CVE-2025-41236 CRITICAL

CVE-2025-41236: VMXNET3 integer-overflow vulnerability

Vendor Vmware

Product ESXi

Weakness CWE-787

Published July 15, 2025

Last update February 26, 2026

View on NVD All CVEs

CVSS base score

9.3/10

Attack vector Local

Attack complexity Low

Privileges required None

User interaction None

Confidentiality High

Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

What the vulnerability does

01Description

VMware ESXi, Workstation, and Fusion contain an integer-overflow vulnerability in the VMXNET3 virtual network adapter. A malicious actor with local administrative privileges on a virtual machine with VMXNET3 virtual network adapter may exploit this issue to execute code on the host. Non VMXNET3 virtual adapters are not affected by this issue.

Key dates

02Disclosure timeline

July 15, 2025 CVE published

February 26, 2026 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2025-41236 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/787.html

Related vulnerabilities

Identifiers

CVE CVE-2025-41236

CWE CWE-787

CVSS 9.3 / CRITICAL

Affected versions

Vendor Vmware

Product ESXi

Affected ≥ 8.0 and < ESXi80U3f-24784735

Vendor Vmware

Product ESXi

Affected ≥ 8.0 and < ESXi80U2e-24789317

Vendor Vmware

Product ESXi

Affected ≥ 7.0 and < ESXi70U3w-24784741

Vendor Vmware

Product Cloud Foundation

Affected 5.x, 4.5.x

Vendor Vmware

Product Workstation

Affected ≥ 17.x and < 17.6.4

Vendor Vmware

Product Fusion

Affected ≥ 13.x and ≤ 13.6.4

Vendor Vmware

Product Telco Cloud Platform

Affected 5.x, 4.x, 3.x, 2.x

Vendor Vmware

Product Telco Cloud Infrastructure

Affected 3.x, 2.x

CVE-2025-41236: VMXNET3 integer-overflow vulnerability

01Description

02Disclosure timeline

03References

04Related CVE