PatchSiren cyber security CVE debrief
CVE-2026-47869 VMware CVE debrief
CVE-2026-47869 is a remote code execution vulnerability in VMware Avi Load Balancer. A malicious authenticated user with network access may be able to inject and execute code. The vulnerability affects multiple versions of the product, including 32.1.1, 31.1.1 through 31.2.2, 30.1.1 through 30.2.6, and 22.1.1 through 22.1.7. The vendor has released patches to fix the vulnerability.
- Vendor
- VMware
- Product
- Avi Load Balancer
- CVSS
- HIGH 8.7
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-07-18
- Original CVE updated
- 2026-07-18
- Advisory published
- 2026-07-18
- Advisory updated
- 2026-07-18
Who should care
Security teams and administrators responsible for VMware Avi Load Balancer instances should be aware of this vulnerability and take immediate action to mitigate the risk. They should review the supplied official advisory or CVE record to validate affected scope, severity, and vendor guidance.
Technical summary
CVE-2026-47869 is a remote code execution vulnerability in VMware Avi Load Balancer. A malicious authenticated user with network access may be able to inject and execute code. The affected versions are 32.1.1 (fixed in 32.1.2), 31.1.1 through 31.2.2 (fixed in 31.2.2-2p3), 30.1.1 through 30.2.6 (fixed in 30.2.7), and 22.1.1 through 22.1.7 (fixed in 30.2.7). The vulnerability can be mitigated by applying the patches or updates provided by the vendor.
Defensive priority
High
Recommended defensive actions
- Apply the patches or updates provided by the vendor to fix the vulnerability.
- Restrict access to the affected systems to only trusted users.
- Monitor the affected systems for any suspicious activity.
- Consider implementing additional security controls, such as network segmentation or intrusion detection systems.
- Review compensating controls for exposed systems while remediation is scheduled and verified.
- Check relevant monitoring, detection, and logs for exposed assets that need extra review.
- Track exceptions, retest remediated assets, and close the item only after evidence is documented.
Evidence notes
The CVE record was published on 2026-07-18T09:17:08.740Z and has not been modified since then. The NVD entry is currently being reviewed. Security teams should verify the affected versions and take immediate action to mitigate the risk. The affected versions are 32.1.1 (fixed in 32.1.2), 31.1.1 through 31.2.2 (fixed in 31.2.2-2p3), 30.1.1 through 30.2.6 (fixed in 30.2.7), and 22.1.1 through 22.1.7 (fixed in 30.2.7).
Official resources
-
CVE-2026-47869 CVE record
CVE.org
-
CVE-2026-47869 NVD detail
NVD
-
Source item URL
nvd_modified
- Source reference
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-18T09:17:08.740Z and has not been modified since then.