CVE-2026-46977 | Oracle VM VirtualBox 7.2.8 VMSVGA Device improper authorization

Inserito da Angelo Barbosa | Giu 17, 2026 | CVE

A vulnerability has been found in Oracle VM VirtualBox 7.2.8 and classified as critical. The impacted element is an unknown function of the component VMSVGA Device. Performing a manipulation results in improper authorization.

This vulnerability is cataloged as CVE-2026-46977. The attack must be initiated from a local position. There is no exploit available.

The affected component should be upgraded.

CVE-2026-46977 | Oracle VM VirtualBox 7.2.8 VMSVGA Device improper authorization

Post correlati

CVE-2026-47114 | IINA up to 1.4.2 URL argument injection

CVE-2025-4886 | itsourcecode Sales and Inventory System 1.0 product_update.php serial sql injection

CVE-2025-7904 | itsourcecode Insurance Management System 1.0 /insertNominee.php nominee_id sql injection

CVE-2025-1814 | Tenda AC6 15.03.05.16 /goform/WifiExtraSet wpapsk_crypto stack-based overflow