CVE-2026-35248

Name of the Vulnerable Software and Affected Versions Oracle VM VirtualBox version 7.2.6

Description An issue in the Core component allows a high privileged attacker with logon access to the infrastructure where the software executes to compromise the system. Successful exploitation can lead to unauthorized read, update, insert, or delete access to certain accessible data, as well as the ability to cause a partial denial of service (partial DOS), which is a condition where the system becomes partially unavailable to users. This attack may also significantly impact additional products due to a scope change.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.