Cloud Hypervisor: Host File Exfiltration via QCOW Backing File Abuse — CVE-2026-27211

Summary

Advisory CVE-2026-27211. Cloud Hypervisor: Host File Exfiltration via QCOW Backing File Abuse Vendor: Microsoft. Source: MSRC. Threat: critical. CVSS 10. See the official advisory for details.

What to do

General, cautious steps (verify details in the official source):

• Prioritize patching or mitigation immediately (treat as actively risky).
• Identify affected product versions in your inventory and verify whether you are impacted.
• Apply vendor patches/updates or recommended mitigations as soon as available.
• Read the official advisory for exact affected versions and remediation steps.

Official advisory

Read the official source

Related advisories

• libtiff up to v4.7.1 was discovered to contain a stack overflow via the readSeparateStripsIntoBuffer function. CVE-2025-61144
• Local Path Provisioner vulnerable to Path Traversal via parameters.pathPattern CVE-2025-62878
• Kata Container to Guest micro VM privilege escalation CVE-2026-24834
• Azure SDK for Python Remote Code Execution Vulnerability CVE-2026-21531
• Azure Front Door Elevation of Privilege Vulnerability CVE-2026-24300
• libtiff up to v4.7.1 was discovered to contain a double free via the component tools/tiffcrop.c. CVE-2025-61145
• libtiff up to v4.7.1 was discovered to contain a NULL pointer dereference via the component libtiff/tif_open.c. CVE-2025-61143
• Malformed Valkey Cluster bus message can lead to Remote DoS CVE-2026-21863
• Valkey Affected by RESP Protocol Injection via Lua error_reply CVE-2025-67733
• wcurl path traversal with percent-encoded slashes CVE-2025-11563
• WordPress Oxygen theme <= 6.0.8 - Server Side Request Forgery (SSRF) vulnerability CVE-2025-69299
• bonding: annotate data-races around slave->last_rx CVE-2026-23212