Virtualization Security Archives • Daily CyberSecurity

Root Access Race: TOCTOU Vulnerability (CVE-2026-41702) Hits VMware Fusion VMware Fusion Privilege Escalation CVE-2026-41702 TOCTOU VMware Vulnerabilities, Broadcom Security CVE-2024-38814 - VMware HCX CVE-2025-22224, CVE-2025-22225, and CVE-2025-22226

VMware Fusion Privilege Escalation CVE-2026-41702 TOCTOU VMware Vulnerabilities, Broadcom Security CVE-2024-38814 - VMware HCX CVE-2025-22224, CVE-2025-22225, and CVE-2025-22226

Root Access Race: TOCTOU Vulnerability (CVE-2026-41702) Hits VMware Fusion

Do Son May 15, 2026

Broadcom has recently issued a critical alert and accompanying patches for VMware Fusion, addressing a local privilege...

The Shittrix Disclosure: 89 Flaws Collapse 20 Years of Trust in Citrix and XCP-ng Shittrix Disclosure Hypervisor Vulnerabilities

The Shittrix Disclosure: 89 Flaws Collapse 20 Years of Trust in Citrix and XCP-ng

Do Son April 29, 2026

Independent security researcher Jakob Wolffhechel has publicly disclosed 89 vulnerabilities impacting Citrix XenServer/Hypervisor and its open-source counterpart,...

OVN Security Alert: Critical Heap Over-Read Flaws Risk Sensitive Data Leaks OVN Heap Over-read Network Memory Leak

OVN Security Alert: Critical Heap Over-Read Flaws Risk Sensitive Data Leaks

Do Son April 21, 2026

The Open Virtual Network (OVN) team has issued a dual-threat security advisory concerning two critical heap over-read...

Ghost NICs & Secret Knocks: Dell Zero-Day (CVSS 10) Exploited by UNC6201 FortiClient EMS exploitation Cisco FIRESTARTER Backdoor Arcane Door Campaign Dell RecoverPoint Zero-Day UNC6201 Espionage Notepad++ Compromise Supply Chain Attack Magento SessionReaper CVE-2025-54236 ShadowRay 2.0, AI-Generated Malware WordPress Auth Bypass, CVE-2025-5947 Exploited EcoStruxure Vulnerabilities, Industrial Control System UNC5820 - CVE-2014-2120 - CVE-2021-44207

FortiClient EMS exploitation Cisco FIRESTARTER Backdoor Arcane Door Campaign Dell RecoverPoint Zero-Day UNC6201 Espionage Notepad++ Compromise Supply Chain Attack Magento SessionReaper CVE-2025-54236 ShadowRay 2.0, AI-Generated Malware WordPress Auth Bypass, CVE-2025-5947 Exploited EcoStruxure Vulnerabilities, Industrial Control System UNC5820 - CVE-2014-2120 - CVE-2021-44207

Ghost NICs & Secret Knocks: Dell Zero-Day (CVSS 10) Exploited by UNC6201

Do Son February 18, 2026

A high-risk zero-day vulnerability in Dell’s virtualization software has become the playground for a sophisticated espionage campaign....

CISA Alert: Critical VMware vCenter RCE (CVSS 9.8) Now Exploited in the Wild CISA KEV Catalog DarkSword Exploit Draytek Routers VMware vCenter RCE CVE-2024-37079

CISA KEV Catalog DarkSword Exploit Draytek Routers VMware vCenter RCE CVE-2024-37079

CISA Alert: Critical VMware vCenter RCE (CVSS 9.8) Now Exploited in the Wild

Do Son January 25, 2026

The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability affecting Broadcom VMware vCenter Server...

“VM Isolation is Not Absolute”: Researchers Unmask Sophisticated ESXi “Maestro” Exploit GUARDIANWALL MailSuite Exploit CVE-2026-32661 FileZen Vulnerability CVE-2026-25108 Ivanti EPMM Vulnerability Dormant Backdoor Fortinet Authentication Bypass CVE-2026-24858 VMware vCenter Server Flaw CVE-2025-21590

GUARDIANWALL MailSuite Exploit CVE-2026-32661 FileZen Vulnerability CVE-2026-25108 Ivanti EPMM Vulnerability Dormant Backdoor Fortinet Authentication Bypass CVE-2026-24858 VMware vCenter Server Flaw CVE-2025-21590

“VM Isolation is Not Absolute”: Researchers Unmask Sophisticated ESXi “Maestro” Exploit

Do Son January 8, 2026

In a new report, the Huntress Tactical Response Team details a sophisticated intrusion discovered in December 2025...

PoC Unleashed: Linux vsock Flaw Enables Privilege Escalation to Root vsock privilege escalation

PoC Unleashed: Linux vsock Flaw Enables Privilege Escalation to Root

Do Son June 4, 2025

Independent researcher V4bel published the technical details and a proof-of-concept exploit code for a Linux kernel vulnerability,...

Critical Alert 2 Active Exploits Detected Today

Root Access Race: TOCTOU Vulnerability (CVE-2026-41702) Hits VMware Fusion

The Shittrix Disclosure: 89 Flaws Collapse 20 Years of Trust in Citrix and XCP-ng

OVN Security Alert: Critical Heap Over-Read Flaws Risk Sensitive Data Leaks

Ghost NICs & Secret Knocks: Dell Zero-Day (CVSS 10) Exploited by UNC6201

CISA Alert: Critical VMware vCenter RCE (CVSS 9.8) Now Exploited in the Wild

“VM Isolation is Not Absolute”: Researchers Unmask Sophisticated ESXi “Maestro” Exploit

PoC Unleashed: Linux vsock Flaw Enables Privilege Escalation to Root