What is CVE-2026-46974?

CVE-2026-46974 is a high-severity vulnerability in Oracle Corporation Vm Virtualbox, classified under Improper Access Control. CVSS score: 7.5/10. Published 2026-06-17.

How severe is CVE-2026-46974?

High severity. CVSS v3 base score is 7.5 out of 10.

Vulnerability in Oracle Corporation Vm Virtualbox

CVE-2026-46974

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is 7.2.8. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastru…

CVSS v3 metric

CVSS v3 base score 7.5 (High). Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H.

Affected products

Oracle Corporation Vm Virtualbox — versions 7.2.8

Weakness classification (CWE)

CWE-284 — Improper Access Control

References

secalert_us@oracle.com (vendor-advisory)

Frequently asked questions

What is CVE-2026-46974?: CVE-2026-46974 is a high-severity vulnerability in Oracle Corporation Vm Virtualbox, classified under Improper Access Control. CVSS score: 7.5/10. Published 2026-06-17.
How severe is CVE-2026-46974?: High severity. CVSS v3 base score is 7.5 out of 10.