CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Tenable Nessus•added 2026/05/04 12:0 a.m.•4 views

Oracle Linux 9 : vim (ELSA-2026-11510)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-11510 advisory. - RHEL-155437 CVE-2026-28417 vim: Vim: Arbitrary code execution via OS command injection in the netrw plugin - RHEL-155422 CVE-2026-28421 vim: Vim: Denial of...

8.2CVSS6.4AI score0.00034EPSS

Exploits0References2

OSV•added 2026/05/01 6:44 p.m.•5 views

CLSA-2026-1777661044 vim: Fix of CVE-2026-33412

CVE-2026-33412: fix OS command injection via newline in glob by adding \n to SHELLSPECIAL in src/osunix.c so newlines are escaped before the pattern is passed to the user's shell...

7.3CVSS7.1AI score0.00009EPSS

Exploits0References1

CloudLinux•added 2026/04/29 7:6 a.m.•3 views

vim: Fix of CVE-2026-33412

CVE-2026-33412: fix command injection via newline character in glob on Unix-like systems by escaping '\n' in SHELLSPECIAL...

7.3CVSS6AI score0.00009EPSS

Oracle linux•added 2026/04/29 12:0 a.m.•6 views

vim security update

8.2.2637-23.0.1.el97.3 - Remove upstream references Orabug: 31197557 2:8.2.2637-23.3 - Resolves: RHEL-164965 vim: arbitrary command execution via modeline sandbox bypass 2:8.2.2637-23.2 - RHEL-155437 CVE-2026-28417 vim: Vim: Arbitrary code execution via OS command injection in the netrw plugin -...

8.2CVSS6.6AI score0.00034EPSS

Oracle linux•added 2026/04/28 12:0 a.m.•5 views

vim security update

9.1.083-6.0.1.el101.4 - Remove upstream references Orabug: 31197557 2:9.1.083-6.4 - Resolves: RHEL-164951 vim: arbitrary command execution via modeline sandbox bypass 2:9.1.083-6.3 - RHEL-159615 CVE-2026-33412 vim: Vim: Arbitrary code execution via command injection in glob function 2:9.1.083-6.2...

8.2CVSS6.6AI score0.00034EPSS

Exploits1

Vulnrichment•added 2026/04/18 1:24 a.m.•0 views

CVE-2026-40489 editorconfig-core-c has incomplete fix for CVE-2023-0341

editorconfig-core-c is an EditorConfig core library for use by plugins supporting EditorConfig parsing. Versions up to and including 0.12.10 have a stack-based buffer overflow in ecglob that allows an attacker to crash any application using libeditorconfig by providing a specially crafted directo...

8.6CVSS6.1AI score0.00018EPSS

Exploits0References3

Positive Technologies•added 2026/04/18 12:0 a.m.•1 views

PT-2026-33581

Name of the Vulnerable Software and Affected Versions editorconfig-core-c versions prior to 0.12.11 Description A stack-based buffer overflow exists in the ec glob function. An attacker can cause a crash in any application using libeditorconfig by providing a specially crafted directory structure...

8.6CVSS7.5AI score0.00018EPSS

Exploits0References23

Rockylinux•added 2026/04/16 12:1 p.m.•1 views

vim security update

An update is available for vim. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Vim Vi IMproved is an updated and improved version of the vi editor. Security...

OSV•added 2026/04/16 12:1 p.m.•1 views

RLSA-2026:8259 Important: vim security update

Vim Vi IMproved is an updated and improved version of the vi editor. Security Fixes: vim: Vim: Arbitrary code execution via OS command injection in the netrw plugin CVE-2026-28417 vim: Vim: Denial of service and information disclosure via crafted swap file CVE-2026-28421 vim: Vim: Arbitrary code...

7.3CVSS6.4AI score0.00017EPSS

Tenable Nessus•added 2026/04/16 12:0 a.m.•1 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: vim (UTSA-2026-007186)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007186 advisory. Vim is an open source, command line text editor. Prior to version 9.2.0202, a command injection vulnerability exists in Vim's glob function on Unix-like systems. By...

7.3CVSS6.2AI score0.00009EPSS

OSV•added 2026/04/15 12:7 p.m.•3 views

RLSA-2026:7711 Important: vim security update

7.3CVSS6.4AI score0.00017EPSS

Rockylinux•added 2026/04/15 12:7 p.m.•1 views

vim security update

An update is available for vim. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Vim Vi IMproved is an updated and improved version of the vi editor. Security...

RedHat Linux•added 2026/04/15 7:35 a.m.•0 views

Important: Red Hat Security Advisory: vim security update

An update for vim is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

OSV•added 2026/04/15 12:0 a.m.•1 views

ALSA-2026:8259 Important: vim security update

Tenable Nessus•added 2026/04/15 12:0 a.m.•7 views

Exploits0References8

AlmaLinux 10 : vim (ALSA-2026:7711)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:7711 advisory. vim: Vim: Arbitrary code execution via OS command injection in the netrw plugin CVE-2026-28417 vim: Vim: Denial of service and information disclosure via...

AlmaLinux•added 2026/04/15 12:0 a.m.•4 views

Exploits0References5

Important: vim security update

7.8CVSS6.4AI score0.00017EPSS

Exploits0References8

Tenable Nessus•added 2026/04/15 12:0 a.m.•2 views

RockyLinux 10 : vim (RLSA-2026:7711)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:7711 advisory. vim: Vim: Arbitrary code execution via OS command injection in the netrw plugin CVE-2026-28417 vim: Vim: Denial of service and information disclosure vi...