CVE-2026-47865
VMware Avi Load Balancer Authentication Bypass Vulnerability
CVSS Score
9.8
EPSS Score
0.0%
EPSS Percentile
0th
VMware Avi Load Balancer contains an authentication bypass vulnerability. A malicious user with network access may be able to access the Avi Control plane by bypassing the authentication mechanism. Affected versions: 31.1.1 through 31.2.2 (fixed in 31.2.2-2p3) 30.1.1 through 30.2.6 (fixed in 30.2.7) 22.1.1 through 22.1.7 (fixed in 30.2.7)
| CWE | CWE-287 |
| Vendor | vmware |
| Product | avi load balancer |
| Ecosystems | |
| Industries | TechnologyEnterprise |
| Published | Jul 18, 2026 |
Stay Ahead of the Next One
Get instant alerts for vmware avi load balancer
Be the first to know when new critical vulnerabilities affecting vmware avi load balancer are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Affected Versions
VMware / Avi Load Balancer
31.1.1 โค 31.2.2 30.1.1 โค 30.2.6 22.1.1 โค 22.1.7