Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Broadcom VMware vCenter Server DCE/RPC heap overflow actively exploited remote code execution flaw (CVE-2024-37079)

Vulnerability
First reported
Last updated
Happening score
H score 44
2 unique sources, 2 articles

Summary

Hide ▲

CISA added CVE-2024-37079 affecting Broadcom VMware vCenter Server to its KEV catalog after confirming active exploitation in the wild. The critical DCE/RPC heap overflow can let a network-access attacker achieve remote code execution by sending a specially crafted network packet. Broadcom patched the flaw in June 2024, and federal agencies were later told to update by February 13, 2026.

Related Happenings

Linux kernel Dirty Frag local root escalation privilege-escalation flaw

Vulnerability
First: 08.05.2026 10:45 Last: 08.05.2026 10:45 Sources 1

About this happening: **Dirty Frag** is a newly disclosed **Linux kernel** zero-day that can give **local attackers root privileges** on **most major Linux distributions**. The flaw is anchored in the...

Open Happening

F5 BIG-IP APM active exploitation wave (CVE-2025-53521)

Exploitation Wave
First: 02.04.2026 11:25 Last: 02.04.2026 11:25 Sources 1

About this happening: As of **2026-04-02**, ongoing attacks are exploiting **CVE-2025-53521** against **F5 BIG-IP APM** systems, leaving more than **14,000** exposed online and at risk of remote code e...

Open Happening

Oracle WebLogic Server CVE-2026-21962 rapid exploitation wave

Exploitation Wave
First: 26.03.2026 18:00 Last: 26.03.2026 18:00 Sources 1

About this happening: **Oracle WebLogic Server** systems faced a rapid **CVE-2026-21962** exploitation wave after public exploit code appeared, creating immediate **RCE risk** for exposed servers. The...

Open Happening

CISA KEV remediation deadline for CVE-2026-22719

Public Sector Action
First: 04.03.2026 06:35 Last: 04.03.2026 06:35 Sources 1

About this happening: The **U.S. Cybersecurity and Infrastructure Security Agency (CISA)** added **CVE-2026-22719** to the **Known Exploited Vulnerabilities (KEV) catalog**, requiring **Federal Civilia...

Open Happening

Sangoma FreePBX web shell exploitation wave (CVE-2025-64328)

Exploitation Wave
First: 27.02.2026 19:59 Last: 27.02.2026 19:59 Sources 1

About this happening: More than **900 Sangoma FreePBX** instances remain **web-shell infected** after an **ongoing exploitation wave** tied to **CVE-2025-64328**. The affected systems span the **U.S.**...

Open Happening

Timeline

  1. 24.01.2026 10:09 2 articles · 4mo ago

    CISA adds CVE-2024-37079 to KEV after active exploitation

    Legal Policy Action Update

    CISA adds CVE-2024-37079 affecting Broadcom VMware vCenter Server to the Known Exploited Vulnerabilities catalog after evidence of active exploitation in the wild. The critical DCE/RPC heap overflow, patched by Broadcom in June 2024, can let a network-access attacker achieve remote code execution by sending a specially crafted network packet, and Broadcom later updated its advisory to confirm in-the-wild abuse. Federal Civilian Executive Branch agencies must update to the latest version by February 13, 2026.

    Show sources
    Open in new tab