CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

Broadcom VMware security advisory (AV26-625)

critical
Serial number: AV26-625 Date: June 23, 2026 Between June 22 and 23, 2026, Broadcom published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following: VMware Tanzu Data Flow on Kubernetes – versions prior to 2.1.3 VMware Tanzu Greenplum Backup and Restore – versions prior to 1.33.2 VMware Tanzu Greenplum Platform Extension Framework – versions prior to 8.0.1 VMware Tanzu RabbitMQ on Kubernetes – versions prior to 3.13.17 VMware Tanzu RabbitMQ on Kubernetes – versions prior to 4.0.22 VMware Tanzu RabbitMQ on Kubernetes – versions prior to 4.1.13 VMware Tanzu RabbitMQ on Kubernetes – versions prior to 4.2.8 VMware Tanzu RabbitMQ on Kubernetes – versions prior to 4.3.2 VMware Tanzu GemFire – versions prior to 10.1.8 VMware Tanzu RabbitMQ – versions prior to 3.13.17 VMware Tanzu RabbitMQ – versions prior to 4.0.22 VMware Tanzu RabbitMQ – versions prior to 4.1.13 VMware Tanzu RabbitMQ – versions prior to 4.2.8 VMware Tanzu RabbitMQ – versions prior to 4.3.2 VMware Tanzu Greenplum – versions prior to 6.33.2 VMware Tanzu Greenplum – versions prior to 7.8.2 The Cyber Centre encourages users and administrators to review the web link provided and apply the necessary updates. Security Advisories - Tanzu

CSIRTS triage

vendor: Broadcomproduct: VMware TanzuOtheraffected: various versions prior to specified updates
What
Multiple vulnerabilities have been addressed in various VMware Tanzu products.
Who is affected
Users of affected VMware Tanzu products.
Urgency
Remediation is critical due to the nature of the vulnerabilities.
Action
Apply the latest updates for the affected VMware Tanzu products.

AI-assisted analysis generated from the source advisory — verify against the original.

⚡ Watch VMware Tanzu

Get an email when a new VMware Tanzu advisory drops — max one per day, one-click unsubscribe.

Details

Source
Canadian Centre for Cyber Security (CA · national-cert · site)
Severity
critical
Published
2026-06-23
Exploitation
Not in CISA KEV at last sync

Original advisory: https://cyber.gc.ca/en/alerts-advisories/broadcom-vmware-security-advisory-av26-625

More from Canadian Centre for Cyber Security