Core Vulnerability in Oracle VM VirtualBox by Oracle
CVE-2026-35250

2.3LOW

Key Information:

Vendor: Oracle
Status: Oracle Vm Virtualbox
Vendor: CVE Published:; 21 April 2026

What is CVE-2026-35250?

An exploitable vulnerability exists within Oracle VM VirtualBox, specifically in its core components. A privileged attacker with access to the infrastructure can exploit this weakness to compromise the functionality of Oracle VM VirtualBox. Successful exploitation may result in a partial denial of service, affecting the availability of the virtual machine environment. The vulnerability specifically impacts version 7.2.6, demanding immediate attention from administrators to safeguard their systems.

Affected Version(s)

Oracle VM VirtualBox 7.2.6

References

https://www.oracle.com/security-alerts/cpuapr2026.html

vendor-advisory

CVSS V3.1

Score:

2.3

Severity:

LOW

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 21, 2026
Vulnerability Reserved
Apr 1, 2026

CVE-2026-35250 Data

JSON