Januscape (CVE-2026-53359): First Cross-Architecture KVM/x86 Guest-to-Host Escape Vulnerability
By
Imustaskforhelp
Summary
This document describes the Januscape vulnerability (CVE-2026-53359), a KVM/x86 guest-to-host escape discovered by Hyunwoo Kim. It is a use-after-free vulnerability in the shadow MMU emulation of KVM/x86 that allows a guest to escape to the host. Notably, it is the first publicly known guest-to-host exploit research triggerable on both Intel and AMD architectures, rather than being limited to a single architecture.
Source
Key quotes
· 3 pulledThis is the first guest-to-host exploit research triggerable on both Intel and AMD rather than being limited to a single architecture.
Januscape is a use-after-free vulnerability in the shadow MMU emulation of KVM/x86.
It can trigger the bug with guest-side actions alone to corrupt the host kernel.
You might also wanna read
16-Year-Old Linux KVM Flaw Lets Guest VMs Escape to Host on Intel and AMD x86 Systems
16-Year-Old Linux KVM Flaw Lets Guest VMs Escape to Host on Intel and AMD x86 Systems
Critical zero-click prompt injection vulnerabilities in Cursor AI code editor allow sandbox escape and remote code execution
Two critical zero-click prompt injection vulnerabilities (CVE-2026-50548 and CVE-2026-50549, collectively "DuneSlide") were discovered in Cu
undercodetesting.com·3d agoCritical Cursor AI IDE Vulnerabilities Allow Remote Code Execution via Prompt Injection
Two critical vulnerabilities (CVE-2026-50548 and CVE-2026-50549) have been discovered in Cursor AI IDE, each with a CVSS score of 9.8. Named
CVE-2026-8037: Critical Unauthenticated RCE in Progress Kemp LoadMaster Actively Exploited
A critical unauthenticated remote code execution vulnerability (CVE-2026-8037) in Progress Kemp LoadMaster is being actively exploited in th
undercodetesting.com·3d agoCVE-2026-12043: Heap Double-Free Vulnerability Discovered in AWS Common Runtime aws-c-http Library
AWS disclosed CVE-2026-12043, a heap double-free vulnerability in the AWS Common Runtime aws-c-http library. The issue stems from improper h

Comments
Sign in to join the conversation.
No comments yet. Be the first.