CVE-2026-22719

HIGH KEV

VMware Aria Operations - Command Injection

Title source: llm
STIX 2.1

Exploitation Summary

CVE-2026-22719 is actively exploited and listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, added March 3, 2026.

Description

VMware Aria Operations contains a command injection vulnerability. A malicious unauthenticated actor may exploit this issue to execute arbitrary commands which may lead to remote code execution in VMware Aria Operations while support-assisted product migration is in progress.  To remediate CVE-2026-22719, apply the patches listed in the 'Fixed Version' column of the ' Response Matrix https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36947 ' in VMSA-2026-0001  Workarounds for CVE-2026-22719 are documented in the 'Workarounds' column of the ' Response Matrix https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36947 ' in VMSA-2026-0001

References (4)

Core 4

Scores

CVSS v3 8.1
EPSS 0.0190
EPSS Percentile 83.7%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation active
Automatable no
Technical Impact total

Details

CISA KEV 2026-03-03
VulnCheck KEV 2026-03-03
ENISA EUVD EUVD-2026-8708
CWE
CWE-77
Status published
Products (13)
vmware/aria_operations 8.0 - 8.18.6
vmware/cloud_foundation 4.0 - 5.2.3
VMware/Telco Cloud Infrastructure 2.0 - 5.2.3
VMware/Telco Cloud Infrastructure 5.2.3
VMware/Telco Cloud Platform 2.0 - 5.2.3
VMware/Telco Cloud Platform 5.2.3
vmware/telco_cloud_infrastructure 2.2 - 3.0
vmware/telco_cloud_platform 4.0 - 5.1
VMware/VMware Aria Operations 8.18.x - 8.18.6
VMware/VMware Cloud Foundation Operations 4.0 - 5.2.3
... and 3 more
Published Feb 25, 2026
KEV Added Mar 03, 2026
Tracked Since Feb 26, 2026