2026.06.19Privilege escalation to root in Lima QEMU guests via a world-writable agent socket (CVE-2026-53657)An unprivileged user inside a Lima QEMU guest could reach the root-owned guest-agent socket and run commands as root in the VM. Fixed in Lima v2.1.3.