CVE-2026-48914: QEMU-KVM Heap Overflow in Azure
🔴 Critical | Source: Microsoft Security Response Center CVE-2026-48914 is a heap buffer overflow vulnerability in QEMU-KVM’s virtio-blk driver, specifically in how it handles SCSI requests. This type of flaw can potentially allow a malicious guest virtual machine to corrupt host memory, which in a cloud environment could lead to VM escape — one of the most severe hypervisor-level threats. Microsoft has published this advisory via the MSRC, indicating Azure infrastructure may be affected. ...