[TheDong]

QubesOS inherently has a higher attack surface due to the features it's added to be more usable.

An AWS VM in the cloud I ssh into can't possibly snoop on another window I have open.

QubesOS on the other hand includes usability features like displaying graphical interfaces from VMs, clipboard sharing features, etc etc https://www.qubes-os.org/doc/gui/

These usability features increase attack surface, whether they're implemented on top of a Xen or KVM hypervisor.

My assumption for a local qemu setup is that the user wouldn't use things like 9p or display sharing, which I think means a smaller enough attack surface to make a difference.