<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-08T12:09:58.739402+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/afc31830-06c4-4f37-84c8-82129b0ac654/export</id>
    <title>afc31830-06c4-4f37-84c8-82129b0ac654</title>
    <updated>2026-07-08T12:09:58.767083+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "afc31830-06c4-4f37-84c8-82129b0ac654", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53359", "type": "seen", "source": "https://bsky.app/profile/crustytldr.bsky.social/post/3mq3zp2b35w2o", "content": "\ud83d\udcf0 If you self-host KVM/Proxmox with nested virtualization enabled, check for CVE-2026-53359 patches\n\nA Linux kernel vulnerability, CVE-2026-53359 (\"Januscape\"), affects KVM's shadow paging code w...\n\nhttps://tinyurl.com/2ybvt5yt #TechNews #CrustyTLDR", "creation_timestamp": "2026-07-08T02:03:31.669360Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/afc31830-06c4-4f37-84c8-82129b0ac654/export"/>
    <published>2026-07-08T02:03:31.669360+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/ec451422-4923-4b99-91fe-e9fdaf2c8cc9/export</id>
    <title>ec451422-4923-4b99-91fe-e9fdaf2c8cc9</title>
    <updated>2026-07-08T12:09:58.769339+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "ec451422-4923-4b99-91fe-e9fdaf2c8cc9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53359", "type": "seen", "source": "https://threatintel.cc/2026/07/07/linux-kernel-vulnerability-allows-vm.html", "content": "Linux Kernel Vulnerability Allows VM Escape on Intel and AMD Systems - SecurityWeek\n\nThe Januscape vulnerability (CVE-2026-53359) in the Linux KVM hypervisor allows attackers to execute a VM escape, enabling code execution on both Intel and AMD host systems. This use-after-free flaw can be exploited by an attacker with guest root access to achieve full host compromise or cause a denial-of-service.", "creation_timestamp": "2026-07-08T01:00:54.120639Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/ec451422-4923-4b99-91fe-e9fdaf2c8cc9/export"/>
    <published>2026-07-08T01:00:54.120639+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/59fca4b4-500b-4351-a39d-d80a0bab022a/export</id>
    <title>59fca4b4-500b-4351-a39d-d80a0bab022a</title>
    <updated>2026-07-08T12:09:58.769489+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "59fca4b4-500b-4351-a39d-d80a0bab022a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53359", "type": "seen", "source": "https://bsky.app/profile/securityrss.bsky.social/post/3mq3fs4tl3b2f", "content": "A use-after-free vulnerability in Linux's KVM hypervisor, tracked as CVE-2026-53359 and named 'Januscape', allows guest VMs to escape to the host on Intel and AMD systems. Discovered by Hyunwoo Kim, the flaw has existed for 16 years and can lead to host code execution.", "creation_timestamp": "2026-07-07T20:07:20.535529Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/59fca4b4-500b-4351-a39d-d80a0bab022a/export"/>
    <published>2026-07-07T20:07:20.535529+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/06848184-41f2-49af-a2d7-0fb5a5d8b60c/export</id>
    <title>06848184-41f2-49af-a2d7-0fb5a5d8b60c</title>
    <updated>2026-07-08T12:09:58.769613+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "06848184-41f2-49af-a2d7-0fb5a5d8b60c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53359", "type": "seen", "source": "https://bsky.app/profile/securestep9.bsky.social/post/3mq34hkw7uz2c", "content": "A 16-year-old flaw in #Linux KVM hypervisor dubbed \"#Januscape\" (CVE-2026-53359) is a Use-After-Free vulnerability which allows guest VMs to escape to the host:\n\nThe fix was merged into the mainline Linux kernel on June 19, 2026:\n\ud83d\udc47", "creation_timestamp": "2026-07-07T17:20:22.686440Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/06848184-41f2-49af-a2d7-0fb5a5d8b60c/export"/>
    <published>2026-07-07T17:20:22.686440+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/e089ac08-950c-4f89-9422-07ab6d64e883/export</id>
    <title>e089ac08-950c-4f89-9422-07ab6d64e883</title>
    <updated>2026-07-08T12:09:58.769722+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "e089ac08-950c-4f89-9422-07ab6d64e883", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53359", "type": "seen", "source": "https://bsky.app/profile/it-connect.bsky.social/post/3mq33eolbgi2v", "content": "Januscape (CVE-2026-53359) : une faille use-after-free rest\u00e9e 16 ans dans KVM.\n\nLouez un VPS, activez la virtu imbriqu\u00e9e c\u00f4t\u00e9 h\u00f4te, et une seule VM peut faire tomber l'h\u00f4te + toutes les VM voisines.\n\n\u00c0 patcher \ud83d\udc47\nwww.it-connect.fr/januscape-fa...\n\n#linux", "creation_timestamp": "2026-07-07T17:00:52.410471Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/e089ac08-950c-4f89-9422-07ab6d64e883/export"/>
    <published>2026-07-07T17:00:52.410471+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/fe8be2b1-684f-4261-9f75-d48d11934848/export</id>
    <title>fe8be2b1-684f-4261-9f75-d48d11934848</title>
    <updated>2026-07-08T12:09:58.769835+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "fe8be2b1-684f-4261-9f75-d48d11934848", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53359", "type": "seen", "source": "https://threatintel.cc/2026/07/07/linux-kernel-vulnerability-allows-vm.html", "content": "Linux Kernel Vulnerability Allows VM Escape on Intel and AMD Systems - SecurityWeek\n\nThe Januscape vulnerability (CVE-2026-53359) in the Linux KVM hypervisor allows attackers to execute a VM escape, enabling code execution on both Intel and AMD host systems. This use-after-free flaw can be exploited by an attacker with guest root access to achieve full host compromise or cause a denial-of-service.", "creation_timestamp": "2026-07-07T16:00:45.483193Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/fe8be2b1-684f-4261-9f75-d48d11934848/export"/>
    <published>2026-07-07T16:00:45.483193+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/80d4205a-f05b-4d99-bed8-3dda5262b86b/export</id>
    <title>80d4205a-f05b-4d99-bed8-3dda5262b86b</title>
    <updated>2026-07-08T12:09:58.769948+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "80d4205a-f05b-4d99-bed8-3dda5262b86b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53359", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3mq2wna6pzs2p", "content": " \ud83d\udd12 Sysadmins: A atualiza\u00e7\u00e3o cr\u00edtica do #Fedora 43 para kernel-headers 7.1.3 j\u00e1 est\u00e1 dispon\u00edvel! Corrige o CVE-2026-53359 (Januscape) \u2014 um UAF no KVM que permite VM escape ap\u00f3s 16 anos dormentes.   Saiba mais: -&amp;gt; tinyurl.com/yn2njpwk", "creation_timestamp": "2026-07-07T15:36:11.163997Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/80d4205a-f05b-4d99-bed8-3dda5262b86b/export"/>
    <published>2026-07-07T15:36:11.163997+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/14e74375-89a6-4944-a917-a4bec526805b/export</id>
    <title>14e74375-89a6-4944-a917-a4bec526805b</title>
    <updated>2026-07-08T12:09:58.770060+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "14e74375-89a6-4944-a917-a4bec526805b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53359", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3mq2wn77tqs2p", "content": " \ud83d\udd12 Sysadmins: A atualiza\u00e7\u00e3o cr\u00edtica do #Fedora 43 para kernel-headers 7.1.3 j\u00e1 est\u00e1 dispon\u00edvel! Corrige o CVE-2026-53359 (Januscape) \u2014 um UAF no KVM que permite VM escape ap\u00f3s 16 anos dormentes.   Saiba mais: -&amp;gt; tinyurl.com/yn2njpwk", "creation_timestamp": "2026-07-07T15:36:10.687315Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/14e74375-89a6-4944-a917-a4bec526805b/export"/>
    <published>2026-07-07T15:36:10.687315+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/5dfe2665-724a-4563-80a8-c4ceb9a222d4/export</id>
    <title>5dfe2665-724a-4563-80a8-c4ceb9a222d4</title>
    <updated>2026-07-08T12:09:58.770168+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "5dfe2665-724a-4563-80a8-c4ceb9a222d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53359", "type": "seen", "source": "https://bsky.app/profile/pixelsandpulse.bsky.social/post/3mq2vhnt5hc24", "content": "Can a 16-year-old bug really blow up cloud security? Yes. Januscape (CVE-2026-53359) is a Linux KVM flaw allowing VM escape on Intel/AMD. If you run VMs, this zero-day means your host could be compromised. Find out how to protect\u2026\n\nhttps://www.tpp.blog/21opoya\n\n#opensource #januscape #cve202653359", "creation_timestamp": "2026-07-07T15:15:09.234790Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/5dfe2665-724a-4563-80a8-c4ceb9a222d4/export"/>
    <published>2026-07-07T15:15:09.234790+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/d12ae95b-73c5-4a50-bcdd-51f180b240b1/export</id>
    <title>d12ae95b-73c5-4a50-bcdd-51f180b240b1</title>
    <updated>2026-07-08T12:09:58.770275+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "d12ae95b-73c5-4a50-bcdd-51f180b240b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53359", "type": "seen", "source": "https://bsky.app/profile/guardian360.bsky.social/post/3mq2umu4bpq2p", "content": "Dubbed 'Januscape' and tracked as CVE-2026-53359, the flaw sits in the shadow MMU code that KVM shares across both Intel and AMD.", "creation_timestamp": "2026-07-07T15:00:09.672679Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/d12ae95b-73c5-4a50-bcdd-51f180b240b1/export"/>
    <published>2026-07-07T15:00:09.672679+00:00</published>
  </entry>
</feed>
