A vulnerability has been found in Oracle VM VirtualBox 7.2.8 and classified as critical . The impacted element is an unknown function of the component VMSVGA Device . Performing a manipulation results in improper authorization. This vulnerability is cataloged as CVE-2026-46977 . The attack must be initiated from a local position. There is no exploit available. The affected component should be upgraded.