Synced 17 Jun 2026 22:27 UTC Account
← All products

VMware ESXi

VMware / Broadcom · Virtualization
↻ RSS feed
Monitors VMware ESXi and tailors your dashboard to that exact version.
9.1.0.0 · latest cycle85/100 Good

Summary iPlain-English security verdict for VMware ESXi, generated from its current health score, actively-exploited vulnerabilities, and latest supported version.

VMware ESXi currently scores 85/100 — good. 8 actively-exploited vulnerabilities (CISA KEV) affect older releases (e.g. CVE-2019-5544) — staying on the latest supported version keeps you clear of them. The latest supported release is 9.1.0.0. It's largely safe; apply minor updates as they appear. Note: this product is assessed at the product level on recent (365-day) activity rather than an exact per-version match, so it is never marked a confident "healthy".

Disclosure trend iNew CVEs published for VMware ESXi each year (NVD). A higher bar means more disclosures that year — more scrutiny, not necessarily less safe.

'19
'20
'21
'22
'23
'24
'25
'26

4 of its known vulnerabilities are linked to ransomware campaigns (CISA KEV).

Patch priority — what to act on iThe issues to fix first — actively exploited (CISA KEV) first, then by exploitation probability (EPSS), then severity. Each row's "→ fixed in" is the earliest version that patches it; "see advisory" means no fixed version is published.

Most urgent first — actively exploited, then likeliest to be exploited.

CVE-2019-5544 CRITICAL exploited ransomware Out-of-bounds write EPSS 97% → see advisory CVE-2020-3992 CRITICAL exploited ransomware Use-after-free EPSS 83% → see advisory CVE-2023-29552 HIGH exploited EPSS 66% → fixed in 7.0 CVE-2024-37085 MEDIUM exploited ransomware Improper authentication EPSS 27% → see advisory CVE-2010-3904 HIGH exploited CWE-1284 EPSS 11% → see advisory CVE-2025-22226 HIGH exploited Out-of-bounds read EPSS 2% → see advisory CVE-2025-22224 CRITICAL exploited CWE-367 EPSS 2% → see advisory CVE-2025-22225 HIGH exploited ransomware Out-of-bounds write EPSS 1% → see advisory CVE-2017-5753 MEDIUM CWE-203 EPSS 94% → see advisory CVE-2021-21974 HIGH Out-of-bounds write EPSS 45% → see advisory CVE-2010-0211 CRITICAL CWE-252 EPSS 29% → see advisory CVE-2024-22252 CRITICAL Use-after-free EPSS 4% → see advisory

See all 116 known VMware ESXi CVEs & security history →

How to patch VMware ESXi — step-by-step to the latest secure version →

Get alerted about VMware ESXi

Be emailed the moment VMware ESXi gets a newly exploited vulnerability (CISA KEV) or a release reaches end of life. Free · double opt-in · unsubscribe anytime.

We email only on real events for VMware ESXi — no marketing, no sharing, and we never know what you run. Track your whole stack →

Monitor up to 200 products — freeHit ☆ Monitor on anything you run, then sign in (no password) to sync your stack across devices and unlock smart insights, risk history & CSV/JSON exports. Sign in free →

Versions & lifecycle iWhen each release line stops receiving security patches (end-of-life). After EOL there are no more fixes — plan upgrades before these dates.

How long each VMware ESXi release line is supported — and when it sunsets.

Aug12'28 VMware ESXi 9.1EOL 2028-08-12
Oct11'27 VMware ESXi 8.0EOL 2027-10-11
Sept17'27 VMware ESXi 9.0EOL 2027-09-17
Oct2'25 VMware ESXi 7.0ended 2025-10-02
Oct15'22 VMware ESXi 6.7ended 2022-10-15
Oct15'22 VMware ESXi 6.5ended 2022-10-15
Mar12'20 VMware ESXi 6.0ended 2020-03-12
Sept19'18 VMware ESXi 5.5ended 2018-09-19
Aug24'16 VMware ESXi 5.1ended 2016-08-24
Aug24'16 VMware ESXi 5.0ended 2016-08-24

Full VMware ESXi end-of-life dates & support timeline →

9.1 latest 9.1.0.0 Supported until 2028-08-12
9.0 latest 9.0.2.0 Supported until 2027-09-17
8.0 latest 8.0 Update 3j Supported until 2027-10-11
7.0 latest 7.0 Update 3w End of life ended 2025-10-02
6.7 latest 6.7 Update 3w End of life ended 2022-10-15
6.5 latest 6.5 ESXi650-202403001 End of life ended 2022-10-15
6.0 latest 6.0 EP 25 End of life ended 2020-03-12
5.5 latest 5.5 Update 3k End of life ended 2018-09-19
5.1 latest 5.1 Update 3d End of life ended 2016-08-24
5.0 latest 5.0 Update 3g End of life ended 2016-08-24
See all upcoming end-of-life dates →

Frequently asked

Is VMware ESXi safe and patched?

VMware ESXi currently scores 85/100 — good. 8 actively-exploited vulnerabilities (CISA KEV) affect older releases (e.g. CVE-2019-5544) — staying on the latest supported version keeps you clear of them. The latest supported release is 9.1.0.0. It's largely safe; apply minor updates as they appear. Note: this product is assessed at the product level on recent (365-day) activity rather than an exact per-version match, so it is never marked a confident "healthy".

What should I do about VMware ESXi now?

Upgrade VMware ESXi to the latest supported release (9.1.0.0) or later, which clears the actively-exploited issues affecting older versions, then confirm against VMware / Broadcom's official advisory.

When does VMware ESXi reach end-of-life?

The latest supported VMware ESXi release is 9.1.0.0. After end-of-life a release no longer receives security patches.

Which versions of VMware ESXi are still receiving security updates?

Supported VMware ESXi release lines (latest 9.1.0.0): 9.1, 9.0, 8.0. End-of-life releases no longer receive security patches.

product-level posture (last 365d); exact per-version verdict pending precise version mapping

Informational only, from public data (NVD · CISA KEV · EPSS · endoflife.date), and can lag or miss vendor-specific fixes. Always confirm against VMware / Broadcom's official advisory before you patch or upgrade — VMware ESXi official site ↗