Introduction On September 29, 2025, Broadcom, released VMSA-2025-0016 . The advisory discloses multiple vulnerabilities in vCenter and NSX, ranging from SMTP header injection to weak password recovery mechanisms that allow username enumeration. The severity is listed as Important , with CVSS scores ranging from 7.5 to 8.5. This is not a cosmetic issue. For enterprises that depend on vCenter and NSX to anchor their virtualization and network segmentation, these flaws cut dir
