CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2026/05/07 2:58 p.m.•5 views

USN-8246-1 vim vulnerabilities

Michał Majchrowicz discovered that Vim’s zip plugin could overwrite arbitrary files. An attacker could possibly use this issue to delete sensitive data or execute arbitrary code. This issue only affected Ubuntu 26.04 LTS. CVE-2026-35177 It was discovered that Vim’s netbeans interface did not...

7.8CVSS6.1AI score0.0062EPSS

Exploits0References4

Ubuntu•added 2026/05/07 2:58 p.m.•15 views

USN-8246-1: Vim vulnerabilities

7.8CVSS6.1AI score0.0062EPSS

Exploits0

CloudLinux•added 2026/05/05 9:18 p.m.•9 views

vim: Fix of CVE-2026-39881

CVE-2026-39881: fix command injection in netbeans interface by validating defineAnnoType typeName/fg/bg and specialKeys tokens against an allowlist of safe characters before interpolating them into Ex commands...

7.8CVSS5.8AI score0.0062EPSS

Exploits0

OSV•added 2026/05/05 9:18 p.m.•7 views

CLSA-2026-1777568566 vim: Fix of CVE-2026-39881

7.8CVSS5.8AI score0.0062EPSS

OSV•added 2026/05/05 1:13 a.m.•5 views

CLSA-2026-1777943581 vim: Fix of 2 CVEs

CVE-2026-35177: fix path traversal bypass in zip.vim by using simplify to detect attacks that circumvent the previous regex-only check - CVE-2026-39881: fix command injection in netbeans interface via unsanitized defineAnnoType and specialKeys parameters...

OSV•added 2026/05/05 12:47 a.m.•4 views

CLSA-2026-1777942049 Fix CVE(s): CVE-2026-39881

SECURITY UPDATE: fix command injection in netbeans interface via defineAnnoType validate typeName/fg/bg/specialKeys - debian/patches/CVE-2026-39881.patch: fix command injection in netbeans interface via defineAnnoType validate typeName/fg/bg/specialKeys - CVE-2026-39881...

OSV•added 2026/05/04 10:7 a.m.•6 views

CLSA-2026-1777889241 vim: Fix of 2 CVEs

7.8CVSS5.8AI score0.0062EPSS

OSV•added 2026/05/01 8:50 a.m.•3 views

CLSA-2026-1777625424 Fix CVE(s): CVE-2026-39881

SECURITY UPDATE: Command injection in netbeans interface - debian/patches/CVE-2026-39881.patch: add nbissafestring in src/netbeans.c and validate typeName, fg and bg in defineAnnoType and key tokens in specialkeys against an allowlist before they reach coloncmd/domap, preventing a malicious...

OSV•added 2026/04/30 4:48 p.m.•5 views

CLSA-2026-1777567716 vim: Fix of CVE-2026-39881

OSV•added 2026/04/29 11:30 a.m.•2 views

SUSE-SU-2026:21450-1 Security update for vim

This update for vim fixes the following issue: Update to version 9.2.0398. Security issues fixed: - CVE-2026-39881: missing sanitization in defineAnnoType and specialKeys can lead to arbitrary Ex command injection via a malicious NetBeans server bsc1261833...

Tenable Nessus•added 2026/04/29 12:0 a.m.•6 views

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 : Vim vulnerabilities (USN-8213-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8213-1 advisory. Micha Majchrowicz discovered that Vim's zip plugin could overwrite arbitrary files. A...

7.8CVSS6.2AI score0.0062EPSS

OSV•added 2026/04/28 2:32 p.m.•2 views

SUSE-SU-2026:21414-1 Security update for vim

OSV•added 2026/04/27 8:30 p.m.•5 views

USN-8213-1 vim vulnerabilities

Michał Majchrowicz discovered that Vim's zip plugin could overwrite arbitrary files. An attacker could possibly use this issue to delete sensitive data or execute arbitrary code. This issue only affected Ubuntu 24.04 LTS and Ubuntu 25.10. CVE-2026-35177 It was discovered that Vim's netbeans...

Ubuntu•added 2026/04/27 8:30 p.m.•8 views

USN-8213-1: Vim vulnerabilities

7.8CVSS6AI score0.0062EPSS

Exploits0

OSV•added 2026/04/25 5:48 a.m.•4 views

OESA-2026-2007 vim security update

Vim is an advanced text editor that seeks to provide the power of the de-facto Unix editor 'Vi', with a more complete feature set. Vim is a highly configurable text editor built to enable efficient text editing. It is an improved version of the vi editor distributed with most UNIX systems. Securi...