VMSA-2026-0004: VMware Cloud Foundation Operations updates address multiple vulnerabilities (CVE-2026-41722, CVE-2026-41723 and CVE-2026-41724)
37513
08 June 2026
08 June 2026
OPEN
HIGH
8.0
None
CVE-2026-41722, CVE-2026-41723 and CVE-2026-41724
| Advisory ID: |
VMSA-2026-0004 |
| Advisory Severity: | Important |
| CVSSv3 Range: | 8.0 |
| Synopsis: | VMware Cloud Foundation Operations updates address multiple vulnerabilities (CVE-2026-41722, CVE-2026-41723 and CVE-2026-41724) |
| Issue date: | 2026-06-08 |
| Updated on: | 2026-06-08 (Initial advisory) |
| CVE(s) | CVE-2026-41722, CVE-2026-41723 and CVE-2026-41724 |
1. Impacted Products
- VMware Aria Operations
- VMware Cloud Foundation Operations
- VMware Cloud Foundation
- VMware vSphere Foundation
- VMware Telco Cloud Platform
2. Introduction
Multiple vulnerabilities in VMware Cloud Foundation Operations were privately reported to Broadcom. Patches and updates are available to remediate these vulnerabilities in affected Broadcom products.
3a. VMware Cloud Foundation Operations multiple stored cross site scripting vulnerabilities (CVE-2026-41722, CVE-2026-41723, CVE-2026-41724)
Description:
VMware Cloud Foundation Operations contains multiple stored cross-site scripting vulnerabilities. Broadcom has evaluated the severity of these issues to be in the Important severity range with a maximum CVSSv3 base score of 8.0.
Known Attack Vectors:
A malicious actor with privileges to create policies, views or text-widgets may be able to inject scripts to perform administrative actions in VMware Cloud Foundation Operations.
Resolution:
To remediate CVE-2026-41722, CVE-2026-41723 and CVE-2026-41724 apply the patches listed in the 'Fixed Version' column of the 'Response Matrix' found below.
Workarounds:
None.
Additional Documentation:
None.
Acknowledgements:
Broadcom would like to thank Alexis Bernazzani (Visa Inc.) for reporting these issues to us.
Notes:
None.
Response Matrix 3(a):
| Product | Component | Version | Running On | CVE | CVSSv3 | Severity | Fixed Version | Workaround | Additional Documents |
|
VMware Cloud Foundation VMware vSphere Foundation |
VMware Cloud Foundation Operations | 9.1.x.x | Any |
CVE-2026-41722, CVE-2026-41723 |
8.0, 8.0 | Important | None | None | |
|
VMware Cloud Foundation VMware vSphere Foundation |
VMware Cloud Foundation Operations | 9.0.x.x | Any |
CVE-2026-41722, CVE-2026-41723 |
8.0, 8.0 | Important | None | None | |
| VMware Aria Operations | N/A | 8.x | Any |
CVE-2026-41722, CVE-2026-41723 |
8.0, 8.0 | Important | 8.18.6 | None | None |
| VMware Aria Operations | N/A | 8.x | Any |
CVE-2026-41722, CVE-2026-41723, CVE-2026-41724 |
8.0, 8.0, 8.0 | Important | None | None | |
| VMware Cloud Foundation | VMware Aria Operations | 5.x | Any |
CVE-2026-41722, CVE-2026-41723, CVE-2026-41724 |
8.0, 8.0, 8.0 | Important | 8.18.7 | None | None |
| VMware Telco Cloud Platform | VMware Aria Operations | 5.x | Any |
CVE-2026-41722, CVE-2026-41723, CVE-2026-41724 |
8.0, 8.0, 8.0 | Important | KB443138 | None | None |
4. References:
Fixed Version(s) and Release Notes:
VMware Cloud Foundation 9.1.0.0
Downloads and Documentation:
https://techdocs.broadcom.com/us/en/vmware-cis/vcf/vcf-9-0-and-later/9-1/release-notes/vmware-cloud-foundation-9-1-0-0-release-notes.html
https://support.broadcom.com/group/ecx/productfiles?subFamily=VMware%20Cloud%20Foundation&displayGroup=VMware%20Cloud%20Foundation%209&release=9.1.0.0&os=&servicePk=540528&language=EN
VMware vSphere Foundation 9.1.0.0
Downloads and Documentation:
https://techdocs.broadcom.com/us/en/vmware-cis/vcf/vcf-9-0-and-later/9-1/release-notes/vmware-cloud-foundation-9-1-0-0-release-notes.html
VMware Cloud Foundation 9.0.2.0 EP2
Downloads and Documentation:
https://techdocs.broadcom.com/us/en/vmware-cis/vcf/vcf-9-0-and-later/9-0/release-notes/patch-releases-9-0-0-x.html
VMware vSphere Foundation 9.0.2.0 EP2
Downloads and Documentation:
https://techdocs.broadcom.com/us/en/vmware-cis/vcf/vcf-9-0-and-later/9-0/release-notes/patch-releases-9-0-0-x.html
VMware Aria Operations 8.18.7
Downloads and Documentation:
https://techdocs.broadcom.com/us/en/vmware-cis/aria/aria-operations/8-18/vmware-aria-operations-8187-release-notes.html
https://support.broadcom.com/group/ecx/productfiles?subFamily=VMware%20Aria%20Operations&displayGroup=VMware%20Aria%20Operations&release=8.18.7&os=&servicePk=543353&language=EN
VMware Aria Operations 8.18.6
Downloads and Documentation:
https://techdocs.broadcom.com/us/en/vmware-cis/aria/aria-operations/8-18/vmware-aria-operations-8186-release-notes.html
VMware Cloud Foundation 5.x
Downloads and Documentation:
https://knowledge.broadcom.com/external/article?legacyId=88287
VMware Telco Cloud Platform 5.x
Downloads and Documentation
https://knowledge.broadcom.com/external/article/443138
Mitre CVE Dictionary Links:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-41722
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-41723
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-41724
FIRST CVSSv3 Calculator:
CVE-2026-41722: https://www.first.org/cvss/calculator/3-1#CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
CVE-2026-41723: https://www.first.org/cvss/calculator/3-1#CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
CVE-2026-41724: https://www.first.org/cvss/calculator/3-1#CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
5. Change Log:
2026-06-08: VMSA-2026-0004
Initial security advisory.
6. Contact:
E-mail: [email protected]
PGP key
https://knowledge.broadcom.com/external/article/321551
VMware Security Advisories
https://www.broadcom.com/support/vmware-security-advisories
VMware External Vulnerability Response and Remediation Policy
https://www.broadcom.com/support/vmware-services/security-response
VMware Lifecycle Support Phases
https://support.broadcom.com/group/ecx/productlifecycle
VMware Security Blog
https://blogs.vmware.com/security
X
https://x.com/VMwareSRC
Copyright 2026 Broadcom. All rights reserved.