VMware Workstation/Fusion VM Network Packet Interception Flaw
CVE-2026-22715 Published on February 26, 2026

VMware Workstation/Fusion NAT vulnerability
VMWare Workstation and Fusion contain a logic flaw in the management of network packets. Known attack vectors: A malicious actor with administrative privileges on a Guest VM may be able to interrupt or intercept network connections of other Guest VM's. Resolution: To remediate CVE-2026-22715 please upgrade to VMware Workstation or Fusion Version 25H2U1

Vendor Advisory NVD

Vulnerability Analysis

Attack Vector:

ADJACENT_NETWORK

Attack Complexity:

HIGH

Privileges Required:

NONE

User Interaction:

NONE

Scope:

UNCHANGED

Confidentiality Impact:

NONE

Integrity Impact:

HIGH

Availability Impact:

LOW

Products Associated with CVE-2026-22715

stack.watch emails you whenever new vulnerabilities are published in VMware Workstation or VMware Fusion. Just hit a watch button to start following.

VMware Workstation

VMware Fusion

Affected Versions

VMware Workstation:

Version 17.0 and below 25H2U1 is affected.
Version 25H2U1 is unaffected.

VMware Fusion:

Version 13.0 and below 25H2U1 is affected.
Version 25H2U1 is unaffected.

VMware Workstation/Fusion VM Network Packet Interception FlawCVE-2026-22715 Published on February 26, 2026

Vulnerability Analysis

Products Associated with CVE-2026-22715

Affected Versions

VMware Workstation/Fusion VM Network Packet Interception Flaw
CVE-2026-22715 Published on February 26, 2026