Command injection vulnerability in VMware Aria Operations allows unauthenticated remote code execution during support-assisted product migration. Affects critical enterprise infrastructure management platforms commonly exposed to internet.
Data Source: CIRCL
Confidence: HIGH
Exploitation Method: DIRECT_NETWORK
CVE Published: 2026-02-25
Added to CISA KEV: 2026-03-03 6 DAYS BETWEEN CVE AND KEV
CVE-2026-22719 presents a challenge to exploit due to its high attack complexity, but the absence of privilege requirements still makes it a viable target for skilled attackers. A thorough security review is advised.Below is the Impact Analysis for CVE-2026-22719, showing how Confidentiality, Integrity, and Availability might be affected if the vulnerability is exploited. Higher values usually signal greater potential damage.
Information Technology Laboratory. National Vulnerability Database.A malicious unauthenticated actor may exploit this issue to execute arbitrary commands which may lead to remote code execution in VMware Aria Operations while support-assisted product migration is in progress. To remediate CVE-2026-22719, apply the patches listed in the 'Fixed Version' column of the ' Response Matrix https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36947 ' in VMSA-2026-0001.
For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild. Organizations should use the KEV catalog as an input to their vulnerability management prioritization framework.How to use the KEV ...
The new advisory revealed VMware Aria Operations is at risk from a triple threat of a command injection vulnerability (CVE-2026-22719), a stored cross-site scripting vulnerability (CVE-2026-22720), and a privilege escalation vulnerability (CVE-2026-22721). ... is currently no indication of active exploitation ... Designated as CVE-2024-37079, the exploit enables RCE or privilege escalation via the use of a specially made network packet in VMware's centralized management utility, vCenter Server.
CVE-2026-27119 - svelte performance oriented web framework. From 5.39.3, <=5.51.4, in certain circumstances, the server-side rendering output of…Above is the CVSS Sub-score Breakdown for CVE-2026-27119, illustrating how Base, Impact, and Exploitability factors combine to form the overall severity rating. A higher sub-score typically indicates a more severe or easier-to-exploit vulnerability.