Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Broadcom security patch release for CVE-2025-41244

Security Patch Release
First reported
Last updated
Happening score
H score 54
3 unique sources, 3 articles

Summary

Hide ▲

Broadcom released patches on Sept. 29 for CVE-2025-41244, CVE-2025-41245, and CVE-2025-41246 affecting VMware Aria Operations and VMware Tools. The update matters because CVE-2025-41244 was later linked to zero-day exploitation in the wild, raising the risk of privilege escalation on affected systems. Customers are being told to move to the latest version because no workarounds or mitigations are available.

Related Happenings

Pretalx version 2026.1.0 security update for CVE-2026-41241

Security Patch Release
First: 27.05.2026 17:30 Last: 27.05.2026 17:30 Sources 1

About this happening: **Pretalx** released **version 2026.1.0** to patch **CVE-2026-41241**, a **stored XSS** flaw that could compromise organizer accounts in conference deployments. The update closes...

Open Happening

Microsoft security patch release for CVE-2026-45659

Security Patch Release
First: 26.05.2026 14:49 Last: 26.05.2026 14:49 Sources 1

About this happening: Microsoft released **SharePoint** updates for **CVE-2026-45659**, a **remote code execution** flaw that could let an authenticated attacker run code over the network without eleva...

Open Happening

Drupal core security update for CVE-2026-9082

Security Patch Release
First: 22.05.2026 16:14 Last: 22.05.2026 16:14 Sources 1

About this happening: **Drupal** released security updates for **CVE-2026-9082**, a highly critical SQL injection flaw affecting **PostgreSQL**-backed sites, and urged administrators to **upgrade immed...

Open Happening

TrendAI Trend Micro’s enterprise business security patch release for CVE-2026-34926

Security Patch Release
First: 22.05.2026 11:19 Last: 22.05.2026 11:19 Sources 1

About this happening: **TrendAI** released **Apex One** security updates after confirming a **zero-day** had been **exploited in the wild**, leaving **on-premises installations** at risk until patched....

Open Happening

Cisco Secure Workload REST API patch release (CVE-2026-20223)

Security Patch Release
First: 22.05.2026 08:36 Last: 22.05.2026 08:36 Sources 1

About this happening: Cisco patched **CVE-2026-20223**, a **CVSS 10.0** Secure Workload REST API flaw that could expose sensitive data and allow configuration changes across tenant boundaries. The upda...

Open Happening

Timeline

  1. 31.10.2025 09:09 1 articles · 6mo ago

    CISA adds CVE-2025-41244 to KEV after VMware zero-day exploitation

    Exploitation Observed

    CISA added CVE-2025-41244 affecting Broadcom VMware Tools and VMware Aria Operations to the Known Exploited Vulnerabilities catalog after reports of active exploitation in the wild. NVISO Labs says the flaw was used as a zero-day since mid-October 2024 and links the activity to the China-linked UNC5174.

    Show sources
    Open in new tab
  2. 30.09.2025 22:41 3 articles · 7mo ago

    Broadcom security patch release for CVE-2025-41244

    Initial Disclosure

    On **Sept. 29, 2025**, Broadcom issued a coordinated advisory and released patches for **CVE-2025-41244**, **CVE-2025-41245**, and **CVE-2025-41246**. The initial remediation step was to update affected **VMware Aria Operations** and **VMware Tools** installations to the latest version.

    Show sources
    Open in new tab