VMware Workstation 25H1 and below may leak confidential info from host

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

2.7

VMware Workstation 25H1 and below may leak confidential info from host

CVE-2026-22717

Summary

Non-admin users on a guest VM can access some host machine information. This could potentially expose confidential data. VMware Workstation users should update to the latest version to fix the issue.

Original title

Out-of-bound read vulnerability in VMware Workstation 25H1 and below on any platform allows an actor with non-administrative privileges on a guest VM to obtain limited information disclosure from t...

Original description

nvd CVSS3.1 2.7

Vulnerability type

CWE-125 Out-of-bounds Read

https://support.broadcom.com/web/ecx/support-content-notification/-/external/con...

Published: 27 Feb 2026 · Updated: 12 Mar 2026 · First seen: 6 Mar 2026