{"url":"http://public2.vulnerablecode.io/api/packages/372102?format=json","purl":"pkg:alpm/archlinux/virtualbox@6.1.18-2","type":"alpm","namespace":"archlinux","name":"virtualbox","version":"6.1.18-2","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"6.1.20-1","latest_non_vulnerable_version":"6.1.28-1","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/248617?format=json","vulnerability_id":"VCID-2r65-7mst-7ff7","summary":"Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 6.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N).","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-2321","reference_id":"","reference_type":"","scores":[{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36214","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36121","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36144","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36539","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36711","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36742","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.3658","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36633","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36651","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36659","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36624","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36599","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36645","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36628","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36568","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36344","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36315","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36228","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36111","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36181","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36208","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-2321"},{"reference_url":"https://security.archlinux.org/ASA-202104-9","reference_id":"ASA-202104-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202104-9"},{"reference_url":"https://security.archlinux.org/AVG-1846","reference_id":"AVG-1846","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1846"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/372103?format=json","purl":"pkg:alpm/archlinux/virtualbox@6.1.20-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/virtualbox@6.1.20-1"}],"aliases":["CVE-2021-2321"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2r65-7mst-7ff7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43137?format=json","vulnerability_id":"VCID-3rtp-jbxr-1qey","summary":"Multiple vulnerabilities have been discovered in Oracle Virtualbox, the worst of which could result in root privilege escalation.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-2286","reference_id":"","reference_type":"","scores":[{"value":"0.00169","scoring_system":"epss","scoring_elements":"0.37691","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00169","scoring_system":"epss","scoring_elements":"0.3771","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00169","scoring_system":"epss","scoring_elements":"0.37727","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00169","scoring_system":"epss","scoring_elements":"0.37641","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00169","scoring_system":"epss","scoring_elements":"0.37613","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00169","scoring_system":"epss","scoring_elements":"0.3803","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00169","scoring_system":"epss","scoring_elements":"0.3821","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00169","scoring_system":"epss","scoring_elements":"0.38233","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00169","scoring_system":"epss","scoring_elements":"0.38103","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00169","scoring_system":"epss","scoring_elements":"0.38153","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00169","scoring_system":"epss","scoring_elements":"0.38161","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00169","scoring_system":"epss","scoring_elements":"0.38179","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00169","scoring_system":"epss","scoring_elements":"0.38143","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00169","scoring_system":"epss","scoring_elements":"0.38119","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00169","scoring_system":"epss","scoring_elements":"0.38165","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00169","scoring_system":"epss","scoring_elements":"0.38146","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00169","scoring_system":"epss","scoring_elements":"0.38081","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00169","scoring_system":"epss","scoring_elements":"0.37866","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00169","scoring_system":"epss","scoring_elements":"0.37843","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00169","scoring_system":"epss","scoring_elements":"0.37749","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00169","scoring_system":"epss","scoring_elements":"0.3764","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-2286"},{"reference_url":"https://security.archlinux.org/ASA-202104-9","reference_id":"ASA-202104-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202104-9"},{"reference_url":"https://security.archlinux.org/AVG-1846","reference_id":"AVG-1846","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1846"},{"reference_url":"https://security.gentoo.org/glsa/202208-36","reference_id":"GLSA-202208-36","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T13:52:53Z/"}],"url":"https://security.gentoo.org/glsa/202208-36"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/372103?format=json","purl":"pkg:alpm/archlinux/virtualbox@6.1.20-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/virtualbox@6.1.20-1"}],"aliases":["CVE-2021-2286"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3rtp-jbxr-1qey"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43090?format=json","vulnerability_id":"VCID-4sk2-6fz1-6qd1","summary":"Multiple vulnerabilities have been discovered in Oracle Virtualbox, the worst of which could result in root privilege escalation.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-2264","reference_id":"","reference_type":"","scores":[{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29441","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29662","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29548","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29486","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29344","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29407","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.2942","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29341","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29361","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29875","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29919","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29966","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29778","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.2984","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29884","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29838","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29788","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29807","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29741","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-2264"},{"reference_url":"http://www.openwall.com/lists/oss-security/2021/04/26/1","reference_id":"1","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-26T14:48:20Z/"}],"url":"http://www.openwall.com/lists/oss-security/2021/04/26/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2021/04/26/2","reference_id":"2","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-26T14:48:20Z/"}],"url":"http://www.openwall.com/lists/oss-security/2021/04/26/2"},{"reference_url":"https://security.archlinux.org/AVG-1870","reference_id":"AVG-1870","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1870"},{"reference_url":"https://security.gentoo.org/glsa/202208-36","reference_id":"GLSA-202208-36","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-26T14:48:20Z/"}],"url":"https://security.gentoo.org/glsa/202208-36"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/372103?format=json","purl":"pkg:alpm/archlinux/virtualbox@6.1.20-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/virtualbox@6.1.20-1"}],"aliases":["CVE-2021-2264"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4sk2-6fz1-6qd1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43110?format=json","vulnerability_id":"VCID-7b9u-tggy-gqej","summary":"Multiple vulnerabilities have been discovered in Oracle Virtualbox, the worst of which could result in root privilege escalation.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-2279","reference_id":"","reference_type":"","scores":[{"value":"0.07624","scoring_system":"epss","scoring_elements":"0.91941","published_at":"2026-05-14T12:55:00Z"},{"value":"0.07624","scoring_system":"epss","scoring_elements":"0.91884","published_at":"2026-04-29T12:55:00Z"},{"value":"0.07624","scoring_system":"epss","scoring_elements":"0.91897","published_at":"2026-05-05T12:55:00Z"},{"value":"0.07624","scoring_system":"epss","scoring_elements":"0.91909","published_at":"2026-05-07T12:55:00Z"},{"value":"0.07624","scoring_system":"epss","scoring_elements":"0.91919","published_at":"2026-05-09T12:55:00Z"},{"value":"0.07624","scoring_system":"epss","scoring_elements":"0.91918","published_at":"2026-05-11T12:55:00Z"},{"value":"0.07624","scoring_system":"epss","scoring_elements":"0.91926","published_at":"2026-05-12T12:55:00Z"},{"value":"0.07624","scoring_system":"epss","scoring_elements":"0.9183","published_at":"2026-04-01T12:55:00Z"},{"value":"0.07624","scoring_system":"epss","scoring_elements":"0.91838","published_at":"2026-04-02T12:55:00Z"},{"value":"0.07624","scoring_system":"epss","scoring_elements":"0.91845","published_at":"2026-04-04T12:55:00Z"},{"value":"0.07624","scoring_system":"epss","scoring_elements":"0.91853","published_at":"2026-04-07T12:55:00Z"},{"value":"0.07624","scoring_system":"epss","scoring_elements":"0.91866","published_at":"2026-04-08T12:55:00Z"},{"value":"0.07624","scoring_system":"epss","scoring_elements":"0.91871","published_at":"2026-04-13T12:55:00Z"},{"value":"0.07624","scoring_system":"epss","scoring_elements":"0.91875","published_at":"2026-04-12T12:55:00Z"},{"value":"0.07624","scoring_system":"epss","scoring_elements":"0.91889","published_at":"2026-04-24T12:55:00Z"},{"value":"0.07624","scoring_system":"epss","scoring_elements":"0.91886","published_at":"2026-04-18T12:55:00Z"},{"value":"0.07624","scoring_system":"epss","scoring_elements":"0.91883","published_at":"2026-04-21T12:55:00Z"},{"value":"0.07624","scoring_system":"epss","scoring_elements":"0.91887","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-2279"},{"reference_url":"https://security.archlinux.org/ASA-202104-9","reference_id":"ASA-202104-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202104-9"},{"reference_url":"https://security.archlinux.org/AVG-1846","reference_id":"AVG-1846","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1846"},{"reference_url":"https://security.gentoo.org/glsa/202208-36","reference_id":"GLSA-202208-36","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-26T14:47:59Z/"}],"url":"https://security.gentoo.org/glsa/202208-36"},{"reference_url":"https://www.zerodayinitiative.com/advisories/ZDI-21-453/","reference_id":"ZDI-21-453","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-26T14:47:59Z/"}],"url":"https://www.zerodayinitiative.com/advisories/ZDI-21-453/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/372103?format=json","purl":"pkg:alpm/archlinux/virtualbox@6.1.20-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/virtualbox@6.1.20-1"}],"aliases":["CVE-2021-2279"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7b9u-tggy-gqej"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43134?format=json","vulnerability_id":"VCID-7d2s-r3zf-u7ag","summary":"Multiple vulnerabilities have been discovered in Oracle Virtualbox, the worst of which could result in root privilege escalation.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-2283","reference_id":"","reference_type":"","scores":[{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39623","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39594","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39611","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39526","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39551","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39875","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.40023","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.40049","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.3997","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.40036","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.40047","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.4001","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.3999","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.4004","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.40011","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39933","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39759","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39746","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.3966","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39529","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-2283"},{"reference_url":"https://security.archlinux.org/ASA-202104-9","reference_id":"ASA-202104-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202104-9"},{"reference_url":"https://security.archlinux.org/AVG-1846","reference_id":"AVG-1846","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1846"},{"reference_url":"https://security.gentoo.org/glsa/202208-36","reference_id":"GLSA-202208-36","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:42:40Z/"}],"url":"https://security.gentoo.org/glsa/202208-36"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/372103?format=json","purl":"pkg:alpm/archlinux/virtualbox@6.1.20-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/virtualbox@6.1.20-1"}],"aliases":["CVE-2021-2283"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7d2s-r3zf-u7ag"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43088?format=json","vulnerability_id":"VCID-94zg-371b-qkdp","summary":"Multiple vulnerabilities have been discovered in Oracle Virtualbox, the worst of which could result in root privilege escalation.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-2145","reference_id":"","reference_type":"","scores":[{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53394","published_at":"2026-05-14T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53279","published_at":"2026-04-29T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53236","published_at":"2026-05-05T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53286","published_at":"2026-05-07T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53338","published_at":"2026-05-09T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53299","published_at":"2026-05-11T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53325","published_at":"2026-05-12T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53227","published_at":"2026-04-01T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53251","published_at":"2026-04-02T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53277","published_at":"2026-04-04T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53244","published_at":"2026-04-07T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53297","published_at":"2026-04-08T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53291","published_at":"2026-04-09T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53342","published_at":"2026-04-11T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53326","published_at":"2026-04-12T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53309","published_at":"2026-04-13T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53347","published_at":"2026-04-16T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53352","published_at":"2026-04-18T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53332","published_at":"2026-04-21T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53304","published_at":"2026-04-24T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53316","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-2145"},{"reference_url":"https://security.archlinux.org/ASA-202104-9","reference_id":"ASA-202104-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202104-9"},{"reference_url":"https://security.archlinux.org/AVG-1846","reference_id":"AVG-1846","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1846"},{"reference_url":"https://security.gentoo.org/glsa/202208-36","reference_id":"GLSA-202208-36","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-26T18:11:37Z/"}],"url":"https://security.gentoo.org/glsa/202208-36"},{"reference_url":"https://www.zerodayinitiative.com/advisories/ZDI-21-455/","reference_id":"ZDI-21-455","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-26T18:11:37Z/"}],"url":"https://www.zerodayinitiative.com/advisories/ZDI-21-455/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/372103?format=json","purl":"pkg:alpm/archlinux/virtualbox@6.1.20-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/virtualbox@6.1.20-1"}],"aliases":["CVE-2021-2145"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-94zg-371b-qkdp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43115?format=json","vulnerability_id":"VCID-c7w5-yk8d-qkfb","summary":"Multiple vulnerabilities have been discovered in Oracle Virtualbox, the worst of which could result in root privilege escalation.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-2280","reference_id":"","reference_type":"","scores":[{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.35728","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.3571","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.35732","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.3564","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.35663","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.36058","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.36253","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.36286","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.36122","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.36171","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.36189","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.36195","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.36158","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.36132","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.36174","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.36159","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.36107","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.35877","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.35845","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.35758","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.35641","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-2280"},{"reference_url":"https://security.archlinux.org/ASA-202104-9","reference_id":"ASA-202104-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202104-9"},{"reference_url":"https://security.archlinux.org/AVG-1846","reference_id":"AVG-1846","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1846"},{"reference_url":"https://security.gentoo.org/glsa/202208-36","reference_id":"GLSA-202208-36","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:42:45Z/"}],"url":"https://security.gentoo.org/glsa/202208-36"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/372103?format=json","purl":"pkg:alpm/archlinux/virtualbox@6.1.20-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/virtualbox@6.1.20-1"}],"aliases":["CVE-2021-2280"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c7w5-yk8d-qkfb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43136?format=json","vulnerability_id":"VCID-cm61-d57b-1qhq","summary":"Multiple vulnerabilities have been discovered in Oracle Virtualbox, the worst of which could result in root privilege escalation.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-2285","reference_id":"","reference_type":"","scores":[{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39623","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39594","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39611","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39526","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39551","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39875","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.40023","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.40049","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.3997","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.40036","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.40047","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.4001","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.3999","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.4004","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.40011","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39933","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39759","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39746","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.3966","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39529","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-2285"},{"reference_url":"https://security.archlinux.org/ASA-202104-9","reference_id":"ASA-202104-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202104-9"},{"reference_url":"https://security.archlinux.org/AVG-1846","reference_id":"AVG-1846","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1846"},{"reference_url":"https://security.gentoo.org/glsa/202208-36","reference_id":"GLSA-202208-36","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T13:52:53Z/"}],"url":"https://security.gentoo.org/glsa/202208-36"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/372103?format=json","purl":"pkg:alpm/archlinux/virtualbox@6.1.20-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/virtualbox@6.1.20-1"}],"aliases":["CVE-2021-2285"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cm61-d57b-1qhq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43205?format=json","vulnerability_id":"VCID-ctc7-nx1g-quh9","summary":"Multiple vulnerabilities have been discovered in Oracle Virtualbox, the worst of which could result in root privilege escalation.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-2310","reference_id":"","reference_type":"","scores":[{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.45832","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.45811","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.45709","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.45771","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.4579","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.45732","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.45759","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.45844","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.45891","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.45912","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.45862","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.45918","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.45916","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.45938","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.45909","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.45968","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.45964","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.45908","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.45857","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.45868","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-2310"},{"reference_url":"https://security.archlinux.org/ASA-202104-9","reference_id":"ASA-202104-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202104-9"},{"reference_url":"https://security.archlinux.org/AVG-1846","reference_id":"AVG-1846","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1846"},{"reference_url":"https://security.gentoo.org/glsa/202208-36","reference_id":"GLSA-202208-36","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-26T13:58:49Z/"}],"url":"https://security.gentoo.org/glsa/202208-36"},{"reference_url":"https://www.zerodayinitiative.com/advisories/ZDI-21-456/","reference_id":"ZDI-21-456","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-26T13:58:49Z/"}],"url":"https://www.zerodayinitiative.com/advisories/ZDI-21-456/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/372103?format=json","purl":"pkg:alpm/archlinux/virtualbox@6.1.20-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/virtualbox@6.1.20-1"}],"aliases":["CVE-2021-2310"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ctc7-nx1g-quh9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43116?format=json","vulnerability_id":"VCID-e7tk-fpb8-yugw","summary":"Multiple vulnerabilities have been discovered in Oracle Virtualbox, the worst of which could result in root privilege escalation.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-2281","reference_id":"","reference_type":"","scores":[{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38021","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38043","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38055","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.3797","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.37946","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.3836","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38497","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38521","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38384","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38435","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38443","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38458","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38421","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38395","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38423","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38359","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38202","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38179","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38084","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.37972","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-2281"},{"reference_url":"https://security.archlinux.org/ASA-202104-9","reference_id":"ASA-202104-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202104-9"},{"reference_url":"https://security.archlinux.org/AVG-1846","reference_id":"AVG-1846","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1846"},{"reference_url":"https://security.gentoo.org/glsa/202208-36","reference_id":"GLSA-202208-36","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:42:44Z/"}],"url":"https://security.gentoo.org/glsa/202208-36"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/372103?format=json","purl":"pkg:alpm/archlinux/virtualbox@6.1.20-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/virtualbox@6.1.20-1"}],"aliases":["CVE-2021-2281"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e7tk-fpb8-yugw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43159?format=json","vulnerability_id":"VCID-f8a4-p5xx-sqab","summary":"Multiple vulnerabilities have been discovered in Oracle Virtualbox, the worst of which could result in root privilege escalation.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-2296","reference_id":"","reference_type":"","scores":[{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25736","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25698","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25587","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25653","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25714","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25641","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25659","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25945","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.26027","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.26069","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25835","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25904","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25956","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25966","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25921","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25862","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25866","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25847","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25818","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25754","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25745","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-2296"},{"reference_url":"https://security.archlinux.org/ASA-202104-9","reference_id":"ASA-202104-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202104-9"},{"reference_url":"https://security.archlinux.org/AVG-1846","reference_id":"AVG-1846","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1846"},{"reference_url":"https://security.gentoo.org/glsa/202208-36","reference_id":"GLSA-202208-36","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T13:52:47Z/"}],"url":"https://security.gentoo.org/glsa/202208-36"},{"reference_url":"https://www.zerodayinitiative.com/advisories/ZDI-21-459/","reference_id":"ZDI-21-459","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T13:52:47Z/"}],"url":"https://www.zerodayinitiative.com/advisories/ZDI-21-459/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/372103?format=json","purl":"pkg:alpm/archlinux/virtualbox@6.1.20-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/virtualbox@6.1.20-1"}],"aliases":["CVE-2021-2296"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-f8a4-p5xx-sqab"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43194?format=json","vulnerability_id":"VCID-fuce-smna-wych","summary":"Multiple vulnerabilities have been discovered in Oracle Virtualbox, the worst of which could result in root privilege escalation.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-2309","reference_id":"","reference_type":"","scores":[{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.2593","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.25904","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.25795","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.25852","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.2591","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.25836","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.25853","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.2616","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.26241","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.26281","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.26051","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.26117","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.26166","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.26174","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.26129","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.2607","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.26074","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.26052","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.26018","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.25957","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.25952","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-2309"},{"reference_url":"https://security.archlinux.org/ASA-202104-9","reference_id":"ASA-202104-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202104-9"},{"reference_url":"https://security.archlinux.org/AVG-1846","reference_id":"AVG-1846","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1846"},{"reference_url":"https://security.gentoo.org/glsa/202208-36","reference_id":"GLSA-202208-36","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-26T13:58:52Z/"}],"url":"https://security.gentoo.org/glsa/202208-36"},{"reference_url":"https://www.zerodayinitiative.com/advisories/ZDI-21-461/","reference_id":"ZDI-21-461","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-26T13:58:52Z/"}],"url":"https://www.zerodayinitiative.com/advisories/ZDI-21-461/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/372103?format=json","purl":"pkg:alpm/archlinux/virtualbox@6.1.20-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/virtualbox@6.1.20-1"}],"aliases":["CVE-2021-2309"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fuce-smna-wych"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43128?format=json","vulnerability_id":"VCID-gguv-hvra-23ff","summary":"Multiple vulnerabilities have been discovered in Oracle Virtualbox, the worst of which could result in root privilege escalation.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-2282","reference_id":"","reference_type":"","scores":[{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.35728","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.3571","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.35732","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.3564","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.35663","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.36058","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.36253","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.36286","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.36122","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.36171","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.36189","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.36195","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.36158","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.36132","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.36174","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.36159","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.36107","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.35877","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.35845","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.35758","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.35641","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-2282"},{"reference_url":"https://security.archlinux.org/ASA-202104-9","reference_id":"ASA-202104-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202104-9"},{"reference_url":"https://security.archlinux.org/AVG-1846","reference_id":"AVG-1846","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1846"},{"reference_url":"https://security.gentoo.org/glsa/202208-36","reference_id":"GLSA-202208-36","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:42:42Z/"}],"url":"https://security.gentoo.org/glsa/202208-36"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/372103?format=json","purl":"pkg:alpm/archlinux/virtualbox@6.1.20-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/virtualbox@6.1.20-1"}],"aliases":["CVE-2021-2282"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gguv-hvra-23ff"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43138?format=json","vulnerability_id":"VCID-mtk7-rr3s-1ua6","summary":"Multiple vulnerabilities have been discovered in Oracle Virtualbox, the worst of which could result in root privilege escalation.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-2287","reference_id":"","reference_type":"","scores":[{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39623","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39594","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39611","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39526","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39551","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39875","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.40023","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.40049","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.3997","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.40036","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.40047","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.4001","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.3999","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.4004","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.40011","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39933","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39759","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39746","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.3966","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39529","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-2287"},{"reference_url":"https://security.archlinux.org/ASA-202104-9","reference_id":"ASA-202104-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202104-9"},{"reference_url":"https://security.archlinux.org/AVG-1846","reference_id":"AVG-1846","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1846"},{"reference_url":"https://security.gentoo.org/glsa/202208-36","reference_id":"GLSA-202208-36","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T13:52:52Z/"}],"url":"https://security.gentoo.org/glsa/202208-36"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/372103?format=json","purl":"pkg:alpm/archlinux/virtualbox@6.1.20-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/virtualbox@6.1.20-1"}],"aliases":["CVE-2021-2287"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mtk7-rr3s-1ua6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43146?format=json","vulnerability_id":"VCID-puye-vcas-s7dv","summary":"Multiple vulnerabilities have been discovered in Oracle Virtualbox, the worst of which could result in root privilege escalation.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-2291","reference_id":"","reference_type":"","scores":[{"value":"0.0017","scoring_system":"epss","scoring_elements":"0.37782","published_at":"2026-05-14T12:55:00Z"},{"value":"0.0017","scoring_system":"epss","scoring_elements":"0.38207","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0017","scoring_system":"epss","scoring_elements":"0.3814","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0017","scoring_system":"epss","scoring_elements":"0.37966","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0017","scoring_system":"epss","scoring_elements":"0.37943","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0017","scoring_system":"epss","scoring_elements":"0.37849","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0017","scoring_system":"epss","scoring_elements":"0.37738","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0017","scoring_system":"epss","scoring_elements":"0.37806","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0017","scoring_system":"epss","scoring_elements":"0.3782","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0017","scoring_system":"epss","scoring_elements":"0.37732","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0017","scoring_system":"epss","scoring_elements":"0.37705","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0017","scoring_system":"epss","scoring_elements":"0.38161","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0017","scoring_system":"epss","scoring_elements":"0.38212","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0017","scoring_system":"epss","scoring_elements":"0.3822","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0017","scoring_system":"epss","scoring_elements":"0.38239","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0017","scoring_system":"epss","scoring_elements":"0.38203","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0017","scoring_system":"epss","scoring_elements":"0.38179","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0017","scoring_system":"epss","scoring_elements":"0.38226","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00425","scoring_system":"epss","scoring_elements":"0.62217","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00425","scoring_system":"epss","scoring_elements":"0.62186","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00425","scoring_system":"epss","scoring_elements":"0.62125","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-2291"},{"reference_url":"https://security.archlinux.org/ASA-202104-9","reference_id":"ASA-202104-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202104-9"},{"reference_url":"https://security.archlinux.org/AVG-1846","reference_id":"AVG-1846","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1846"},{"reference_url":"https://security.gentoo.org/glsa/202208-36","reference_id":"GLSA-202208-36","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T13:52:50Z/"}],"url":"https://security.gentoo.org/glsa/202208-36"},{"reference_url":"https://www.zerodayinitiative.com/advisories/ZDI-21-457/","reference_id":"ZDI-21-457","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T13:52:50Z/"}],"url":"https://www.zerodayinitiative.com/advisories/ZDI-21-457/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/372103?format=json","purl":"pkg:alpm/archlinux/virtualbox@6.1.20-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/virtualbox@6.1.20-1"}],"aliases":["CVE-2021-2291"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-puye-vcas-s7dv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43089?format=json","vulnerability_id":"VCID-qbjr-mw28-9ufu","summary":"Multiple vulnerabilities have been discovered in Oracle Virtualbox, the worst of which could result in root privilege escalation.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-2250","reference_id":"","reference_type":"","scores":[{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.35098","published_at":"2026-05-14T12:55:00Z"},{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.35121","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.35","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.35071","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.35101","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.35005","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.35029","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.35361","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.3556","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.35586","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.35468","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.35514","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.35538","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.35548","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.35504","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.35482","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.35521","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.35511","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.35459","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.35223","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.35201","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-2250"},{"reference_url":"https://security.archlinux.org/ASA-202104-9","reference_id":"ASA-202104-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202104-9"},{"reference_url":"https://security.archlinux.org/AVG-1846","reference_id":"AVG-1846","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1846"},{"reference_url":"https://security.gentoo.org/glsa/202208-36","reference_id":"GLSA-202208-36","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-26T14:48:41Z/"}],"url":"https://security.gentoo.org/glsa/202208-36"},{"reference_url":"https://www.zerodayinitiative.com/advisories/ZDI-21-484/","reference_id":"ZDI-21-484","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-26T14:48:41Z/"}],"url":"https://www.zerodayinitiative.com/advisories/ZDI-21-484/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/372103?format=json","purl":"pkg:alpm/archlinux/virtualbox@6.1.20-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/virtualbox@6.1.20-1"}],"aliases":["CVE-2021-2250"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qbjr-mw28-9ufu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43185?format=json","vulnerability_id":"VCID-t3m7-zvcc-3qar","summary":"Multiple vulnerabilities have been discovered in Oracle Virtualbox, the worst of which could result in root privilege escalation.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-2306","reference_id":"","reference_type":"","scores":[{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20097","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.19941","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20018","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20103","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20073","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.202","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20349","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20409","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20134","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20216","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20274","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20299","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20253","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20194","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20186","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.2019","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20189","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20068","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20063","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20031","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-2306"},{"reference_url":"https://security.archlinux.org/ASA-202104-9","reference_id":"ASA-202104-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202104-9"},{"reference_url":"https://security.archlinux.org/AVG-1846","reference_id":"AVG-1846","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1846"},{"reference_url":"https://security.gentoo.org/glsa/202208-36","reference_id":"GLSA-202208-36","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T13:52:36Z/"}],"url":"https://security.gentoo.org/glsa/202208-36"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/372103?format=json","purl":"pkg:alpm/archlinux/virtualbox@6.1.20-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/virtualbox@6.1.20-1"}],"aliases":["CVE-2021-2306"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t3m7-zvcc-3qar"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43135?format=json","vulnerability_id":"VCID-u1n4-8wg1-cfea","summary":"Multiple vulnerabilities have been discovered in Oracle Virtualbox, the worst of which could result in root privilege escalation.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-2284","reference_id":"","reference_type":"","scores":[{"value":"0.00169","scoring_system":"epss","scoring_elements":"0.37691","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00169","scoring_system":"epss","scoring_elements":"0.3771","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00169","scoring_system":"epss","scoring_elements":"0.37727","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00169","scoring_system":"epss","scoring_elements":"0.37641","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00169","scoring_system":"epss","scoring_elements":"0.37613","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00169","scoring_system":"epss","scoring_elements":"0.3803","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00169","scoring_system":"epss","scoring_elements":"0.3821","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00169","scoring_system":"epss","scoring_elements":"0.38233","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00169","scoring_system":"epss","scoring_elements":"0.38103","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00169","scoring_system":"epss","scoring_elements":"0.38153","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00169","scoring_system":"epss","scoring_elements":"0.38161","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00169","scoring_system":"epss","scoring_elements":"0.38179","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00169","scoring_system":"epss","scoring_elements":"0.38143","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00169","scoring_system":"epss","scoring_elements":"0.38119","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00169","scoring_system":"epss","scoring_elements":"0.38165","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00169","scoring_system":"epss","scoring_elements":"0.38146","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00169","scoring_system":"epss","scoring_elements":"0.38081","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00169","scoring_system":"epss","scoring_elements":"0.37866","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00169","scoring_system":"epss","scoring_elements":"0.37843","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00169","scoring_system":"epss","scoring_elements":"0.37749","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00169","scoring_system":"epss","scoring_elements":"0.3764","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-2284"},{"reference_url":"https://security.archlinux.org/ASA-202104-9","reference_id":"ASA-202104-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202104-9"},{"reference_url":"https://security.archlinux.org/AVG-1846","reference_id":"AVG-1846","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1846"},{"reference_url":"https://security.gentoo.org/glsa/202208-36","reference_id":"GLSA-202208-36","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:42:39Z/"}],"url":"https://security.gentoo.org/glsa/202208-36"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/372103?format=json","purl":"pkg:alpm/archlinux/virtualbox@6.1.20-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/virtualbox@6.1.20-1"}],"aliases":["CVE-2021-2284"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u1n4-8wg1-cfea"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43173?format=json","vulnerability_id":"VCID-xh4p-m9fs-y3eb","summary":"Multiple vulnerabilities have been discovered in Oracle Virtualbox, the worst of which could result in root privilege escalation.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-2297","reference_id":"","reference_type":"","scores":[{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25736","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25698","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25587","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25653","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25714","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25641","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25659","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25945","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.26027","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.26069","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25835","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25904","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25956","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25966","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25921","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25862","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25866","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25847","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25818","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25754","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25745","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-2297"},{"reference_url":"https://security.archlinux.org/ASA-202104-9","reference_id":"ASA-202104-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202104-9"},{"reference_url":"https://security.archlinux.org/AVG-1846","reference_id":"AVG-1846","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1846"},{"reference_url":"https://security.gentoo.org/glsa/202208-36","reference_id":"GLSA-202208-36","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T13:52:46Z/"}],"url":"https://security.gentoo.org/glsa/202208-36"},{"reference_url":"https://www.zerodayinitiative.com/advisories/ZDI-21-462/","reference_id":"ZDI-21-462","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T13:52:46Z/"}],"url":"https://www.zerodayinitiative.com/advisories/ZDI-21-462/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/372103?format=json","purl":"pkg:alpm/archlinux/virtualbox@6.1.20-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/virtualbox@6.1.20-1"}],"aliases":["CVE-2021-2297"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xh4p-m9fs-y3eb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43095?format=json","vulnerability_id":"VCID-y4xt-atn4-g7bv","summary":"Multiple vulnerabilities have been discovered in Oracle Virtualbox, the worst of which could result in root privilege escalation.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-2266","reference_id":"","reference_type":"","scores":[{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.21906","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.21753","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.21829","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.21801","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.21824","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.21951","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.22112","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.2216","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.21943","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.22023","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.22078","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.22093","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.22052","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.21992","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.2199","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.21985","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.2194","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.21794","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.21783","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.21774","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.21682","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-2266"},{"reference_url":"https://security.archlinux.org/ASA-202104-9","reference_id":"ASA-202104-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202104-9"},{"reference_url":"https://security.archlinux.org/AVG-1846","reference_id":"AVG-1846","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1846"},{"reference_url":"https://security.gentoo.org/glsa/202208-36","reference_id":"GLSA-202208-36","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:42:48Z/"}],"url":"https://security.gentoo.org/glsa/202208-36"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/372103?format=json","purl":"pkg:alpm/archlinux/virtualbox@6.1.20-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/virtualbox@6.1.20-1"}],"aliases":["CVE-2021-2266"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y4xt-atn4-g7bv"}],"fixing_vulnerabilities":[],"risk_score":"4.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/virtualbox@6.1.18-2"}