VMware Aria Operations Vulnerability Exploited in the Wild
The recently patched CVE-2026-22719 can be exploited by an unauthenticated attacker for remote code execution. The post VMware Aria Operations Vulnerability Exploited in the Wild appeared first on SecurityWeek.
A recently patched vulnerability in VMware Aria Operations (formerly vRealize Operations) has been exploited in the wild, the cybersecurity agency CISA warned on Tuesday.
The vulnerability, tracked as CVE-2026-22719, is a high-severity command injection issue that can be exploited without authentication.
“A malicious unauthenticated actor may exploit this issue to execute arbitrary commands which may lead to remote code execution in VMware Aria Operations while support-assisted product migration is in progress,” Broadcom explained in a February 24 advisory announcing patches for the flaw.
Source: https://www.securityweek.com/vmware-aria-operations-vulnerability-exploited-in-the-wild/
Related breach coverage
- CISA Warns of Attacks Exploiting Recent SharePoint Vulnerability2026-03-19
The SharePoint remote code execution vulnerability CVE-2026-20963, which Microsoft patched in January, has been exploited in the wild. The post CISA Warns of Attacks Exploiting Recent SharePoint Vulnerability appeared first on SecurityWeek.
- VMware Aria Operations Vulnerability Could Allow Remote Code Execution2026-02-24
Broadcom has patched several vulnerabilities in VMware Aria Operations, including high-severity flaws. The post VMware Aria Operations Vulnerability Could Allow Remote Code Execution appeared first on SecurityWeek.
- Recent Apache ActiveMQ Vulnerability Exploited in the Wild2026-04-17
The remote code execution vulnerability tracked as CVE-2026-34197 came to light in early April. The post Recent Apache ActiveMQ Vulnerability Exploited in the Wild appeared first on SecurityWeek.
- Oracle Releases Emergency Patch for Critical Identity Manager Vulnerability2026-03-23
CVE-2026-21992 can be used without authentication for remote code execution and it may have been exploited in the wild. The post Oracle Releases Emergency Patch for Critical Identity Manager Vulnerability appeared first on SecurityWeek.