<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>Cve on CuraSec</title><link>https://curasec.metacog.co.kr/tags/cve/</link><description>Recent content in Cve on CuraSec</description><generator>Hugo</generator><language>en-us</language><lastBuildDate>Fri, 10 Jul 2026 09:49:54 -0500</lastBuildDate><atom:link href="https://curasec.metacog.co.kr/tags/cve/index.xml" rel="self" type="application/rss+xml"/><item><title>CVE-2026-53359: KVM/x86 Guest-to-Host Escape (PoC Published)</title><link>https://curasec.metacog.co.kr/insights/2026-07-10-januscape-guest-to-host-escape-in-kvm-x86-cve-2026-53359/</link><pubDate>Fri, 10 Jul 2026 09:49:54 -0500</pubDate><guid>https://curasec.metacog.co.kr/insights/2026-07-10-januscape-guest-to-host-escape-in-kvm-x86-cve-2026-53359/</guid><description>&lt;ul>
&lt;li>&lt;strong>Engineer — Plan:&lt;/strong> Public PoC exists for a guest-to-host VM escape in KVM/x86, meaning any Linux host running KVM hypervisors is potentially exposed; patch your kernel to a fixed version once available and audit whether untrusted VMs run on shared KVM hosts.&lt;/li>
&lt;li>&lt;strong>SOC/IR — Learn:&lt;/strong> No active exploitation or IOCs reported yet; monitor for exploitation activity targeting KVM hosts, but no detection work is actionable until TTPs or exploitation patterns emerge.&lt;/li>
&lt;li>&lt;strong>Leader — Skip&lt;/strong>&lt;/li>
&lt;li>&lt;strong>Signals:&lt;/strong> CVE-2026-53359 — CISA KEV: not listed, EPSS 0.00, public PoC on GitHub&lt;/li>
&lt;/ul></description></item></channel></rss>