Remote Code Execution Vulnerability in VMware Avi Load Balancer
CVE-2026-47867

8.7HIGH

Key Information:

Vendor

Vmware

Vendor
CVE Published:
18 July 2026

What is CVE-2026-47867?

A remote code execution vulnerability exists in VMware Avi Load Balancer that allows an attacker with network access to the Avi Control plane to execute arbitrary code. Users of affected versions should promptly update to the fixed releases to mitigate potential security risks.

Affected Version(s)

Avi Load Balancer 32.1.1

Avi Load Balancer 31.1.1 <= 31.2.2

Avi Load Balancer 30.1.1 <= 30.2.6

References

CVSS V3.1

Score:
8.7
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.