CVE-2026-35248: Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle VM VirtualBox accessible data as well as unauthorized read access to a subset of Oracle VM VirtualBox accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle VM VirtualBox. in Oracle Corporation Oracle VM VirtualBox
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is 7.2.6. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle VM VirtualBox accessible data as well as unauthorized read access to a subset of Oracle VM VirtualBox accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle VM VirtualBox. CVSS 3.1 Base Score 5.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L).
AI Analysis
Technical Summary
CVE-2026-35248 affects Oracle VM VirtualBox 7.2.6 and is a difficult to exploit vulnerability requiring high privileges and local access. It allows an attacker to compromise VirtualBox, resulting in unauthorized modification and reading of accessible data and partial denial of service. The vulnerability has a CVSS 3.1 score of 5.0 with attack vector local, high attack complexity, high privileges required, no user interaction, and scope change. Oracle's April 2026 Critical Patch Update advisory mentions many patches but does not explicitly state a fix for this vulnerability. The advisory emphasizes the importance of applying patches promptly to mitigate known vulnerabilities.
Potential Impact
An attacker with high privileges and local access to the infrastructure running Oracle VM VirtualBox 7.2.6 can exploit this vulnerability to gain unauthorized read and write access to some VirtualBox accessible data and cause a partial denial of service. The vulnerability's scope change means it may affect additional products beyond VirtualBox. The impact on confidentiality, integrity, and availability is limited but non-negligible. There are no known exploits in the wild at this time.
Mitigation Recommendations
Oracle's advisory does not explicitly confirm a patch for CVE-2026-35248 at this time. Patch status is not yet confirmed—check the Oracle Critical Patch Update advisory at https://www.oracle.com/security-alerts/cpuapr2026.html for current remediation guidance. Customers should ensure they are running supported versions and apply Oracle Critical Patch Updates promptly when patches become available. Until a patch is confirmed, restrict high privileged access to the infrastructure hosting Oracle VM VirtualBox to trusted personnel only.
CVE-2026-35248: Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle VM VirtualBox accessible data as well as unauthorized read access to a subset of Oracle VM VirtualBox accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle VM VirtualBox. in Oracle Corporation Oracle VM VirtualBox
Description
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is 7.2.6. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle VM VirtualBox accessible data as well as unauthorized read access to a subset of Oracle VM VirtualBox accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle VM VirtualBox. CVSS 3.1 Base Score 5.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L).
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2026-35248 affects Oracle VM VirtualBox 7.2.6 and is a difficult to exploit vulnerability requiring high privileges and local access. It allows an attacker to compromise VirtualBox, resulting in unauthorized modification and reading of accessible data and partial denial of service. The vulnerability has a CVSS 3.1 score of 5.0 with attack vector local, high attack complexity, high privileges required, no user interaction, and scope change. Oracle's April 2026 Critical Patch Update advisory mentions many patches but does not explicitly state a fix for this vulnerability. The advisory emphasizes the importance of applying patches promptly to mitigate known vulnerabilities.
Potential Impact
An attacker with high privileges and local access to the infrastructure running Oracle VM VirtualBox 7.2.6 can exploit this vulnerability to gain unauthorized read and write access to some VirtualBox accessible data and cause a partial denial of service. The vulnerability's scope change means it may affect additional products beyond VirtualBox. The impact on confidentiality, integrity, and availability is limited but non-negligible. There are no known exploits in the wild at this time.
Mitigation Recommendations
Oracle's advisory does not explicitly confirm a patch for CVE-2026-35248 at this time. Patch status is not yet confirmed—check the Oracle Critical Patch Update advisory at https://www.oracle.com/security-alerts/cpuapr2026.html for current remediation guidance. Customers should ensure they are running supported versions and apply Oracle Critical Patch Updates promptly when patches become available. Until a patch is confirmed, restrict high privileged access to the infrastructure hosting Oracle VM VirtualBox to trusted personnel only.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- oracle
- Date Reserved
- 2026-04-01T20:03:40.834Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
- Vendor Advisory Urls
- [{"url":"https://www.oracle.com/security-alerts/cpuapr2026.html","vendor":"Oracle"}]
Threat ID: 69e7e5b119fe3cd2cdfa01ae
Added to database: 4/21/2026, 9:01:37 PM
Last enriched: 4/21/2026, 9:17:32 PM
Last updated: 4/22/2026, 7:11:05 AM
Views: 8
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.