CVE-2026-23762
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
Summary
VB-Audio Voicemeeter, Voicemeeter Banana, and Voicemeeter Potato (versions ending in 1.1.1.9, 2.1.1.9, and 3.1.1.9 and earlier, respectively), as well as VB-Audio Matrix and Matrix Coconut (versions ending in 1.0.2.2 and 2.0.2.2 and earlier, respectively), contain a vulnerability in their virtual audio drivers (vbvoicemeetervaio64*.sys, vbmatrixvaio64*.sys, vbaudio_vmauxvaio*.sys, vbaudio_vmvaio*.sys, and vbaudio_vmvaio3*.sys). The drivers map non-paged pool memory into user space via MmMapLockedPagesSpecifyCache using UserMode access without proper exception handling. If the mapping fails, such as when a process has exhausted available virtual address space, MmMapLockedPagesSpecifyCache raises an exception that is not caught, causing a kernel crash (BSoD), typically SYSTEM_SERVICE_EXCEPTION with STATUS_NO_MEMORY. This flaw allows a local unprivileged user to trigger a denial-of-service on affected Windows systems.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| VB-Audio Software | Voicemeeter (Standard) | 0 <= 1.1.1.9 | affected |
| VB-Audio Software | Voicemeeter Banana | 0 <= 2.1.1.9 | affected |
| VB-Audio Software | Voicemeeter Potato | 0 <= 3.1.1.9 | affected |
| VB-Audio Software | Matrix | 0 <= 1.0.2.2 | affected |
| VB-Audio Software | Matrix Coconut | 0 <= 2.0.2.2 | affected |
Weaknesses
- CWE-755: CWE-755 Improper Handling of Exceptional Conditions
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: poc
- Automatable: no
- Technical Impact: partial
References
- https://github.com/emkaix/security-research/tree/main/CVE-2026-23762
- https://forum.vb-audio.com/viewtopic.php?p=7574#p7574
- https://forum.vb-audio.com/viewtopic.php?p=7527#p7527
- https://vb-audio.com/
- https://www.vulncheck.com/advisories/vb-audio-voicemeeter-and-matrix-drivers-dos-via-mmmaplockedpagesspecifycache
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.