ROOT-OS-DEBIAN-11-CVE-2026-39881 CVE-2026-39881 in rootio-vim - Patched by Root

Root has patched CVE-2026-39881 in the rootio-vim package for Root:Debian:11. Multiple fixed versions available...

ROOT-OS-DEBIAN-12-CVE-2026-39881 CVE-2026-39881 in rootio-vim - Patched by Root

Root has patched CVE-2026-39881 in the rootio-vim package for Root:Debian:12. Multiple fixed versions available...

Security update for vim

This update for vim fixes the following issues CVE-2026-39881: command injection in NetBeans interface can lead to arbitrary file reads and writes bsc1261833. CVE-2026-42307: Prior to version 9.2.0383, an OS command injection vulnerability exists in the netrw standard plugin bundled with Vim...

Security update for vim (important)

openSUSE security update: security update for vim ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20828-1 Rating: important References: bsc1261833 bsc1262395 bsc1264706 bsc1264707 bsc1264708 bsc1265349 bsc1265360 Cross-References: CVE-2026-39881...

Security update for vim

This update for vim fixes the following issue: Security fixes: CVE-2026-39881: command injection in NetBeans interface can lead to arbitrary file reads and writes bsc1261833. Other fixes: Update to 9.2.0398. 9.2.0398: MS-Windows: missing strptime support 9.2.0397: tabpanel: double-click opens a n...

SUSE-SU-2026:1764-1 Security update for vim

This update for vim fixes the following issue: Security fixes: - CVE-2026-39881: command injection in NetBeans interface can lead to arbitrary file reads and writes bsc1261833. Other fixes: - Update to 9.2.0398. 9.2.0398: MS-Windows: missing strptime support 9.2.0397: tabpanel: double-click opens...

CLSA-2026-1778021665 vim: Fix of CVE-2026-39881

CVE-2026-39881: fix netbeans defineAnnoType command injection by validating typeName, fg and bg against an allowlist before passing them to coloncmd; also restrict specialKeys tokens to alphanumeric characters to prevent map command injection...

Fedora 42 : vim (2026-11d7d4d8f3)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-11d7d4d8f3 advisory. Security fix for CVE-2026-39881 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus h...

CLSA-2026-1778020398 vim: Fix of CVE-2026-39881

CVE-2026-39881: fix netbeans defineAnnoType command injection by validating typeName, fg and bg against an allowlist before passing them to coloncmd; also restrict specialKeys tokens to alphanumeric characters to prevent map command injection...

CLSA-2026-1777567716 vim: Fix of CVE-2026-39881

CVE-2026-39881: fix command injection in netbeans interface by validating defineAnnoType typeName/fg/bg and specialKeys tokens against an allowlist of safe characters before interpolating them into Ex commands...

Fedora 44 : vim (2026-3954a4ed07)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-3954a4ed07 advisory. Security fix for CVE-2026-39881 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus h...

SUSE-SU-2026:21414-1 Security update for vim

This update for vim fixes the following issue: Update to version 9.2.0398. Security issues fixed: - CVE-2026-39881: missing sanitization in defineAnnoType and specialKeys can lead to arbitrary Ex command injection via a malicious NetBeans server bsc1261833...

Fedora 43 : vim (2026-755c51e6a0)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-755c51e6a0 advisory. Security fix for CVE-2026-39881 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus h...

OESA-2026-2004 vim security update

Vim is an advanced text editor that seeks to provide the power of the de-facto Unix editor 'Vi', with a more complete feature set. Vim is a highly configurable text editor built to enable efficient text editing. It is an improved version of the vi editor distributed with most UNIX systems. Securi...

BELL-CVE-2026-39881

Bulletin has no description...

CVE-2026-39881

A flaw was found in Vim. A command injection vulnerability in Vim's NetBeans interface allows a malicious NetBeans server to execute arbitrary Ex commands when Vim connects to it. This occurs due to unsanitized strings in the defineAnnoType and specialKeys protocol messages, leading to arbitrary...

CVE-2026-39881

Vim is an open source, command line text editor. Prior to 9.2.0316, a command injection vulnerability in Vim's netbeans interface allows a malicious netbeans server to execute arbitrary Ex commands when Vim connects to it, via unsanitized strings in the defineAnnoType and specialKeys protocol...

CVE-2024-39881

Delta Electronics CNCSoft-G2 lacks proper validation of user-supplied data, which can result in a memory corruption condition. If a target visits a malicious page or opens a malicious file an attacker can leverage this vulnerability to execute code in the context of the current process...

CVE-2025-39881 affecting package kernel for versions less than 6.6.112.1-1

CVE-2025-39881 affecting package kernel for versions less than 6.6.112.1-1. A patched version of the package is available...

EUVD-2025-39881

Malicious code in dono-ketan60-riris npm...