关键漏洞信息 Vulnerability Summary Advisory ID: VMSA-2026-0001 Advisory Severity: Important CVSSv3 Range: 6.2 - 8.1 Impact: Multiple vulnerabilities in VMware Aria Operations Patches Available: Yes --- Affected Products and Versions VMware Aria Operations: - Version: 8.x - Affected CVEs: CVE-2026-22719, CVE-2026-22720, CVE-2026-22721 --- Vulnerability Details 1. CVE-2026-22719: - Description: Command injection vulnerability. - Severity: Important - CVSSv3 Score: 8.1 - Resolution: Apply relevant patches or workarounds. 2. CVE-2026-22720: - Description: Stored cross-site scripting vulnerability. - Severity: Important - CVSSv3 Score: 8.0 - Resolution: Apply relevant patches. 3. CVE-2026-22721: - Description: Privilege escalation vulnerability. - Severity: Moderate - CVSSv3 Score: 6.2 - Resolution: Apply relevant patches. --- Additional Information Workarounds: Specific workarounds are outlined in the document for CVE-2026-22719. Acknowledgements: Thanks to private reporters and partners.