CISA Flags VMware Aria Operations RCE Flaw as Exploited in Attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a VMware Aria Operations remote code execution (RCE) vulnerability, tracked as CVE-2026-22719, to its Known Exploited Vulnerabilities catalog. The flaw has been confirmed as actively exploited in attacks. No specific details regarding the timing, threat actors, or scope of exploitation were provided. The vulnerability affects VMware Aria Operations, a platform used for IT operations management. CISA’s inclusion in the catalog indicates the flaw poses a significant risk to federal and critical infrastructure systems.