Serial number: AV26-054
Date: January 26, 2026
Between January 19 and 25, 2026, VMware published security advisories to address vulnerabilities in multiple Tanzu products.
- AI Services for VMware Tanzu Platform – versions prior to 10.3.3
- Elastic Application Runtime for VMware Tanzu Platform – versions prior to 6.0.24+LTS-T
- Elastic Application Runtime for VMware Tanzu Platform – versions prior to 10.3.4
- Elastic Application Runtime for VMware Tanzu Platform – versions prior to 10.2.7+LTS-T
- Extended App Support for Tanzu Platform – versions prior to 1.0.12
- PHP Buildpack – versions prior to 4.6.62
- VMware Tanzu Cloud Native Buildpack – versions prior to 0.6.3
- VMware Tanzu Greenplum Backup and Restore – versions prior to 1.32.30
- VMware Tanzu .NET Core Buildpack – versions prior to 2.4.73, 2.4.76 and 2.4.77
- VMware Tanzu NodeJS Buildpack – versions prior to 1.8.73
The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.