Omnissa Workspace ONE UEM (formerly VMware Workspace ONE UEM) contains an unauthenticated server-side request forgery vulnerability (CVE-2021-22054, CVSS 7.5) confirmed actively exploited and listed in CISA’s KEV catalog with a remediation deadline of March 23, 2026. An attacker with network access to the UEM server can forge outbound requests to internal systems, cloud metadata endpoints, and internal APIs without any credentials, enabling reconnaissance and potential credential harvesting. Apply the vendor patch per Omnissa KB article 87167 immediately and audit UEM server outbound HTTP logs for anomalous requests to RFC-1918 ranges or metadata service endpoints.