The current version of VirtualBox is 7.2.12 (as of 08/07/2026).
VirtualBox
Oracle · current 7.2.12
Actively exploited vulnerabilities
The US cybersecurity agency CISA lists this vulnerability in its catalog of Known Exploited Vulnerabilities. Check your version and patch or mitigate promptly.
- CVE-2008-3431Oracle VirtualBox Insufficient Input Validation Vulnerability
Source: CISA KEV. The CVE is matched to the product automatically — when in doubt, the linked NVD entry applies.
VirtualBox at a glance
Oracle VirtualBox is a widely used, free desktop virtualization platform for running virtual machines on Windows, macOS and Linux. Oracle ships regular releases plus quarterly Critical Patch Updates that carry security fixes; as software that runs untrusted guest OSes, those fixes matter.
For admins VirtualBox has had notable security advisories, including guest-to-host escape classes, so apply the quarterly security updates promptly — especially where untrusted guests run. Update the base package and the matching Guest Additions and Extension Pack together (mismatches cause problems), and mind the Extension Pack's licensing for commercial use. Take VM snapshots before larger updates. After updating, verify that VMs still boot and networking works. VirtualBox runs with significant privileges — keep it current and source it officially. Track the version and its support status.
Release history · as detected by patchletter
| Version | Channel | Date | Notes |
|---|---|---|---|
| 7.2.12 | STABLE | 08/07/2026 | – |
Never miss a VirtualBox update
We check the source daily and email you — instantly or as a digest. Free, one-click unsubscribe.
Watch VirtualBox