{"url":"http://public2.vulnerablecode.io/api/packages/942241?format=json","purl":"pkg:deb/debian/virtualbox@7.0.26-dfsg-1?distro=sid","type":"deb","namespace":"debian","name":"virtualbox","version":"7.0.26-dfsg-1","qualifiers":{"distro":"sid"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"7.1.12-dfsg-1","latest_non_vulnerable_version":"7.2.8-dfsg-1","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/320944?format=json","vulnerability_id":"VCID-brjs-bfrf-jqbw","summary":"Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core).   The supported version that is affected is 7.1.6. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox.  While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change).  Successful attacks of this vulnerability can result in  unauthorized creation, deletion or modification access to critical data or all Oracle VM VirtualBox accessible data as well as  unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.1 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:L).","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-30712","reference_id":"","reference_type":"","scores":[{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24336","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24462","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24748","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24787","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24559","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24629","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24676","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24691","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.2465","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24593","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24606","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24597","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24574","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24517","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24504","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-30712"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103582","reference_id":"1103582","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103582"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2025.html","reference_id":"cpuapr2025.html","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:L"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-05-16T14:40:52Z/"}],"url":"https://www.oracle.com/security-alerts/cpuapr2025.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942241?format=json","purl":"pkg:deb/debian/virtualbox@7.0.26-dfsg-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.0.26-dfsg-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/942186?format=json","purl":"pkg:deb/debian/virtualbox@7.2.6-dfsg-3.2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.2.6-dfsg-3.2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059665?format=json","purl":"pkg:deb/debian/virtualbox@7.2.6-dfsg-4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.2.6-dfsg-4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088739?format=json","purl":"pkg:deb/debian/virtualbox@7.2.8-dfsg-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.2.8-dfsg-1%3Fdistro=sid"}],"aliases":["CVE-2025-30712"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-brjs-bfrf-jqbw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73606?format=json","vulnerability_id":"VCID-dedn-32wh-qkb2","summary":"Core: From CVEorg collector","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21248.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21248.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21248","reference_id":"","reference_type":"","scores":[{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07684","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07723","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07701","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07685","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07717","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07683","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07742","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.0776","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07747","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.0773","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07656","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07643","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07792","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.0775","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21248"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085440","reference_id":"1085440","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085440"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2318928","reference_id":"2318928","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2318928"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.0.22:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.0.22:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.0.22:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.1.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.1.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.1.2:*:*:*:*:*:*:*"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942241?format=json","purl":"pkg:deb/debian/virtualbox@7.0.26-dfsg-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.0.26-dfsg-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/942186?format=json","purl":"pkg:deb/debian/virtualbox@7.2.6-dfsg-3.2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.2.6-dfsg-3.2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059665?format=json","purl":"pkg:deb/debian/virtualbox@7.2.6-dfsg-4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.2.6-dfsg-4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088739?format=json","purl":"pkg:deb/debian/virtualbox@7.2.8-dfsg-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.2.8-dfsg-1%3Fdistro=sid"}],"aliases":["CVE-2024-21248"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dedn-32wh-qkb2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73594?format=json","vulnerability_id":"VCID-gx18-8hyk-m7es","summary":"Oracle VM VirtualBox: From CVEorg collector","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21253.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21253.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21253","reference_id":"","reference_type":"","scores":[{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.07793","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.07844","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.07821","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.07832","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.0788","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.07834","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.07891","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.07915","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.07902","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.07886","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.07872","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.07786","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.07763","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.07876","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21253"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085440","reference_id":"1085440","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085440"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2318893","reference_id":"2318893","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2318893"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.0.22:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.0.22:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.0.22:*:*:*:*:*:*:*"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942241?format=json","purl":"pkg:deb/debian/virtualbox@7.0.26-dfsg-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.0.26-dfsg-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/942186?format=json","purl":"pkg:deb/debian/virtualbox@7.2.6-dfsg-3.2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.2.6-dfsg-3.2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059665?format=json","purl":"pkg:deb/debian/virtualbox@7.2.6-dfsg-4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.2.6-dfsg-4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088739?format=json","purl":"pkg:deb/debian/virtualbox@7.2.8-dfsg-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.2.8-dfsg-1%3Fdistro=sid"}],"aliases":["CVE-2024-21253"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gx18-8hyk-m7es"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/320954?format=json","vulnerability_id":"VCID-jjh6-f68g-e3dp","summary":"Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core).   The supported version that is affected is 7.1.6. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox.  While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change).  Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox as well as  unauthorized update, insert or delete access to some of Oracle VM VirtualBox accessible data and  unauthorized read access to a subset of Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 6.7 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:H).","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-30725","reference_id":"","reference_type":"","scores":[{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16347","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16483","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16781","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16838","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16623","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16708","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16762","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16742","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16699","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16643","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16579","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16587","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16626","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16528","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16516","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-30725"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103582","reference_id":"1103582","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103582"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2025.html","reference_id":"cpuapr2025.html","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T15:17:57Z/"}],"url":"https://www.oracle.com/security-alerts/cpuapr2025.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942241?format=json","purl":"pkg:deb/debian/virtualbox@7.0.26-dfsg-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.0.26-dfsg-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/942186?format=json","purl":"pkg:deb/debian/virtualbox@7.2.6-dfsg-3.2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.2.6-dfsg-3.2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059665?format=json","purl":"pkg:deb/debian/virtualbox@7.2.6-dfsg-4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.2.6-dfsg-4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088739?format=json","purl":"pkg:deb/debian/virtualbox@7.2.8-dfsg-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.2.8-dfsg-1%3Fdistro=sid"}],"aliases":["CVE-2025-30725"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jjh6-f68g-e3dp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73573?format=json","vulnerability_id":"VCID-mq6q-nyqt-zqhx","summary":"Oracle Virtualization: From CVEorg collector","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21273.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21273.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21273","reference_id":"","reference_type":"","scores":[{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.18417","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.18318","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.18631","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.18686","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.18402","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.18483","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.18536","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.18538","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.18489","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.18439","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.18382","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.18394","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25011","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25178","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25132","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21273"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085440","reference_id":"1085440","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085440"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2318878","reference_id":"2318878","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2318878"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.0.22:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.0.22:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.0.22:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.1.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.1.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.1.2:*:*:*:*:*:*:*"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942241?format=json","purl":"pkg:deb/debian/virtualbox@7.0.26-dfsg-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.0.26-dfsg-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/942186?format=json","purl":"pkg:deb/debian/virtualbox@7.2.6-dfsg-3.2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.2.6-dfsg-3.2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059665?format=json","purl":"pkg:deb/debian/virtualbox@7.2.6-dfsg-4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.2.6-dfsg-4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088739?format=json","purl":"pkg:deb/debian/virtualbox@7.2.8-dfsg-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.2.8-dfsg-1%3Fdistro=sid"}],"aliases":["CVE-2024-21273"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mq6q-nyqt-zqhx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/320950?format=json","vulnerability_id":"VCID-n2ce-z1qr-1kgy","summary":"Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core).   The supported version that is affected is 7.1.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox.  Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox and  unauthorized read access to a subset of Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 6.1 (Confidentiality and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H).","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-30719","reference_id":"","reference_type":"","scores":[{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.21804","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.21894","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22225","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22272","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22056","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22136","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22191","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22212","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22171","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22111","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22104","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22059","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.21918","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.21907","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-30719"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103582","reference_id":"1103582","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103582"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2025.html","reference_id":"cpuapr2025.html","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-17T13:38:56Z/"}],"url":"https://www.oracle.com/security-alerts/cpuapr2025.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942241?format=json","purl":"pkg:deb/debian/virtualbox@7.0.26-dfsg-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.0.26-dfsg-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/942186?format=json","purl":"pkg:deb/debian/virtualbox@7.2.6-dfsg-3.2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.2.6-dfsg-3.2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059665?format=json","purl":"pkg:deb/debian/virtualbox@7.2.6-dfsg-4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.2.6-dfsg-4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088739?format=json","purl":"pkg:deb/debian/virtualbox@7.2.8-dfsg-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.2.8-dfsg-1%3Fdistro=sid"}],"aliases":["CVE-2025-30719"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n2ce-z1qr-1kgy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73589?format=json","vulnerability_id":"VCID-pfke-a98y-akej","summary":"Oracle Virtualization: From CVEorg collector","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21259.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21259.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21259","reference_id":"","reference_type":"","scores":[{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19373","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19526","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19487","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19844","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19898","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19627","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19707","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19758","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19762","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19713","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19656","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19632","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19634","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19648","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19539","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21259"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085440","reference_id":"1085440","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085440"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2318872","reference_id":"2318872","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2318872"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.0.22:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.0.22:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.0.22:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.1.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.1.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.1.2:*:*:*:*:*:*:*"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942241?format=json","purl":"pkg:deb/debian/virtualbox@7.0.26-dfsg-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.0.26-dfsg-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/942186?format=json","purl":"pkg:deb/debian/virtualbox@7.2.6-dfsg-3.2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.2.6-dfsg-3.2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059665?format=json","purl":"pkg:deb/debian/virtualbox@7.2.6-dfsg-4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.2.6-dfsg-4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088739?format=json","purl":"pkg:deb/debian/virtualbox@7.2.8-dfsg-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.2.8-dfsg-1%3Fdistro=sid"}],"aliases":["CVE-2024-21259"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pfke-a98y-akej"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/315020?format=json","vulnerability_id":"VCID-segw-gnkd-6ybu","summary":"Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core).  Supported versions that are affected are Prior to 7.0.24 and  prior to 7.1.6. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox.  While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change).  Successful attacks of this vulnerability can result in  unauthorized creation, deletion or modification access to critical data or all Oracle VM VirtualBox accessible data as well as  unauthorized read access to a subset of Oracle VM VirtualBox accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle VM VirtualBox. CVSS 3.1 Base Score 7.3 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:H/A:L).","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-21571","reference_id":"","reference_type":"","scores":[{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06268","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06251","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06001","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06036","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.0602","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06059","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06098","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06088","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06083","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06075","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06039","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06047","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06197","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06211","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06242","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-21571"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1093879","reference_id":"1093879","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1093879"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.0.24:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.0.24:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.0.24:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.1.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.1.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.1.6:*:*:*:*:*:*:*"},{"reference_url":"https://www.oracle.com/security-alerts/cpujan2025.html","reference_id":"cpujan2025.html","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:H/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-22T14:39:45Z/"}],"url":"https://www.oracle.com/security-alerts/cpujan2025.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942241?format=json","purl":"pkg:deb/debian/virtualbox@7.0.26-dfsg-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.0.26-dfsg-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/942186?format=json","purl":"pkg:deb/debian/virtualbox@7.2.6-dfsg-3.2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.2.6-dfsg-3.2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059665?format=json","purl":"pkg:deb/debian/virtualbox@7.2.6-dfsg-4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.2.6-dfsg-4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088739?format=json","purl":"pkg:deb/debian/virtualbox@7.2.8-dfsg-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.2.8-dfsg-1%3Fdistro=sid"}],"aliases":["CVE-2025-21571"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-segw-gnkd-6ybu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/314991?format=json","vulnerability_id":"VCID-tmny-4bf3-vqcp","summary":"Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core).  Supported versions that are affected are Prior to 7.0.24 and  prior to 7.1.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox.  Successful attacks of this vulnerability can result in  unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 5.5 (Confidentiality impacts).  CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-21533","reference_id":"","reference_type":"","scores":[{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.22847","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.22953","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23285","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23328","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23117","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23191","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23242","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23264","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23226","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23168","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23184","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23177","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23138","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.22962","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.22956","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-21533"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1093879","reference_id":"1093879","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1093879"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.0.24:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.0.24:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.0.24:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.1.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.1.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.1.6:*:*:*:*:*:*:*"},{"reference_url":"https://www.oracle.com/security-alerts/cpujan2025.html","reference_id":"cpujan2025.html","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-22T18:28:32Z/"}],"url":"https://www.oracle.com/security-alerts/cpujan2025.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942241?format=json","purl":"pkg:deb/debian/virtualbox@7.0.26-dfsg-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.0.26-dfsg-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/942186?format=json","purl":"pkg:deb/debian/virtualbox@7.2.6-dfsg-3.2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.2.6-dfsg-3.2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059665?format=json","purl":"pkg:deb/debian/virtualbox@7.2.6-dfsg-4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.2.6-dfsg-4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088739?format=json","purl":"pkg:deb/debian/virtualbox@7.2.8-dfsg-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.2.8-dfsg-1%3Fdistro=sid"}],"aliases":["CVE-2025-21533"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tmny-4bf3-vqcp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73584?format=json","vulnerability_id":"VCID-uk8u-t1km-zqd6","summary":"core: From CVEorg collector","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21263.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21263.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21263","reference_id":"","reference_type":"","scores":[{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18557","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18684","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18748","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18727","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00079","scoring_system":"epss","scoring_elements":"0.23406","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00079","scoring_system":"epss","scoring_elements":"0.23456","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00079","scoring_system":"epss","scoring_elements":"0.23476","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00079","scoring_system":"epss","scoring_elements":"0.23382","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00079","scoring_system":"epss","scoring_elements":"0.234","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00079","scoring_system":"epss","scoring_elements":"0.23395","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00079","scoring_system":"epss","scoring_elements":"0.23376","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00079","scoring_system":"epss","scoring_elements":"0.23437","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00079","scoring_system":"epss","scoring_elements":"0.23513","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00079","scoring_system":"epss","scoring_elements":"0.23549","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00079","scoring_system":"epss","scoring_elements":"0.23333","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21263"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085440","reference_id":"1085440","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085440"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2318920","reference_id":"2318920","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2318920"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.0.22:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.0.22:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.0.22:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.1.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.1.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.1.2:*:*:*:*:*:*:*"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942241?format=json","purl":"pkg:deb/debian/virtualbox@7.0.26-dfsg-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.0.26-dfsg-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/942186?format=json","purl":"pkg:deb/debian/virtualbox@7.2.6-dfsg-3.2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.2.6-dfsg-3.2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059665?format=json","purl":"pkg:deb/debian/virtualbox@7.2.6-dfsg-4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.2.6-dfsg-4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088739?format=json","purl":"pkg:deb/debian/virtualbox@7.2.8-dfsg-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.2.8-dfsg-1%3Fdistro=sid"}],"aliases":["CVE-2024-21263"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uk8u-t1km-zqd6"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.0.26-dfsg-1%3Fdistro=sid"}