CISA Adds VMware Aria Operations RCE Flaw to KEV Catalog After Active Exploitation

CISA Adds VMware Aria Operations RCE Flaw to KEV Catalog After Active Exploitation CISA has added CVE-2026-22719 to its Known Exploited Vulnerabilities (KEV) catalog, confirming that a critical remote code execution flaw in VMware Aria Operations is being actively exploited in the wild. Federal agencies are now required to patch by March 18, 2026 under Binding Operational Directive 22-01. The Vulnerability CVE-2026-22719 is a command injection vulnerability (CWE-77) in VMware Aria Operations (formerly vRealize Operations) with a CVSS score of 8.1 (HIGH) . Key Details Attribute Detail CVE CVE-2026-22719 CVSS 8.1 (HIGH) CWE CWE-77 (Command Injection) Product VMware Aria Operations Vendor Broadcom (VMware) Advisory Broadcom KB 430349 KEV Added March 3, 2026 Patch Deadline March 18, 2026 (FCEB agencies) VMware Aria Operations is a widely deployed infrastructure monitoring and management platform used across enterprise data centers and cloud environments. It provides performance monitoring,