Command injection vulnerability in VMware Aria Operations allows unauthenticated remote code execution during support-assisted product migration. Affects critical enterprise infrastructure management platforms commonly exposed to internet.
Data Source: CIRCL
Confidence: HIGH
Exploitation Method: DIRECT_NETWORK
CVE Published: 2026-02-25
Added to CISA KEV: 2026-03-03 6 DAYS BETWEEN CVE AND KEV
Here's a breakdown of what is known about its exploitation:
CVE-2026-22719 presents a challenge to exploit due to its high attack complexity, but the absence of privilege requirements still makes it a viable target for skilled attackers. A thorough security review is advised.Below is the Impact Analysis for CVE-2026-22719, showing how Confidentiality, Integr…
Information Technology Laboratory. National Vulnerability Database.A malicious unauthenticated actor may exploit this issue to execute arbitrary commands which may lead to remote code execution in VMware Aria Operations while support-assisted product migration is in progress. To remediate CVE-2026-2…
For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild. Organizations should use the KEV catal…
The new advisory revealed VMware Aria Operations is at risk from a triple threat of a command injection vulnerability (CVE-2026-22719), a stored cross-site scripting vulnerability (CVE-2026-22720), and a privilege escalation vulnerability (CVE-2026-22721). ... is currently no indication of active ex…
CVE-2026-27119 - svelte performance oriented web framework. From 5.39.3, <=5.51.4, in certain circumstances, the server-side rendering output of…Above is the CVSS Sub-score Breakdown for CVE-2026-27119, illustrating how Base, Impact, and Exploitability factors combine to form the overall severity ra…