VMware vCenter Server RCE — unauthenticated attackers on the network can execute commands as root on vCenter. Patch immediately. APT groups actively used this to compromise virtual infrastructure and pivot to hosted VMs.
The vSphere Client (HTML5) contains a remote code execution vulnerability due to lack of input validation in the Virtual SAN Health Check plug-in.
Supernova subscribers receive AI-triaged CVE alerts the moment they're published — before the PoC drops.
Start Supernova — $99/mo →