There is a new version (6.1.28) that fixes some CVE vulnerabilities in Factory (https://build.opensuse.org/package/show/openSUSE%3AFactory/virtualbox). Please push it to Leap 15.4. Thanks.