Skip to main content

VMware CVE-2026-22716

MEDIUM
Out-of-bounds Write (CWE-787)
2026-02-27 security@vmware.com
5.0
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.0 MEDIUM
AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:L

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:L
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Changed
Confidentiality
None
Integrity
Low
Availability
Low

Lifecycle Timeline

2
Analysis Generated
Mar 12, 2026 - 21:55 vuln.today
CVE Published
Feb 27, 2026 - 19:16 nvd
MEDIUM 5.0

DescriptionCVE.org

Out-of-bound write vulnerability in VMware Workstation 25H1 and below on any platform allows an actor with non-administrative privileges on a guest VM to terminate certain Workstation processes.

AnalysisAI

VMware Workstation 25H1 and earlier contains an out-of-bounds write vulnerability that allows unprivileged guest VM users to crash specific Workstation processes. The vulnerability requires user interaction and does not enable privilege escalation or data theft, making it suitable for denial-of-service attacks against the host virtualization platform. No patch is currently available for this medium-severity flaw.

Technical ContextAI

Classified as CWE-787 (Out-of-bounds Write). Affects VMware Workstation 25H1 and below on any platform. Out-of-bound write vulnerability in VMware Workstation 25H1 and below on any platform allows an actor with non-administrative privileges on a guest VM to terminate certain Workstation processes.

Affected ProductsAI

Product: VMware Workstation 25H1 and below on any platform.

RemediationAI

Monitor vendor advisories for a patch. Enable ASLR, DEP/NX, and stack canaries where possible.

Share

CVE-2026-22716 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy