CVE-2026-21985

Name of the Vulnerable Software and Affected Versions Oracle VM VirtualBox versions 7.1.14 and 7.2.4

Description An easily exploitable issue exists in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). A high-privileged attacker with access to the infrastructure where Oracle VM VirtualBox runs can compromise the software. Successful exploitation may lead to unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. Attacks may significantly impact additional products.

Recommendations Update Oracle VM VirtualBox to a newer version that addresses this issue.