CVE-2026-23761

Name of the Vulnerable Software and Affected Versions VB-Audio Voicemeeter versions 1.1.1.9 and earlier VB-Audio Voicemeeter Banana versions 2.1.1.9 and earlier VB-Audio Voicemeeter Potato versions 3.1.1.9 and earlier VB-Audio Matrix versions 1.0.2.2 and earlier VB-Audio Matrix Coconut versions 2.0.2.2 and earlier

Description The VB-Audio software contains a flaw in its virtual audio drivers (vbvoicemeetervaio64*.sys, vbmatrixvaio64*.sys, vbaudio vmauxvaio*.sys, vbaudio vmvaio*.sys, and vbaudio vmvaio3*.sys). When a handle is opened with a specific file attribute, the drivers incorrectly set the FILE OBJECT->FsContext to an invalid value. If operations are passed to the audio driver stack, this invalid FsContext can be accessed, leading to a system crash (Blue Screen of Death) with a SYSTEM SERVICE EXCEPTION and STATUS ACCESS VIOLATION. This issue allows a local user with limited privileges to cause a denial-of-service on Windows systems.

Recommendations Update VB-Audio Voicemeeter to a version later than 1.1.1.9. Update VB-Audio Voicemeeter Banana to a version later than 2.1.1.9. Update VB-Audio Voicemeeter Potato to a version later than 3.1.1.9. Update VB-Audio Matrix to a version later than 1.0.2.2. Update VB-Audio Matrix Coconut to a version later than 2.0.2.2.