CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

212 matches found

Tenable Nessus•added 2026/05/19 12:0 a.m.•8 views

RHEL 10 : vim (RHSA-2026:19073)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:19073 advisory. Vim Vi IMproved is an updated and improved version of the vi editor. Security Fixes: vim: arbitrary command execution via modeline sandbox bypass...

8.2CVSS6.5AI score0.00039EPSS

Exploits0References4

OSV•added 2026/05/19 12:0 a.m.•4 views

ALSA-2026:19224 Important: vim security update

Vim Vi IMproved is an updated and improved version of the vi editor. Security Fixes: vim: arbitrary command execution via modeline sandbox bypass CVE-2026-34982 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to...

8.2CVSS6.2AI score0.00039EPSS

Exploits0References4

Tenable Nessus•added 2026/05/18 12:0 a.m.•6 views

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: vim (UTSA-2026-021495)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021495 advisory. Vim is an open source, command line text editor. Prior to version 9.2.0276, a modeline sandbox bypass in Vim allows arbitrary OS command execution when a user opens ...

8.2CVSS6.5AI score0.00039EPSS

Exploits0References3

Tenable Nessus•added 2026/05/18 12:0 a.m.•10 views

Alibaba Cloud Linux 3 : 0107: vim (ALINUX3-SA-2026:0107)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2026:0107 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2026-34982: Vim is an open source, command line...

8.2CVSS6.1AI score0.00039EPSS

Exploits0References2

OSV•added 2026/05/15 4:26 p.m.•5 views

CLSA-2026-1778856286 vim: Fix of CVE-2026-34982

CVE-2026-34982: fix vim modeline sandbox bypass via complete/guitabtooltip/printheader options and mapset...

8.2CVSS6AI score0.00039EPSS

Exploits0References1

OSV•added 2026/05/15 3:18 p.m.•4 views

CLSA-2026-1778858288 vim: Fix of CVE-2026-34982

CVE-2026-34982: fix vim modeline sandbox bypass via complete/guitabtooltip/printheader options and mapset...

8.2CVSS6AI score0.00039EPSS

Exploits0References1

Tenable Nessus•added 2026/05/14 12:0 a.m.•4 views

Vim < 9.2.0435 OS Command Injection (GHSA-hwg5-3cxw-wvvg)

The version of Vim installed on the remote host is prior to 9.2.0435. It is, therefore, affected by a vulnerability as referenced in the GHSA-hwg5-3cxw-wvvg advisory. - Vim's :find command-line completion feature is affected by an OS command injection vulnerability. When the path option contains...

5.3CVSS6AI score0.00066EPSS

Exploits0References2

SUSE CVE•added 2026/05/11 2:13 p.m.•5 views

SUSE CVE-2026-44656

Vim is an open source, command line text editor. Prior to version 9.2.0435, an OS command injection vulnerability exists in Vim's :find command-line completion. When the path option contains backtick-enclosed shell commands, those commands are executed during file name completion. Because the pat...

4.4CVSS6AI score0.00066EPSS

Exploits0References13

SUSE CVE•added 2026/05/11 2:13 p.m.•6 views

SUSE CVE-2026-45130

Vim is an open source, command line text editor. Prior to version 9.2.0450, a heap buffer overflow exists in readcompound in src/spellfile.c when loading a crafted spell file .spl with UTF-8 encoding active. An attacker-controlled length field in the spell file's compound section overflows a 32-b...

6.6CVSS5.9AI score0.00004EPSS

Exploits1References13

Tenable Nessus•added 2026/05/09 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2026-44656

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vim is an open source, command line text editor. Prior to version 9.2.0435, an OS command injection vulnerability exists in Vim's :find command-line completion...

5.3CVSS5.9AI score0.00066EPSS

Exploits0References3

OSV•added 2026/05/08 11:16 p.m.•2 views

ALPINE-CVE-2026-45130

5.5CVSS5.9AI score0.00004EPSS

Exploits1References1

OSV•added 2026/05/08 11:16 p.m.•3 views

DEBIAN-CVE-2026-45130

6.6CVSS5.9AI score0.00004EPSS

Exploits1References1

NVD•added 2026/05/08 11:16 p.m.•9 views

CVE-2026-44656

5.3CVSS0.00066EPSS

Exploits0References3

OSV•added 2026/05/08 11:16 p.m.•4 views

ALPINE-CVE-2026-44656

5.3CVSS6AI score0.00066EPSS

Exploits0References1

OSV•added 2026/05/08 11:16 p.m.•2 views

DEBIAN-CVE-2026-44656

5.3CVSS6AI score0.00066EPSS

Exploits0References1

OSV•added 2026/05/08 11:16 p.m.•4 views

UBUNTU-CVE-2026-44656

5.3CVSS6AI score0.00066EPSS

Exploits0References6

UbuntuCve•added 2026/05/08 11:16 p.m.•6 views

CVE-2026-44656

5.3CVSS6AI score0.00066EPSS

Exploits0References5

CVE•added 2026/05/08 10:42 p.m.•15 views

CVE-2026-45130

Vim: Heap buffer overflow in read_compound() (src/spellfile.c) prior to 9.2.0450 when loading a crafted, UTF-8 spell file (.spl). An attacker-controlled length in the spell file’s compound section overflows a 32-bit signed multiplication, causing a small heap buffer to be allocated for a write lo...

6.6CVSS5.9AI score0.00004EPSS

Exploits1References4Affected Software2