Zero-Days Put Tens of 1,000s of Orgs at Risk for VM Escape Attacks

Three high-severity zero-day vulnerabilities in VMware ESXi/Workstation/Fusion (CVE-2025-22224, CVE-2025-22225, CVE-2025-22226) could be chained to allow a VM escape and compromise hosts or co-tenant VMs; Shadowserver observed ~41,000+ vulnerable ESXi instances, exploitation requires guest admin privileges and chaining of all three flaws, patches are available and no public exploit code has been reported yet.