PT-2026-3728 · Oracle+1 · Virtualbox+1
Yuhao Jiang
·
Published
2026-01-01
·
Updated
2026-03-19
·
CVE-2026-21981
CVSS v3.1
4.6
Medium
| Vector | AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:L |
Name of the Vulnerable Software and Affected Versions
Oracle VM VirtualBox versions 7.1.14 and 7.2.4
Description
An easily exploitable issue exists in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). A high-privileged attacker with access to the system where Oracle VM VirtualBox runs can compromise the software. Successful exploitation may lead to unauthorized read access to some Oracle VM VirtualBox data and a partial denial of service. Attacks may impact additional products.
Recommendations
Update Oracle VM VirtualBox to a version later than 7.1.14.
Update Oracle VM VirtualBox to a version later than 7.2.4.
Fix
DoS
Out of bounds Read
Improper Privilege Management
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Virtualbox
Red Os