CVE-2026-22717 | THREATINT

Description

Out-of-bound read vulnerability in VMware Workstation 25H1 and below on any platform allows an actor with non-administrative privileges on a guest VM to obtain limited information disclosure from the machine where VMware Workstation is installed.

PUBLISHED Reserved 2026-01-09 | Published 2026-02-27 | Updated 2026-02-27 | Assigner vmware

LOW: 2.7CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N

Problem types

CWE-125 Out-of-bounds Read

Product status

Default status

unaffected

25H2 (custom) before 25H1U1

affected

References

support.broadcom.com/...l/content/SecurityAdvisories/0/36986

cve.org (CVE-2026-22717)

nvd.nist.gov (CVE-2026-22717)

Download JSON