Critical Alert 1 Active Exploit Detected Today

CVE-2026-28318 SolarWinds Serv-U Uncontrolled Resource Consumption Vulnerability →
Powered by CVE Watchtower
×
June 6, 2026

CVE Watchtower


← Back to CVE List

CVE-2025-22244NVD

Vulnerability Summary

VMware NSX contains a stored Cross-Site Scripting (XSS) vulnerability in the gateway firewall due to improper input validation.
Severity Level
MEDIUM(6.9)
Published Date
Jun 4, 2025
Last Modified
Jul 14, 2025
Exploitation Status
????
EPSS Score (30-Day)
Data Pending
Root Weakness (CWE)
CWE-79: Cross-site Scripting (XSS) β†—
The software does not neutralize user-controllable input before it is placed in output that is used as a web page.
CVSS v3.1 Base Metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredHigh
User InteractionRequired
ScopeChanged
ConfidentialityLow
IntegrityHigh
AvailabilityNone

External References