THREATOPS
THREAT OPSCVEs › CVE-2026-22719

CVE-2026-22719 — Broadcom VMware Aria Operations Command Injection Vulnerability

CISA KEVExploited: confirmedBroadcom

Broadcom VMware Aria Operations formerly known as vRealize Operations (vROps) contains a command injection vulnerability that allows an unauthenticated attacker to execute arbitrary commands, potentially leading to remote code execution during support‑assisted product migration.

Vulnerability details

Related reporting