerability7.5
- CVE-2025-41251Weak password recovery vulnerability8.1
- CVE-2025-41250Header injection vulnerability8.5
- CVE-2025-41245VMSA-2025-0015: VMware Aria Operations and VMware Tools updates address multiple vulnerabilities (CVE-2025-41244,CVE-2025-41245, CVE-2025-41246)4.9
- CVE-2025-41244VMSA-2025-0015: VMware Aria Operations and VMware Tools updates address multiple vulnerabilities (CVE-2025-41244,CVE-2025-41245, CVE-2025-41246)KEV7.8
- CVE-2025-41246Improper authorisation vulnerability7.6
- CVE-2025-41241Denial-of-service vulnerability4.4
- CVE-2025-41239vSockets information-disclosure vulnerability7.1
- CVE-2025-41238PVSCSI heap-overflow vulnerability9.3
- CVE-2025-41237VMCI integer-underflow vulnerability9.3
- CVE-2025-41236VMXNET3 integer-overflow vulnerability9.3
- CVE-2025-22245VMware NSX contains a stored Cross-Site Scripting (XSS) vulnerability in the router port due to improper input validation.5.9
Product normalization is registry-driven with AI assist and human review. How it works