Known Vulnerabilities for products from Vmware
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Vmware".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-47838 json | SubjectDnX509PrincipalExtractor does not correctly handle certain malformed X.509 certificate CN values, which can lead to re... | Not Provided | 2026-06-10 | 2026-06-17 |
| CVE-2026-47835 json | In Spring AI Vector Stores, special characters could be used to force the execution of arbitrary queries in Elasticsearch, Op... | Not Provided | 2026-06-15 | 2026-06-17 |
| CVE-2026-41863 json | Spring AI's support for Anthropic's Skills API used LLM-influenced filenames unsanitized in Path.resolve before writing files... | Not Provided | 2026-05-25 | 2026-06-01 |
| CVE-2026-41856 json | The Spring GraphQL annotation detection mechanism for @Controller data fetchers may not correctly resolve annotations on meth... | Not Provided | 2026-06-11 | 2026-06-12 |
| CVE-2026-41854 json | Due to incorrect host parsing, applications that rely on UriComponentsBuilder to parse and validate an externally provided UR... | Not Provided | 2026-06-09 | 2026-06-15 |
| CVE-2026-41853 json | Spring MVC and WebFlux applications are vulnerable to Multipart request smuggling attacks. Affected versions: Spring Framewo... | Not Provided | 2026-06-09 | 2026-06-15 |
| CVE-2026-41852 json | A vulnerability in Spring Expression Language (SpEL) evaluation logic allows for arbitrary zero-argument method invocation, e... | Not Provided | 2026-06-09 | 2026-06-11 |
| CVE-2026-41851 json | Applications which accept user-supplied Spring Expression Language (SpEL) expressions may be vulnerable to a Denial of Servic... | Not Provided | 2026-06-09 | 2026-06-09 |
| CVE-2026-41850 json | Applications that evaluate user-supplied Spring Expression Language (SpEL) expressions are vulnerable to an Algorithmic Denia... | Not Provided | 2026-06-09 | 2026-06-09 |
| CVE-2026-41849 json | An integer overflow vulnerability exists in the evaluation logic of the Spring Expression Language (SpEL). An attacker can ex... | Not Provided | 2026-06-09 | 2026-06-09 |
| CVE-2026-41848 json | Applications may be vulnerable to a Regular Expression Denial of Service (ReDoS) attack if an attacker is able to provide a p... | Not Provided | 2026-06-09 | 2026-06-11 |
| CVE-2026-41847 json | Spring WebFlux applications may be vulnerable to a security bypass when using the Kotlin Router DSL. Affected versions: Spri... | Not Provided | 2026-06-09 | 2026-06-11 |
| CVE-2026-41846 json | Spring MVC applications which accept user-supplied values in the cssClass, cssErrorClass, or cssStyle attributes of JSP form ... | Not Provided | 2026-06-09 | 2026-06-11 |
| CVE-2026-41845 json | Due to incorrect escaping, the use of JavaScriptUtils.javaScriptEscape() may lead to JavaScript code injection in the browser... | Not Provided | 2026-06-09 | 2026-06-11 |
| CVE-2026-41844 json | A Spring MVC or Spring WebFlux application which configures a mapping for "/**" where the view name is not explicitly specifi... | Not Provided | 2026-06-09 | 2026-06-11 |
| CVE-2026-41843 json | Spring MVC and WebFlux applications are vulnerable to Path Traversal attacks when resolving static resources. Affected versi... | Not Provided | 2026-06-09 | 2026-06-09 |
| CVE-2026-41842 json | Spring MVC and WebFlux applications are vulnerable to Denial of Service (DoS) attacks when resolving static resources. Affec... | Not Provided | 2026-06-09 | 2026-06-09 |
| CVE-2026-41841 json | Spring MVC and WebFlux applications are vulnerable to Information Disclosure attacks when resolving static resources. Affect... | Not Provided | 2026-06-09 | 2026-06-09 |
| CVE-2026-41840 json | Spring WebFlux applications are vulnerable to Denial of Service (DoS) attacks when processing multipart requests. Affected v... | Not Provided | 2026-06-09 | 2026-06-09 |
| CVE-2026-41838 json | IDs for WebSocket sessions in the spring-websocket module are not cryptographically unpredictable, which may be possible to e... | Not Provided | 2026-06-09 | 2026-06-11 |
Known software with vulnerabilities from Vmware
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Vmware | Ace | - |
| Application | Vmware | Ace 2 | - |
| Application | Vmware | Airwatch | 7.3.0.0 |
| Application | Vmware | Airwatch Console | 9.1.0.0 |
| Application | Vmware | Airwatch Launcher | 3.2.2 |
| Application | Vmware | App Volumes | 2.10 |
| Application | Vmware | Capacityiq | 1.0.0 |
| Application | Vmware | Capacity Planner | 2.6.2.22938 |
| Application | Vmware | Cloud Foundation | - |
| Application | Vmware | Consolidated Backup Framework | 1.5.0.2192 |
| Application | Vmware | Converter | 1.0.0 |
| Application | Vmware | Converter Enterprise Client | 4.0.3.62417 |
| Application | Vmware | Data Recovery | 1.2.0 |
| Operating System | Vmware | Esx | - |
| Operating System | Vmware | Esxi | 3.5 |
| Application | Vmware | Esx Server | - |
| Application | Vmware | Fusion | - |
| Application | Vmware | Fusion Pro | 8.0.0 |
| Application | Vmware | Gemfire | 9.7.0 |
| Application | Vmware | Gsx Server | - |