CVE-2026-22721
πΆ mediumSummary
VMware Aria Operations contains a privilege escalation vulnerability. A malicious actor with privileges in vCenter to access Aria Operations may leverage this vulnerability to obtain administrative access in VMware Aria Operations. To remediate CVE-2026-22721, apply the patches listed in the 'Fixed Version' column of the 'Response Matrix' found inΒ VMSA-2026-0001 https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36947 .
CVSS Score
6.2
Medium
EPSS Score
0.1
Exploit Probability
Published Date
2026-02-25
First Seen: 2026-02-26
π Relative Risk Intelligence
This CVE is Lower Risk - more severe than 39.2% of all 318,332 vulnerabilities in our database.
#193,634
Below average severity
Severity Percentile
π― CISA SSVC Assessment Updated: Feb 24, 2026
π Exploitation Status
None
No known exploits
βοΈ Automatable
NO
Requires human interaction
π₯ Technical Impact
Total
Complete system compromise possible
SSVC data provided by
CISA
Last Modified
2026-03-04
Source
NVD π
CVSS Vector 3.1
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:L
CWE IDs (Weakness Types)