BROADCOM has addressed seven vulnerabilities in VMware Avi Load Balancer, with the most severe being CVE-2026-47865, rated CVSS 9.8, which allows unauthenticated network attackers to bypass authentication and reach the Avi Control plane. Other vulnerabilities include code execution flaws and privilege escalation issues. The affected versions range from 22.1.1 to 31.2.6, and an upgrade to version 32.1.2 is recommended as there are no workarounds available. No confirmed exploitation has been reported.
Broadcom patches Avi Load Balancer auth bypass CVE-2026-47865
CyberSIXT Evidence Panel
Article by CyberSIXT
Timeline Coverage
Swipe to explore timeline
-
Broadcom fixes critical VMware Avi LB flaws, CVE-2026-47865
cybersixt.com
-
Broadcom patches Avi Load Balancer auth bypass CVE-2026-47865
securityonline.info