Skip to content
  • Home
  • Cyber Map
  • About Us – Contact
  • Disclaimer
  • Terms and Rules
  • Privacy Policy
Cyber Web Spider Blog – News

Cyber Web Spider Blog – News

Globe Threat Map provides a real-time, interactive 3D visualization of global cyber threats. Monitor DDoS attacks, malware, and hacking attempts with geo-located arcs on a rotating globe. Stay informed with live logs and archive stats.

  • Home
  • Cyber Map
  • Cyber Security News
  • Security Week News
  • The Hacker News
  • How To?
  • Toggle search form
Critical Fixes for VMware Avi Load Balancer Vulnerabilities

Critical Fixes for VMware Avi Load Balancer Vulnerabilities

Posted on July 14, 2026 By CWS

Broadcom has released new updates addressing multiple critical and high-severity vulnerabilities in the VMware Avi Load Balancer. This software-defined platform is crucial for load balancing and securing applications across hybrid and multi-cloud environments.

Discovery of Critical Vulnerabilities

Recent findings by two external researchers have revealed seven significant vulnerabilities in the VMware product. Filip Waeytens, associated with NATO’s technology and cyber hub, identified a critical flaw (CVE-2026-47865) that allows attackers with network access to bypass authentication and compromise the Avi control plane.

High-Severity Flaws Uncovered

Waeytens also reported three high-severity vulnerabilities, which could lead to authentication bypass, arbitrary code execution, and privilege escalation to root. These issues, identified as CVE-2026-47866, CVE-2026-47867, and CVE-2026-47868, require network or local access for exploitation.

Additionally, Lang Khuong Duy from Viettel IDC found two high-severity bugs that can be used for directory traversal attacks (CVE-2026-47871) and privilege escalation (CVE-2026-47870). Both researchers have been acknowledged for their contributions.

Importance of Immediate Updates

Another vulnerability, CVE-2026-47869, reported jointly by Lang and Waeytens, involves remote code execution, exploitable by authenticated attackers with network access. While there are no known active exploits for these vulnerabilities, organizations are urged to apply the latest patches promptly to prevent potential attacks.

Historically, VMware product vulnerabilities have been targeted by threat actors, making timely updates critical for maintaining security. Staying ahead of potential threats by implementing these patches is essential for organizations utilizing VMware Avi Load Balancer.

For more information on related security updates, see our articles on recent VMware Fusion and VMware Aria Operations vulnerabilities.

Security Week News Tags:authentication bypass, Avi Load Balancer, Broadcom, critical patches, Cybersecurity, directory traversal, NATO, network security, privilege escalation, remote code execution, software vulnerabilities, Viettel IDC, VMware, vulnerability management

Post navigation

Previous Post: RabbitMQ Vulnerabilities Expose OAuth Secrets, Threaten Security
Next Post: CISA Alerts on Cisco IOS Vulnerability Exploitation

Related Posts

Chinese Cyberspies Deploy ‘BadAudio’ Malware via Supply Chain Attacks Chinese Cyberspies Deploy ‘BadAudio’ Malware via Supply Chain Attacks Security Week News
ForceMemo Campaign Exploits GitHub for Malware Injection ForceMemo Campaign Exploits GitHub for Malware Injection Security Week News
Depthfirst Secures M in Series B to Enhance AI Security Depthfirst Secures $80M in Series B to Enhance AI Security Security Week News
Klue Data Breach Expands Amidst Hacker Dispute Klue Data Breach Expands Amidst Hacker Dispute Security Week News
Hackers Inject Malware Into Gravity Forms WordPress Plugin  Hackers Inject Malware Into Gravity Forms WordPress Plugin  Security Week News
iMessage Zero-Click Attacks Suspected in Targeting of High-Value EU, US Individuals iMessage Zero-Click Attacks Suspected in Targeting of High-Value EU, US Individuals Security Week News

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Recent Posts

  • CISA Alerts on Cisco IOS Vulnerability Exploitation
  • Critical Fixes for VMware Avi Load Balancer Vulnerabilities
  • RabbitMQ Vulnerabilities Expose OAuth Secrets, Threaten Security
  • Qilin Ransomware Exploits Active Directory with DCSync
  • Critical Flaws in Claude for Chrome Allow Unauthorized Access

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Archives

  • July 2026
  • June 2026
  • May 2026
  • April 2026
  • March 2026
  • February 2026
  • January 2026
  • December 2025
  • November 2025
  • October 2025
  • September 2025
  • August 2025
  • July 2025
  • June 2025
  • May 2025

Recent Posts

  • CISA Alerts on Cisco IOS Vulnerability Exploitation
  • Critical Fixes for VMware Avi Load Balancer Vulnerabilities
  • RabbitMQ Vulnerabilities Expose OAuth Secrets, Threaten Security
  • Qilin Ransomware Exploits Active Directory with DCSync
  • Critical Flaws in Claude for Chrome Allow Unauthorized Access

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Copyright © 2026 Cyber Web Spider Blog – News.

Powered by PressBook Masonry Dark