CVE-2026-22720

moderate-risk

Published 2026-02-25

VMware Aria Operations contains a stored cross-site scripting vulnerability. A malicious actor with privileges to create custom benchmarks may be able to inject script to perform administrative actions in VMware Aria Operations. To remediate CVE-2026-22720, apply the patches listed in the 'Fixed Version' column of the 'Response Matrix' of VMSA-2026-0001 https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36947https:// .

Do I need to act?

0.11% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 8.0/10 High

NETWORK / LOW complexity

Affected Products (4)

Aria Operations

Cloud Foundation

Telco Cloud Infrastructure

Telco Cloud Platform

Affected Vendors

Vmware

References (2)

Patch https://support.broadcom.com/web/ecx/support-content-notification/-/external/con...

Release Notes https://techdocs.broadcom.com/us/en/vmware-cis/aria/aria-operations/8-18/vmware-...

/ 100

moderate-risk

Severity 28/34 · Critical

Exploitability 0/34 · Minimal

Exposure 10/34 · Low