Tag

Hypervisor

4 briefs RSS

Multiple Xen Hypervisor Vulnerabilities Leading to Privilege Escalation, DoS, and Data Confidentiality Compromise

Multiple vulnerabilities, including CVE-2025-10263, CVE-2026-42487, CVE-2026-42488, CVE-2026-42489, and CVE-2026-42490, have been discovered in Xen, allowing an attacker to achieve privilege escalation, trigger a remote denial of service, and compromise data confidentiality on vulnerable hypervisor instances.

Xen virtualization hypervisor vulnerability privilege-escalation denial-of-service data-exfiltration

3r 3t 1c 6d ago

high advisory

Xenstore Crash Vulnerability via Malicious Node Path Access (CVE-2026-23555)

2 rules 1 TTP

A guest VM issuing a Xenstore command with the node path '/local/domain/' can crash xenstored (CVE-2026-23555), or, if NDEBUG is defined, cause denial of service by consuming all CPU resources.

xen xenstore denial-of-service CVE-2026-23555 hypervisor vulnerability linux

2r 1t Mar 23, 2026

critical threat

QEMU Hypervisor Escape via virtio-snd 0-Day

2 rules 2 TTPs

An unpatched vulnerability in QEMU's virtio-snd component allows for a hypervisor escape due to an uncontrolled heap overflow.

virtualization hypervisor qemu virtio-snd heap overflow hypervisor escape

2r 2t Mar 19, 2026

high advisory

ESXi Encryption Settings Modification

2 rules

Detection of modifications to ESXi host encryption settings, such as disabling secure boot or executable verification, which may indicate attempts to weaken hypervisor integrity and allow unauthorized code execution.

ESXi +3 encryption vmware hypervisor attack.persistence

2r Jan 3, 2024