Insights from the Field

Introduction VMSA-2026-0001 addresses three vulnerabilities identified as CVE-2026-22719, CVE-2026-22720, and CVE-2026-22721. The advisory applies to VMware Aria Operations, a platform commonly integrated directly into vCenter environments for monitoring, analytics, and operational visibility. Aria Operations maintains authenticated connections to vCenter, collects configuration and performance data from ESXi hosts, and often integrates with Active Directory or other external

What Is It? On June 4, 2025, Broadcom issued Security Advisory VMSA-2025-0012 disclosing three stored cross-site scripting (XSS) vulnerabilities affecting VMware NSX. These flaws exist within the NSX Manager user interface, Gateway Firewall, and Router Port components. They are tracked as CVE-2025-22243, CVE-2025-22244, and CVE-2025-22245. These vulnerabilities impact multiple NSX versions including 4.1.x, 4.2.1.x, and 4.2.x, and extend to affected deployments of VMware Cloud