PT-2026-3733 · Oracle+1 · Virtualbox+1
Mohammed Ba Rashed
·
Published
2026-01-01
·
Updated
2026-03-19
·
CVE-2026-21986
CVSS v3.1
7.1
High
| Vector | AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Oracle VM VirtualBox versions 7.1.14 through 7.2.4
Description
An easily exploitable issue exists in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). An unauthenticated attacker with access to the infrastructure where Oracle VM VirtualBox runs can compromise the software. Successful exploitation can lead to a denial-of-service condition, causing Oracle VM VirtualBox to hang or crash repeatedly. This vulnerability affects Windows Virtual Machines only.
Recommendations
Update Oracle VM VirtualBox to a version later than 7.2.4.
Update Oracle VM VirtualBox to a version later than 7.1.14.
Exploit
Fix
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Virtualbox
Red Os