CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vmware: >> Fusion >> 11.5.7 Security Vulnerabilities

CVE-2026-41702

VMware Fusion contains a TOCTOU (Time-of-check Time-of-use) vulnerability that occurs during an operation performed by a SETUID binary. A malicious actor with local non-administrative user privileges may exploit this vulnerability to escalate privileges to root on the system where Fusion is installed.

CVSS Score

7.8

EPSS Score

0.001

Published

2026-05-15

CVE-2020-3980

VMware Fusion (11.x) contains a privilege escalation vulnerability due to the way it allows configuring the system wide path. An attacker with normal user privileges may exploit this issue to trick an admin user into executing malicious code on the system where Fusion is installed.

CVSS Score

6.7

EPSS Score

0.003

Published

2020-09-16

Page 1

Vulnerabilities

Vulnerable Software

Vmware: >> Fusion >> 11.5.7 Security Vulnerabilities

Products

Pricing

Contact Us