Oracle · Virtualbox · CVE-2026-21986
**Name of the Vulnerable Software and Affected Versions**
Oracle VM VirtualBox versions 7.1.14 through 7.2.4
**Description**
An easily exploitable issue exists in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). An unauthenticated attacker with access to the infrastructure where Oracle VM VirtualBox runs can compromise the software. Successful exploitation can lead to a denial-of-service condition, causing Oracle VM VirtualBox to hang or crash repeatedly. This vulnerability affects Windows Virtual Machines only.
**Recommendations**
Update Oracle VM VirtualBox to a version later than 7.2.4.
Update Oracle VM VirtualBox to a version later than 7.1.14.