A newly disclosed vulnerability in the Linux kernel, tracked as CVE-2026-53359 (Januscape), allows attackers to escape virtual machines (VMs) and execute code on the underlying host. This flaw affects the shadow MMU code in the Linux Kernel-based Virtual Machine (KVM) hypervisor and poses a significant risk to multi-tenant public cloud environments. Discovered by researcher Hyunwoo Kim, it enables unprivileged users on certain Linux distributions to escalate privileges to root.
Januscape was dormant for 16 years and was patched in mid-June 2026. Exploiting it can lead to denial-of-service or complete host compromise, potentially affecting all VMs on the same physical server.