{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/tags/aria-operations/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cves":[],"_cs_exploited":false,"_cs_products":[],"_cs_severities":["critical"],"_cs_tags":["vmware","aria-operations","rce","privilege-escalation"],"_cs_type":"advisory","_cs_vendors":[],"content_html":"\u003cp\u003eBroadcom released an advisory in February 2026 addressing three vulnerabilities in VMware Aria Operations, Cloud Foundation, Telco Cloud Platform, and Telco Cloud Infrastructure. CVE-2026-22719 (CVSS 8.1) is a command injection vulnerability in Aria Operations that can lead to RCE if exploited during a support-assisted product migration. CVE-2026-22720 (CVSS 8.0) is a cross-site scripting vulnerability where a malicious actor with privileges to create custom benchmarks may be able to inject…\u003c/p\u003e\n","date_modified":"2026-02-25T15:21:35Z","date_published":"2026-02-25T15:21:35Z","id":"/briefs/2026-02-vmware-aria-rce/","summary":"Multiple vulnerabilities in VMware Aria Operations, Cloud Foundation, and Telco Cloud Platform/Infrastructure could allow unauthenticated remote code execution (CVE-2026-22719) and privilege escalation (CVE-2026-22720, CVE-2026-22721).","title":"VMware Aria Operations Vulnerabilities Allow Remote Code Execution and Privilege Escalation","url":"https://feed.craftedsignal.io/briefs/2026-02-vmware-aria-rce/"}],"language":"en","title":"CraftedSignal Threat Feed — Aria-Operations","version":"https://jsonfeed.org/version/1.1"}