I am sure that you heard about the Apache Log4j Remote Code Execution Vulnerability announced last week… Follow the link to see VMware’s response for each product, along with a solution patch or workaround for some of them (the rest are coming soon!).
Official VMware article – VMSA-2021-0028.2 – here
vCenter workaround (most common) – here
vRops workaround – here