QEMU — Cyber Threats, Attacks & Incidents

Threat entity extracted from intelligence sources

Frequency
32
occurrences
First Seen
November 26, 2025
Last Seen
July 8, 2026

QEMU is a technology platform tracked across 21 threat clusters and 32 intelligence report mentions on ThreatCluster. First observed November 26, 2025; most recent activity July 8, 2026.

Related Threat Clusters

  • Critical Januscape Vulnerability in Linux KVM Exposes Cloud Servers to Attacks

    A critical vulnerability in Linux KVM, named Januscape (CVE-2026-53359), has been discovered after lying dormant for 16 years. This flaw allows attackers with root access in a guest virtual machine to escape to the host…

    22 articles · Updated July 7, 2026
  • Critical QEMU Vulnerabilities Affect Ubuntu Systems

    Multiple vulnerabilities in QEMU have been identified, impacting Ubuntu 25.10, 24.04 LTS, and 22.04 LTS. The issues include improper memory handling in the LSI53C895A SCSI Host Bus Adapter (CVE-2024-6519) and…

    2 articles · Updated April 10, 2026
  • Critical Privilege Escalation Vulnerabilities in Canonical LXD Discovered

    Three critical vulnerabilities (CVE-2026-34177, CVE-2026-34178, CVE-2026-34179) have been identified in Canonical LXD versions 4.12 through 6.7, allowing authenticated users to escalate privileges to cluster admin and…

    2 articles · Updated April 13, 2026
  • Critical Denial of Service Vulnerabilities in SUSE Linux QEMU

    SUSE Linux has released updates addressing multiple vulnerabilities in QEMU, affecting versions of SUSE Linux Micro 6.0 and 6.1. Key vulnerabilities include CVE-2025-14876, CVE-2026-0665, CVE-2026-2243, CVE-2026-3195,…

    6 articles · Updated June 2, 2026
  • DesckVB RAT Campaign Exploits Google DoubleClick for Malspam Delivery

    In May 2026, a malspam campaign utilizing the Google DoubleClick domain was identified, delivering the DesckVB remote access trojan (RAT). The attack begins with an HTML email attachment that redirects users through…

    6 articles · Updated June 3, 2026
  • Hackers Exploit QEMU VMs to Evade Detection and Deploy Ransomware

    Hackers are utilizing QEMU, an open-source virtual machine emulator, to create hidden Linux environments within Windows systems, effectively evading endpoint security tools. This method allows for long-term access,…

    8 articles · Updated April 17, 2026
  • Multiple QEMU Vulnerabilities Affecting Ubuntu Systems

    On June 9, 2026, Ubuntu announced several vulnerabilities in QEMU affecting versions 14.04 LTS to 20.04 LTS. The vulnerabilities include denial of service risks and potential arbitrary code execution due to improper…

    5 articles · Updated June 9, 2026
  • Vercel Breach Linked to Context AI Hack Exposes Customer Credentials

    On April 20, 2026, a breach at Vercel was reported, revealing limited customer credentials tied to a Context AI hack. The attack exploited vulnerabilities in Vercel's infrastructure, although specific attack vectors…

    2 articles · Updated April 20, 2026
  • Critical EDK II Vulnerabilities Affect Ubuntu 22.04 and 24.04 LTS

    EDK II in Ubuntu 22.04 LTS and 24.04 LTS has critical vulnerabilities, including a predictable TCP Initial Sequence Number that could allow unauthorized access. Additionally, improper handling of S3 sleep could lead to…

    3 articles · Updated November 26, 2025
  • Multiple CVEs Addressed in SCSI and QEMU Components

    On February 18, 2026, Microsoft published information on several CVEs affecting SCSI and QEMU components. These vulnerabilities include potential memory corruption in qla2xxx (CVE-2024-42288), a kernel oops issue in…

    9 articles · Updated February 18, 2026

Recent Intelligence Reports

  • Januscape Flaw in Linux KVM’s MMU Code Enables VM Escape on Intel and AMD — Thecyberexpress · July 8, 2026
  • Critical Linux KVM bug lets hackers take over servers for 16 years — Cybernews · July 7, 2026
  • Kali Linux 2026.2: Nine New Tools, 3x Faster VM Boots, and a Kernel Security Tradeoff — Techtimes · July 1, 2026
  • Kali Linux 2026.2 released with 9 new tools, NetHunter updates — Bleepingcomputer · June 30, 2026
  • Beyond Fable: Can a Local LLM Replace Cloud AI for Security Code Reviews — srlabs.de · June 30, 2026
  • CVE-2026-53325: Critical Linux Kernel AMD64 AGP Driver Vulnerability Leads to ... — Rescana · June 29, 2026
  • Ubuntu 20.04 QEMU Critical Denial of Service Vuln USN-8412 — Linuxsecurity · June 9, 2026
  • USN-8412-1: QEMU vulnerabilities — Ubuntu · June 9, 2026

CVSS v3.1 Breakdown