Both vulnerabilities allow untrusted users to gain root privileges.

Januscape abuses KVM shadow MMU page reuse to panic x86 hosts, with Kim reporting a controlled full escape exploit behind the unreleased path.

A 16-year-old Linux KVM flaw (CVE-2026-53359) dubbed Januscape can allow attackers to escape virtual machines and execute code on Intel and AMD host systems.

Both vulnerabilities allow untrusted users to gain root privileges.