www.securityweek.com 7/14/2026, 2:20:37 PM · external

Broadcom fixes critical VMware Avi LB flaws, CVE-2026-47865

Broadcom fixes critical VMware Avi LB flaws, CVE-2026-47865
Developing story vulnerability 2 articles tracked
VMware Avi Load Balancer authentication bypass flaw (CVE-2026-47865) patched
CyberSIXT Evidence Panel
Primary Source support.broadcom.com
CISA KEV Not in KEV
Patch Patch Status Unknown

BROADCOM has released updates for the VMware Avi Load Balancer to address seven serious vulnerabilities, including a critical authentication bypass (CVE-2026-47865) and others that allow arbitrary code execution or privilege escalation. Two researchers, Filip Waeytens and Lang Khuong Duy, identified high-severity vulnerabilities, urging organizations to apply the updates promptly to mitigate potential exploitation, although no in-the-wild attacks have been reported. The vulnerabilities require network or local access for exploitation.

View Primary Source Via www.securityweek.com

Article by CyberSIXT

Timeline Coverage

Swipe to explore timeline