Qubes a "securtity focused" desktop operating system has been hit with a privilege escalation vulnerability inherited from the Xen hypervisor which holds the whole thing together. The entire security model of Qubes depends on using the Xen hypervisor to isolate all the things, but privilege escalation vulnerabilities happen to hypervisors. An update has been released to address this particular bug, but for actual security skip virtualizing and try physicalizing. Check those privileges.