Broadcom’s VMware Aria bug hits CISA exploited list, setting patch clock for agencies
Washington—March 4, 2026, 11:04 EST The U.S. Cybersecurity and Infrastructure Security Agency flagged a flaw in Broadcom’s VMware Aria Operations software, putting it on its Known Exploited Vulnerabilities list and giving federal civilian agencies until March 24 to patch the issue, according to a U.S. government vulnerability database entry.