// #vmware

2 articles

VMware ESXi Cross-Tenant Code Execution Demonstrated at Pwn2Own Berlin — $200K Prize for Single-Bug Hypervisor Escape

STARLabs SG earned $200,000 at Pwn2Own Berlin 2026 for a single vulnerability enabling cross-tenant code execution on VMware ESXi, allowing code running in one virtual machine to execute in a separate guest VM on the same hypervisor host. The bug has not been assigned a CVE and will not be publicly disclosed for up to 90 days.

May 16, 2026 #vmware +6

🏛️ Architecture

VMware Aria Operations CVE-2026-22719 — CISA KEV With Federal Deadline Tomorrow

CISA has added CVE-2026-22719, a command injection vulnerability in VMware Aria Operations, to the Known Exploited Vulnerabilities catalogue with a federal agency patch deadline of 24 March. The flaw allows unauthenticated remote attackers to execute arbitrary commands on the management infrastructure and was patched by Broadcom in February — but active exploitation has been confirmed before many organisations applied the fix.

Mar 23, 2026 #vmware +7

Commentary tagged #vmware

Opinion

Hypervisor Escapes Should Change How Enterprise Architects Design Isolation — They Rarely Do

VMware ESXi cross-tenant code execution at Pwn2Own Berlin 2026 demonstrates again that virtualisation is not a security boundary. Yet enterprise architecture continues to treat hypervisor isolation as equivalent to physical isolation. The security implication of this assumption has been known for years and consistently under-acted upon.

CipherWatch Editorial

Security Intelligence Platform

May 17, 2026