VDB
CVE-2026-22717
CVE-2026-22717
PUBLISHED
CVSS 2.700000047683716 LOW
Out-of-bound read vulnerability in VMware Workstation 25H1 and below on any platform allows an actor with non-administrative privileges on a guest VM to obtain limited information disclosure from the machine where VMware Workstation is installed.
EPSS 0.01% · 1.1th percentile
Risk Scores
CVSS 3.1
2.700000047683716
CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
EPSS Score
0.01%
1.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| VMware | Workstation | 25H2 |
Exploit Intelligence
- CIRCL seen: CVE-2026-22717 (circl-sighting)
- https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36986 (circl)
- CVE-2025-38347.yara (github-yara)
- CVE-2025-38347.yara (github-yara)
- CVE-2025-38347.yara (github-yara)
- CVE-2025-38347.yara (github-yara)
- CVE-2025-38219.yara (github-yara)
- CVE-2025-38219.yara (github-yara)
- CVE-2025-38219.yara (github-yara)
- CVE-2025-38219.yara (github-yara)
…and 136 more exploits
Timeline
- Oct 5, 2023 PoC Published
- Apr 28, 2025 PoC Published
- Oct 11, 2025 PoC Published
- Oct 12, 2025 PoC Published
- Oct 16, 2025 PoC Published
- Oct 17, 2025 PoC Published
- Oct 21, 2025 PoC Published
- Oct 24, 2025 PoC Published
- Oct 24, 2025 PoC Published
- Oct 24, 2025 PoC Published
- Oct 24, 2025 PoC Published
- Oct 27, 2025 PoC Published
References
- https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37096 advisory
- https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37092 advisory
- https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37102 advisory
- https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37078 advisory
- https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37109 advisory
- https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37087 advisory
- https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37090 advisory
- https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37077 advisory
- https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37098 advisory
- https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37079 advisory
- https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37101 advisory
- https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37104 advisory
- https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37080 advisory
- https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37097 advisory
- https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37083 advisory
- https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37086 advisory
- https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37082 advisory
- https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37100 advisory
- https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37099 advisory
- https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37081 advisory
…and 12 more