CVE-2026-23762

Name of the Vulnerable Software and Affected Versions VB-Audio Voicemeeter versions 1.1.1.9 and earlier VB-Audio Voicemeeter Banana versions 2.1.1.9 and earlier VB-Audio Voicemeeter Potato versions 3.1.1.9 and earlier VB-Audio Matrix versions 1.0.2.2 and earlier VB-Audio Matrix Coconut versions 2.0.2.2 and earlier

Description The virtual audio drivers (vbvoicemeetervaio64*.sys, vbmatrixvaio64*.sys, vbaudio vmauxvaio*.sys, vbaudio vmvaio*.sys, and vbaudio vmvaio3*.sys) map non-paged pool memory into user space using MmMapLockedPagesSpecifyCache with UserMode access without proper exception handling. A failure in the mapping process, such as when a process exhausts available virtual address space, causes MmMapLockedPagesSpecifyCache to raise an exception that is not handled, resulting in a kernel crash, typically a SYSTEM SERVICE EXCEPTION with a STATUS NO MEMORY error. This can lead to a denial-of-service condition. A local unprivileged user can trigger this issue.

Recommendations Update VB-Audio Voicemeeter to a version later than 1.1.1.9. Update VB-Audio Voicemeeter Banana to a version later than 2.1.1.9. Update VB-Audio Voicemeeter Potato to a version later than 3.1.1.9. Update VB-Audio Matrix to a version later than 1.0.2.2. Update VB-Audio Matrix Coconut to a version later than 2.0.2.2.