CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

88 matches found

IBM Security Bulletins•added 2026/05/25 1:53 p.m.•13 views

Security Bulletin: IBM QRadar SIEM is vulnerable to using components with known vulnerabilities

Summary Multiple components with known vulnerabilities were addressed in IBM QRadar SIEM 7.5.0 UP15 IF03 Vulnerability Details CVEID:CVE-2026-28417 DESCRIPTION: Vim is an open source, command line text editor. Prior to version 9.2.0073, an OS command injection vulnerability exists in the netrw...

9.8CVSS7.4AI score0.001EPSS

Exploits0Affected Software1

F5 Networks•added 2026/04/16 11:21 p.m.•6 views

K000160853: Multiple Vim vulnerabilities

Security Advisory Description CVE-2026-28417 Vim is an open source, command line text editor. Prior to version 9.2.0073, an OS command injection vulnerability exists in the netrw standard plugin bundled with Vim. By inducing a user to open a crafted URL e.g., using the scp:// protocol handler, an...

7.8CVSS6.5AI score0.00017EPSS

Exploits0

RedHat Linux•added 2026/04/13 8:55 a.m.•1 views

vim: Vim: Denial of service and information disclosure via crafted swap file

A flaw was found in Vim. This vulnerability, a heap-buffer-overflow and a segmentation fault, exists in the swap file recovery logic. A local attacker could exploit this by providing a specially crafted swap file. This could lead to a denial of service DoS or potentially information disclosure...

7.8CVSS5.7AI score0.00012EPSS

Exploits0References7

Tenable Nessus•added 2026/04/13 12:0 a.m.•4 views

Amazon Linux 2023 : vim-common, vim-data, vim-default-editor (ALAS2023-2026-1539)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1539 advisory. Vim is an open source, command line text editor. Versions prior to 9.2.0077 have a heap-buffer-overflow and a segmentation fault SEGV exist in Vim's swap file recovery logic. Both are caused b...

7.8CVSS5.9AI score0.00012EPSS

Exploits0References6

Amazon•added 2026/04/13 12:0 a.m.•4 views

Medium: vim

Issue Overview: Vim is an open source, command line text editor. Versions prior to 9.2.0077 have a heap-buffer-overflow and a segmentation fault SEGV exist in Vim's swap file recovery logic. Both are caused by unvalidated fields read from crafted pointer blocks within a swap file. Version 9.2.007...

7.8CVSS5.9AI score0.00012EPSS

Exploits0

RedHat Linux•added 2026/04/06 3:34 a.m.•1 views

vim: Vim: Denial of service and information disclosure via crafted swap file

7.8CVSS5.8AI score0.00012EPSS

Exploits0References7

OSV•added 2026/03/27 12:31 p.m.•4 views

CLSA-2026-1774525825 vim: Fix of 2 CVEs

CVE-2026-28417: fix OS command injection in netrw plugin via crafted scp:// URIs by adding strict RFC1123 hostname validation and using shellescape for hostname and port values. - CVE-2026-28421: fix heap-buffer-overflow and SEGV in swap file recovery by adding bounds checks on pepagecount,...

7.8CVSS5.8AI score0.00017EPSS

Exploits0References1

OSV•added 2026/03/24 9:58 a.m.•3 views

CLSA-2026-1774346288 vim: Fix of 2 CVEs

CVE-2026-28417: fix OS command injection via shell metacharacters in netrw URI hostname and port - CVE-2026-28421: fix heap-buffer-overflow and SEGV in swap file recovery due to unvalidated pointer block fields...

7.8CVSS5.8AI score0.00017EPSS

Exploits0References1

OSV•added 2026/03/24 9:44 a.m.•3 views

CLSA-2026-1774345469 vim: Fix of 2 CVEs

7.8CVSS7.1AI score0.00017EPSS

Exploits0References1

OSV•added 2026/03/24 9:32 a.m.•3 views

CLSA-2026-1774344754 vim: Fix of 2 CVEs

7.8CVSS7.1AI score0.00017EPSS

Exploits0References1

Tenable Nessus•added 2026/03/24 12:0 a.m.•6 views

TencentOS Server 4: vim (TSSA-2026:0178)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0178 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

7.8CVSS6.5AI score0.00048EPSS

Exploits1References9

OSV•added 2026/03/16 10:15 p.m.•2 views

USN-8101-1 vim vulnerabilities

Rahul Hoysala discovered that Vim did not correctly handle certain tag resolutions. An attacker could possibly use this issue to cause a denial of service. CVE-2026-25749 It was discovered that Vim did not correctly handle processing certain specialKey commands. An attacker could possibly use thi...

7.8CVSS6.3AI score0.00048EPSS

Exploits1References9

Malwarebytes•added 2026/03/16 2:22 p.m.•3 views

Delete doesn’t mean gone. Here’s how File Shredder fixes that

You have done it a thousand times. Right-click. Delete. Empty Trash. Done. Except it's not done. That file, your tax return, your private photos, that EmbezzlementPlan.doc… it's all still sitting on your drive. Invisible to you, but not to anyone with a $30 recovery tool downloaded from the...

6AI score

Exploits0

OSV•added 2026/03/06 3:1 a.m.•2 views

MGASA-2026-0049 Updated vim packages fix security vulnerabilities

OS Command Injection in netrw affects Vim 9.2.0073. CVE-2026-28417 Heap-based Buffer Overflow in Emacs tags parsing affects Vim 9.2.0074. CVE-2026-28418 Heap-based Buffer Underflow in Emacs tags parsing affects Vim 9.2.0075. CVE-2026-28419 Heap-based Buffer Overflow and OOB Read in :terminal...

7.8CVSS5.9AI score0.00017EPSS

Exploits0References8

SUSE CVE•added 2026/03/03 12:24 a.m.•0 views

SUSE CVE-2026-28421

Vim is an open source, command line text editor. Versions prior to 9.2.0077 have a heap-buffer-overflow and a segmentation fault SEGV exist in Vim's swap file recovery logic. Both are caused by unvalidated fields read from crafted pointer blocks within a swap file. Version 9.2.0077 fixes the issu...

5.3CVSS5.8AI score0.00012EPSS

Exploits0References9

OSV•added 2026/02/27 10:16 p.m.•1 views

ALPINE-CVE-2026-28421

7.8CVSS6AI score0.00012EPSS

Exploits0References1