Oracle VM VirtualBox Core Component Vulnerability Allowing Unauthorized Data Access and Partial Denial-of-Service

Vulnerability

A vulnerability has been identified in the Oracle VM VirtualBox product, specifically in the Core component, within the Oracle Virtualization category. This issue affects version 7.1.14 and 7.2.4. The vulnerability is easily exploitable and allows a high-privileged attacker with access to the infrastructure where Oracle VM VirtualBox is running to compromise the application. Although the vulnerability resides within Oracle VM VirtualBox, successful exploitation could significantly impact other products, leading to a scope change. The consequences of this vulnerability include unauthorized read access to certain data within Oracle VM VirtualBox and the ability to cause a partial denial-of-service on the application.

Impact

Exploitation of this vulnerability could result in unauthorized access to some data within Oracle VM VirtualBox and the ability to cause a partial denial-of-service on the application.

Added: Jan 20, 2026, 10:32 PM

Updated: Jan 20, 2026, 10:32 PM

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

1.3

exploitability

2.8

remediation

0.0

relevance

2.2

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

1.3

exploitability

2.8

remediation

0.0

relevance

2.2

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Oracle VM VirtualBox Core Component Vulnerability Allowing Unauthorized Data Access and Partial Denial-of-Service

Vulnerability

Impact

Affected Products

Oracle VM VirtualBox

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating