The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a critical security flaw affecting Broadcom VMware vCenter Server that was patched in June 2024 to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The vulnerability in question is CVE-2024-37079 (CVSS score: 9.8), which refers to a heap overflow in the
![]()
source https://thehackernews.com/2026/01/cisa-adds-actively-exploited-vmware.html
source https://thehackernews.com/2026/01/cisa-adds-actively-exploited-vmware.html