What is CVE-2026-35275?

CVE-2026-35275 is a high-severity vulnerability in Oracle Corporation Vm Virtualbox, classified under Improper Access Control. CVSS score: 7.5/10. Published 2026-06-17.

How severe is CVE-2026-35275?

High severity. CVSS v3 base score is 7.5 out of 10.

Vulnerability in Oracle Corporation Vm Virtualbox

CVE-2026-35275

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Shared Folders). The supported version that is affected is 7.2.8. Difficult to exploit vulnerability allows low privileged attacker with logon to the…

CVSS v3 metric

CVSS v3 base score 7.5 (High). Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N.

Affected products

Oracle Corporation Vm Virtualbox — versions 7.2.8

Weakness classification (CWE)

CWE-284 — Improper Access Control

References

secalert_us@oracle.com (vendor-advisory)

Frequently asked questions

What is CVE-2026-35275?: CVE-2026-35275 is a high-severity vulnerability in Oracle Corporation Vm Virtualbox, classified under Improper Access Control. CVSS score: 7.5/10. Published 2026-06-17.
How severe is CVE-2026-35275?: High severity. CVSS v3 base score is 7.5 out of 10.