66 matches found
Amazon Linux 2 : vim, --advisory ALAS2-2026-3368 (ALAS-2026-3368)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3368 advisory. Vim is an open source, command line text editor. Prior to version 9.2.0495, a Vimscript code injection vulnerability exists in s:NetrwBookHistSave in the netrw plugin...
Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : Vim vulnerabilities (USN-8451-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8451-1 advisory. Srinivas Piskala Ganesh Babu discovered that Vim incorrectly handled...
USN-8451-1: Vim vulnerabilities
Srinivas Piskala Ganesh Babu discovered that Vim incorrectly handled directory names when serializing browsed paths to the netrw history file. An attacker could possibly use this issue to execute arbitrary code. CVE-2026-47162 It was discovered that Vim incorrectly handled step-definition pattern...
USN-8451-1 vim vulnerabilities
Srinivas Piskala Ganesh Babu discovered that Vim incorrectly handled directory names when serializing browsed paths to the netrw history file. An attacker could possibly use this issue to execute arbitrary code. CVE-2026-47162 It was discovered that Vim incorrectly handled step-definition pattern...
Vim < 9.2.0496 Code Injection (GHSA-4473-94jm-w5x9)
The version of Vim installed on the remote host is prior to 9.2.0496. It is, therefore, affected by a vulnerability as referenced in the GHSA-4473-94jm-w5x9 advisory. - A code injection vulnerability exists in s:stepmatch in the cucumber filetype plugin runtime/ftplugin/cucumber.vim on Vim builds...
SUSE CVE-2026-47167
Vim is an open source, command line text editor. Prior to version 9.2.0496, a code injection vulnerability exists in s:stepmatch in the cucumber filetype plugin runtime/ftplugin/cucumber.vim on Vim builds with +ruby support. Step-definition patterns read from .rb files under the repository's...
Vim: Vimscript Code Injection in cucumber filetype plugin via crafted step-definition regex
...
CVE-2026-47167
Vim is an open source, command line text editor. Prior to version 9.2.0496, a code injection vulnerability exists in s:stepmatch in the cucumber filetype plugin runtime/ftplugin/cucumber.vim on Vim builds with +ruby support. Step-definition patterns read from .rb files under the repository's...
UBUNTU-CVE-2026-47167
Vim is an open source, command line text editor. Prior to version 9.2.0496, a code injection vulnerability exists in s:stepmatch in the cucumber filetype plugin runtime/ftplugin/cucumber.vim on Vim builds with +ruby support. Step-definition patterns read from .rb files under the repository's...
EUVD-2026-36280
Vim is an open source, command line text editor. Prior to version 9.2.0496, a code injection vulnerability exists in s:stepmatch in the cucumber filetype plugin runtime/ftplugin/cucumber.vim on Vim builds with +ruby support. Step-definition patterns read from .rb files under the repository's...
CVE-2026-47167 Vim: Vimscript Code Injection in cucumber filetype plugin via crafted step-definition regex
Vim is an open source, command line text editor. Prior to version 9.2.0496, a code injection vulnerability exists in s:stepmatch in the cucumber filetype plugin runtime/ftplugin/cucumber.vim on Vim builds with +ruby support. Step-definition patterns read from .rb files under the repository's...
CVE-2026-47167
Vim is an open source, command line text editor. Prior to version 9.2.0496, a code injection vulnerability exists in s:stepmatch in the cucumber filetype plugin runtime/ftplugin/cucumber.vim on Vim builds with +ruby support. Step-definition patterns read from .rb files under the repository's...
CVE-2026-47167 Vim: Vimscript Code Injection in cucumber filetype plugin via crafted step-definition regex
Vim is an open source, command line text editor. Prior to version 9.2.0496, a code injection vulnerability exists in s:stepmatch in the cucumber filetype plugin runtime/ftplugin/cucumber.vim on Vim builds with +ruby support. Step-definition patterns read from .rb files under the repository's...
CVE-2026-47167
Vim has a code injection vulnerability in the cucumber filetype plugin (runtime/ftplugin/cucumber.vim) affecting builds with +ruby support prior to version 9.2.0496. A crafted step-definition regex pulled from .rb files under features// or stories/ / directories is embedded into a Ruby Kernel.eva...
PT-2026-48707
Name of the Vulnerable Software and Affected Versions Vim versions prior to 9.2.0496 Description A code injection issue exists in the s:stepmatch function within the cucumber filetype plugin runtime/ftplugin/cucumber.vim for builds with +ruby support. Step-definition patterns read from .rb files ...
Linux Distros Unpatched Vulnerability : CVE-2026-47167
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vim is an open source, command line text editor. Prior to version 9.2.0496, a code injection vulnerability exists in s:stepmatch in the cucumber filetype plugin...
Vim 代码注入漏洞
Vim is an open-source, cross-platform text editor developed by Vim developers. Prior to Vim 9.2.0496, there was a code injection vulnerability in the plugin for the cucumber file type. This vulnerability stemmed from the s:stepmatch function in the plugin, which, in Vim builds that support Ruby,...
MGASA-2026-0167 Updated vim packages fix security vulnerabilities
Heap Buffer Overflow in spell file loading affects Vim 9.2.0450. CVE-2026-45130 Vimscript Code Injection in netrw NetrwMarkFile via crafted filename affects Vim 9.2.0480. CVE-2026-43961 Command Injection in tar.vim affects Vim 9.2.0479. CVE-2026-46483 Vimscript Code Injection in netrw...
Updated vim packages fix security vulnerabilities
Heap Buffer Overflow in spell file loading affects Vim 9.2.0450. CVE-2026-45130 Vimscript Code Injection in netrw NetrwMarkFile via crafted filename affects Vim 9.2.0480. CVE-2026-43961 Command Injection in tar.vim affects Vim 9.2.0479. CVE-2026-46483 Vimscript Code Injection in netrw...
org.webjars.npm:bazel__typescript (=1.7.0), org.webjars.npm:cesium (>=1.96.0 <=1.137.0) +13 more potentially affected by CVE-2026-44290 via org.webjars.npm:protobufjs (>=6.11.3 <=8.0.0)
org.webjars.npm:protobufjs MAVEN version =6.11.3, =1.96.0, =1.0.0, =1.0.0, =10.13.0, =4.7.0, =0.3.35, =1.6.1, =0.5.2, =0.7.15 - org.webjars.npm:tiktok-live-connector =1.0.2 Source cves: CVE-2026-44290 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-16643420...