PT-2026-3728 · Oracle+1 · Virtualbox+1

Yuhao Jiang

Publicado

2026-01-01

Atualizado

2026-03-19

CVE-2026-21981

CVSS v3.1

4.6

Média

Vetor

AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:L

Name of the Vulnerable Software and Affected Versions Oracle VM VirtualBox versions 7.1.14 and 7.2.4

Description An easily exploitable issue exists in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). A high-privileged attacker with access to the system where Oracle VM VirtualBox runs can compromise the software. Successful exploitation may lead to unauthorized read access to some Oracle VM VirtualBox data and a partial denial of service. Attacks may impact additional products.

Recommendations Update Oracle VM VirtualBox to a version later than 7.1.14. Update Oracle VM VirtualBox to a version later than 7.2.4.

Correção

DoS

Out of bounds Read

Improper Privilege Management

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-125CWE-269

Identificadores relacionados

BDU:2026-00721

CVE-2026-21981

Produtos afetados

Virtualbox

Red Os

PT-2026-3728 · Oracle+1 · Virtualbox+1

CVE-2026-21981

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 18