We should be aware of the following critical vulnerabilities issued five days ago by the VMSA that affect the VC and VCF products, I mentioned CVE titles of some of them:
1. CVE-2021-21991 Is related to the local privilege escalation vulnerability
2. CVE-2021-22018 / CVE-2021-22013 / CVE-2021-22005 Are about the file vulnerabilities
3. CVE-2021-22017 / CVE-2021-22006 Are related to the reverse proxy and rhttpproxy
You can read the VMware full document about all 19 mentioned vulnerabilities here