Multiple high-severity vulnerabilities affecting VMware Cloud Foundation could allow malicious actors to access sensitive data and perform unauthorized actions. The vulnerabilities, assigned CVE IDs CVE-2025-41229, CVE-2025-41230, and CVE-2025-41231 with CVSS base scores ranging from 7.3 to 8.2, posing significant risks to organizations using affected versions of VMware Cloud Foundation. Broadcom reports that the most severe vulnerability (CVE-2025-41229) involves a directory traversal attack vector with a CVSS base score of 8.2.

‍