CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vmware: >> Fusion >> 13.6 Security Vulnerabilities

CVE-2026-41702

VMware Fusion contains a TOCTOU (Time-of-check Time-of-use) vulnerability that occurs during an operation performed by a SETUID binary. A malicious actor with local non-administrative user privileges may exploit this vulnerability to escalate privileges to root on the system where Fusion is installed.

CVSS Score

7.8

EPSS Score

0.001

Published

2026-05-15

CVE-2025-22226

Known exploited

VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability due to an out-of-bounds read in HGFS. A malicious actor with administrative privileges to a virtual machine may be able to exploit this issue to leak memory from the vmx process.

CVSS Score

7.1

EPSS Score

0.017

Published

2025-03-04

Page 1

Vulnerabilities

Vulnerable Software

Vmware: >> Fusion >> 13.6 Security Vulnerabilities

Products

Pricing

Contact Us