Improper Authentication in VMware Avi Load Balancer - CVE-2026-47866
Published: July 14, 2026
VMware Avi Load Balancer
Detailed vulnerability description
The vulnerability allows a remote user to bypass authentication and access a limited subset of the Avi Control Plane.
The vulnerability exists due to improper authentication in the authentication mechanism when handling network requests to the Avi Control Plane. A remote user can send crafted requests to bypass authentication and access a limited subset of the Avi Control Plane.