• CVE-2026-24061 is published which affects telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a "-f root" value for the USER environment variable.

VMware vCenter Server
VMware vSphere ESXi

VMware By Broadcom is aware of CVE-2026-24061. Please refer to the release notes for existing and forthcoming product releases for any updates in relation to this CVE.

Should you require further information please contact Broadcom Support.