CVE-2026-22716 MEDIUM

CVE-2026-22716: VMware Workstation out-of-bounds write vulnerability

Vendor Vmware
Product Workstation
Weakness CWE-787
Published February 27, 2026
Last update February 27, 2026

CVSS base score

5.0/10
Attack vector Local
Attack complexity Low
Privileges required None
User interaction Required
Confidentiality None
Integrity Low

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:L

What the vulnerability does

01Description

Out-of-bound write vulnerability in VMware Workstation 25H1 and below on any platform allows an actor with non-administrative privileges on a guest VM to terminate certain Workstation processes.

Key dates

02Disclosure timeline

February 27, 2026 CVE published
February 27, 2026 Record updated