Originally published by Vali Cyber.
Written by Nathan Montierth.
Recently, three VMware zero-day vulnerabilities (CVE-2025-22224, CVE-2025-22225, CVE-2025-22226) were patched amid concerns of active exploitation. These flaws allow attackers with virtual machine (VM) admin access to escape the guest OS, execute code on the hypervisor, and potentially take control of ESXi hosts—threatening entire multi-tenant cloud and enterprise environments.
Adding to the risk: many endpoi…
