Product Release Advisory - VMware Tanzu GemFire Management Console 1.4.5

Product/Component

VMware Tanzu Data Intelligence

3 more products

Notification Id

37582

Last Updated

02 June 2026

Initial Publication Date

02 June 2026

Status

CLOSED

Severity

CRITICAL

CVSS Base Score

9.8

WorkAround

Affected CVE

Product Release Advisory

Advisory ID:	TNZ-2026-0282
Severity:	Critical
Issue Date:	2026-06-02
Updated on:	2026-006-02
Synopsis	Updated Spring Boot, Apache Tomcat, Netty, Reactor Netty and BouncyCastle libraries to address security vulnerabilities

Product Version Release Advisory

VMware Tanzu GemFire Management Console Release 1.4.5
https://techdocs.broadcom.com/us/en/vmware-tanzu/data-solutions/tanzu-gemfire-management-console/1-4/gf-mc/release_notes.html

Security Fixes

This release has the following security fixes, listed by component and area.

Component

Vulnerabilities Resolved

vmware-gemfire-management-console

CVE-2026-42581 (Critical)

CVE-2026-41293 (Critical)

CVE-2026-43512 (Critical)

CVE-2026-43515 (Critical)

CVE-2026-5598 (Critical)

CVE-2025-14813 (High)

CVE-2026-42578 (High)

CVE-2026-42583 (High)

CVE-2026-42582 (High)

CVE-2026-42577 (High)

CVE-2026-42579 (High)

CVE-2026-42587 (High)

CVE-2026-41284 (High)

CVE-2026-43513 (High)

CVE-2026-3505 (High)

CVE-2026-42584 (High)

CVE-2026-42498 (High)

CVE-2026-40973 (High)

CVE-2026-42586 (Medium)

CVE-2026-42580 (Medium)

CVE-2026-42585 (Medium)

CVE-2026-0636 (Medium)

CVE-2026-41417 (Medium)

CVE-2026-44248 (Medium)

CVE-2026-5588 (Medium)

History

2026-06-02: Initial vulnerability report published.

Contact

E-mail: [email protected]

VMware Tanzu Security Advisories
https://tanzu.vmware.com/security