| Reporter | Title | Published | Views | Family All 701 |
|---|---|---|---|---|
| CVE-2026-28422 | 27 Feb 202622:08 | – | attackerkb | |
| CVE-2026-34982 | 6 Apr 202615:16 | – | attackerkb | |
| CVE-2026-28417 | 27 Feb 202621:54 | – | attackerkb | |
| CVE-2026-33412 | 24 Mar 202619:43 | – | attackerkb | |
| CVE-2026-28421 | 27 Feb 202622:06 | – | attackerkb | |
| CVE-2026-28420 | 27 Feb 202622:04 | – | attackerkb | |
| CVE-2026-35177 | 6 Apr 202617:54 | – | attackerkb | |
| CVE-2026-28418 | 27 Feb 202621:58 | – | attackerkb | |
| Amazon Linux 2023 : vim-common, vim-data, vim-default-editor (ALAS2023-2026-1539) | 13 Apr 202600:00 | – | nessus | |
| Amazon Linux 2023 : vim-common, vim-data, vim-default-editor (ALAS2023-2026-1584) | 13 Apr 202600:00 | – | nessus |
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(323217);
script_version("1.1");
script_set_attribute(attribute:"plugin_modification_date", value:"2026/06/27");
script_cve_id(
"CVE-2026-28417",
"CVE-2026-28418",
"CVE-2026-28420",
"CVE-2026-28421",
"CVE-2026-28422",
"CVE-2026-33412",
"CVE-2026-34982",
"CVE-2026-35177",
"CVE-2026-39881"
);
script_name(english:"EulerOS 2.0 SP15 : vim (EulerOS-SA-2026-2472)");
script_set_attribute(attribute:"synopsis", value:
"The remote EulerOS host is missing multiple security updates.");
script_set_attribute(attribute:"description", value:
"According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the
following vulnerabilities :
Vim is an open source, command line text editor. Prior to version 9.2.0202, a command injection
vulnerability exists in Vim's glob() function on Unix-like systems. By including a newline character (\n)
in a pattern passed to glob(), an attacker may be able to execute arbitrary shell commands. This
vulnerability depends on the user's 'shell' setting. This issue has been patched in version
9.2.0202.(CVE-2026-33412)
Vim is an open source, command line text editor. Prior to 9.2.0316, a command injection vulnerability in
Vim's netbeans interface allows a malicious netbeans server to execute arbitrary Ex commands when Vim
connects to it, via unsanitized strings in the defineAnnoType and specialKeys protocol messages. This
vulnerability is fixed in 9.2.0316.(CVE-2026-39881)
Vim is an open source, command line text editor. Prior to 9.2.0280, a path traversal bypass in Vim's
zip.vim plugin allows overwriting of arbitrary files when opening specially crafted zip archives,
circumventing the previous fix for CVE-2025-53906. This vulnerability is fixed in
9.2.0280.(CVE-2026-35177)
Vim is an open source, command line text editor. Prior to version 9.2.0276, a modeline sandbox bypass in
Vim allows arbitrary OS command execution when a user opens a crafted file. The `complete`,
`guitabtooltip` and `printheader` options are missing the `P_MLE` flag, allowing a modeline to be
executed. Additionally, the `mapset()` function lacks a `check_secure()` call, allowing it to be abused
from sandboxed expressions. Commit 9.2.0276 fixes the issue.(CVE-2026-34982)
Vim is an open source, command line text editor. Versions prior to 9.2.0077 have a heap-buffer-overflow
and a segmentation fault (SEGV) exist in Vim's swap file recovery logic. Both are caused by unvalidated
fields read from crafted pointer blocks within a swap file. Version 9.2.0077 fixes the
issue.(CVE-2026-28421)
Vim is an open source, command line text editor. Prior to version 9.2.0078, a stack-buffer-overflow occurs
in `build_stl_str_hl()` when rendering a statusline with a multi-byte fill character on a very wide
terminal. Version 9.2.0078 patches the issue.(CVE-2026-28422)
Vim is an open source, command line text editor. Prior to version 9.2.0074, a heap-based buffer overflow
out-of-bounds read exists in Vim's Emacs-style tags file parsing logic. When processing a malformed tags
file, Vim can be tricked into reading up to 7 bytes beyond the allocated memory boundary. Version 9.2.0074
fixes the issue.(CVE-2026-28418)
Vim is an open source, command line text editor. Prior to version 9.2.0073, an OS command injection
vulnerability exists in the `netrw` standard plugin bundled with Vim. By inducing a user to open a crafted
URL (e.g., using the `scp://` protocol handler), an attacker can execute arbitrary shell commands with the
privileges of the Vim process. Version 9.2.0073 fixes the issue.(CVE-2026-28417)
Vim is an open source, command line text editor. Prior to version 9.2.0076, a heap-based buffer overflow
WRITE and an out-of-bounds READ exist in Vim's terminal emulator when processing maximum combining
characters from Unicode supplementary planes. Version 9.2.0076 fixes the issue.(CVE-2026-28420)
Tenable has extracted the preceding description block directly from the EulerOS vim security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
# https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2026-2472
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?54340502");
script_set_attribute(attribute:"solution", value:
"Update the affected vim packages.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2026-39881");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2026/02/27");
script_set_attribute(attribute:"patch_publication_date", value:"2026/06/26");
script_set_attribute(attribute:"plugin_publication_date", value:"2026/06/27");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:vim-common");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:vim-enhanced");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:vim-filesystem");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:vim-minimal");
script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:2.0");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Huawei Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2026 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/sp");
script_exclude_keys("Host/EulerOS/uvp_version");
exit(0);
}
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var _release = get_kb_item("Host/EulerOS/release");
if (isnull(_release) || _release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS");
var uvp = get_kb_item("Host/EulerOS/uvp_version");
if (_release !~ "^EulerOS release 2\.0(\D|$)") audit(AUDIT_OS_NOT, "EulerOS 2.0 SP15");
var sp = get_kb_item("Host/EulerOS/sp");
if (isnull(sp) || sp !~ "^(15)$") audit(AUDIT_OS_NOT, "EulerOS 2.0 SP15");
if (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, "EulerOS 2.0 SP15", "EulerOS UVP " + uvp);
if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu && "x86" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "x86" >!< cpu) audit(AUDIT_ARCH_NOT, "i686 / x86_64", cpu);
var flag = 0;
var pkgs = [
"vim-common-9.0.2092-16.h21510.17.eulerosv2r15",
"vim-enhanced-9.0.2092-16.h21510.17.eulerosv2r15",
"vim-filesystem-9.0.2092-16.h21510.17.eulerosv2r15",
"vim-minimal-9.0.2092-16.h21510.17.eulerosv2r15"
];
foreach (var pkg in pkgs)
if (rpm_check(release:"EulerOS-2.0", sp:"15", reference:pkg)) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : rpm_report_get()
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "vim");
}
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation