Ghostwire
Home / Vulnerabilities / CVE-2026-35245

CVE-2026-35245: Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that...

HIGH CVSS 7.5

Published: April 21, 2026 | Last Modified: April 21, 2026

Description

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is 7.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via RDP to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. CVSS 3.1 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).

Ghostwire Analysis — What This Means Practically

This analysis is generated by Ghostwire from NVD, CISA KEV, EPSS, and open-source intelligence data. Verify findings through primary sources before acting.

Security Coverage (1 articles)

Tenable CVEs
CVE-2026-35245

References