Broadcom previously disclosed and patched CVE-2026-22719, a command injection issue in VMware Aria Operations (formerly vRealize Operations) that can enable unauthenticated Remote Code Execution (RCE) under a specific operational condition. This matters now because CISA added the CVE to its Known Exploited Vulnerabilities (KEV) catalog, which signals confirmed exploitation activity in real-world environments.
What Is CVE-2026-22719?
CVE-2026-22719 is a command injection vulnerability in VMware Aria Operations that can lead to unauthenticated RCE. VMware’s CVSS rating is 8.1 (High) with the vector AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H, reflecting that it is reachable over the network and requires no credentials, but also that exploitation is not “always-on.”
Details of CVE-2026-22719 (SOCRadar’s Vulnerability Intelligence)
The practical limiter is important. Broadcom states the vulnerable behavior is reachable only while a…