CVE-2026-22717

LOW EPSS 6.4%

Published Feb 27, 20264mo ago · Modified Apr 15, 20262mo ago

2.7 CVSS 3.1

Low

Published Feb 27, 2026 4mo ago

Last Modified Apr 15, 2026 2mo ago

Description

Out-of-bound read vulnerability in VMware Workstation 25H1 and below on any platform allows an actor with non-administrative privileges on a guest VM to obtain limited information disclosure from the machine where VMware Workstation is installed.

CVSS Details

Base Score

2.7

Exploitability

1.0

Impact

1.4

Vector string

CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N

Attack Vector Local

Attack Complexity High

Privileges Required None

User Interaction Required

Scope Changed

Confidentiality Low

Integrity None

Availability None

Threat Intelligence

EPSS Exploit Probability

6.4% percentile

Exploit & Patch Status

No Known Exploit

No Patch Available

Weaknesses 1

CWE-125 Out-of-bounds Read Memory Safety

References 1

support.broadcom.com https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36986

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.