HIGH
lima-vm
CVE published 2026-07-10
CVE-2026-53657
CVE-2026-53657 is a high-severity vulnerability in Lima, a tool for running Linux virtual machines on macOS. An arbitrary user in the VM could access the guest agent socket, potentially leading to privilege escalation. This issue is fixed in version 2.1.3. The vulnerability allows an arbitrary user in the VM to access the /run/lima-guestagent.sock when the guest agent is enabled, which could result in run [truncated]