{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66791?format=json","vulnerability_id":"VCID-v86w-2mu2-e7b1","summary":"VB-Audio Voicemeeter, Voicemeeter Banana, and Voicemeeter Potato (versions ending in 1.1.1.9, 2.1.1.9, and 3.1.1.9 and earlier, respectively), as well as VB-Audio Matrix and Matrix Coconut (versions ending in 1.0.2.2 and 2.0.2.2 and earlier, respectively), contain a vulnerability in their virtual audio drivers (vbvoicemeetervaio64*.sys, vbmatrixvaio64*.sys, vbaudio_vmauxvaio*.sys, vbaudio_vmvaio*.sys, and vbaudio_vmvaio3*.sys). The drivers map non-paged pool memory into user space via MmMapLockedPagesSpecifyCache using UserMode access without proper exception handling. If the mapping fails, such as when a process has exhausted available virtual address space, MmMapLockedPagesSpecifyCache raises an exception that is not caught, causing a kernel crash (BSoD), typically SYSTEM_SERVICE_EXCEPTION with STATUS_NO_MEMORY. This flaw allows a local unprivileged user to trigger a denial-of-service on affected Windows systems.","aliases":[{"alias":"CVE-2026-23762"}],"fixed_packages":[],"affected_packages":[],"references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-23762","reference_id":"","reference_type":"","scores":[{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00783","published_at":"2026-06-11T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.0078","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-23762"},{"reference_url":"https://github.com/emkaix/security-research/tree/main/CVE-2026-23762","reference_id":"CVE-2026-23762","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-22T18:24:43Z/"}],"url":"https://github.com/emkaix/security-research/tree/main/CVE-2026-23762"},{"reference_url":"https://vb-audio.com/","reference_id":"vb-audio.com","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-22T18:24:43Z/"}],"url":"https://vb-audio.com/"},{"reference_url":"https://www.vulncheck.com/advisories/vb-audio-voicemeeter-and-matrix-drivers-dos-via-mmmaplockedpagesspecifycache","reference_id":"vb-audio-voicemeeter-and-matrix-drivers-dos-via-mmmaplockedpagesspecifycache","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-22T18:24:43Z/"}],"url":"https://www.vulncheck.com/advisories/vb-audio-voicemeeter-and-matrix-drivers-dos-via-mmmaplockedpagesspecifycache"},{"reference_url":"https://forum.vb-audio.com/viewtopic.php?p=7527#p7527","reference_id":"viewtopic.php?p=7527#p7527","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-22T18:24:43Z/"}],"url":"https://forum.vb-audio.com/viewtopic.php?p=7527#p7527"},{"reference_url":"https://forum.vb-audio.com/viewtopic.php?p=7574#p7574","reference_id":"viewtopic.php?p=7574#p7574","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-22T18:24:43Z/"}],"url":"https://forum.vb-audio.com/viewtopic.php?p=7574#p7574"}],"weaknesses":[{"cwe_id":755,"name":"Improper Handling of Exceptional Conditions","description":"The product does not handle or incorrectly handles an exceptional condition."}],"exploits":[],"severity_range_score":"6.9 - 6.9","exploitability":null,"weighted_severity":null,"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v86w-2mu2-e7b1"}