Lucene search
K

34 matches found

OSV
OSV
added 3 days ago4 views

OESA-2026-2863 vim security update

Vim is an advanced text editor that seeks to provide the power of the de-facto Unix editor 'Vi', with a more complete feature set. Vim is a highly configurable text editor built to enable efficient text editing. It is an improved version of the vi editor distributed with most UNIX systems. Securi...

8.8CVSS6.3AI score0.00303EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 6 days ago7 views

CVE-2026-57456

There is a security flaw in Vim. If you use Vim to open a malicious file written by a hacker, and you use the auto-complete feature while typing, the file can secretly force your computer to run unauthorized commands or malware. Mitigation To mitigate this vulnerability, users should avoid openin...

8.4CVSS6AI score0.00144EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-57456

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vim is an open source, command line text editor. Prior to 9.2.0699, Vim's Python omni-completion runtime/autoload/python3complete.vim and the legacy...

8.4CVSS6.2AI score0.00144EPSS
Exploits0References4
NVD
NVD
added 2026/06/25 4:16 p.m.10 views

CVE-2026-57456

Vim is an open source, command line text editor. Prior to 9.2.0699, Vim's Python omni-completion runtime/autoload/python3complete.vim and the legacy pythoncomplete.vim executes reconstructed function and class definitions from the current buffer with exec as part of populating the completion...

8.4CVSS0.00144EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/25 3:16 p.m.10 views

EUVD-2026-39436

Vim is an open source, command line text editor. Prior to 9.2.0699, Vim's Python omni-completion runtime/autoload/python3complete.vim and the legacy pythoncomplete.vim executes reconstructed function and class definitions from the current buffer with exec as part of populating the completion...

8.4CVSS6.1AI score0.00144EPSS
Exploits0References3
CVE
CVE
added 2026/06/25 3:16 p.m.23 views

CVE-2026-57456

Vim (prior to 9.2.0699) is vulnerable in its Python omni-completion: during reconstruction of function/class definitions, docstrings are inlined between triple quotes without escaping, allowing a hostile buffer to break out of the literal and execute attacker-controlled Python during omni-complet...

8.4CVSS6.1AI score0.00144EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/25 3:16 p.m.5 views

CVE-2026-57456

Vim is an open source, command line text editor. Prior to 9.2.0699, Vim's Python omni-completion runtime/autoload/python3complete.vim and the legacy pythoncomplete.vim executes reconstructed function and class definitions from the current buffer with exec as part of populating the completion...

8.4CVSS6.1AI score0.00144EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/06/25 3:16 p.m.38 views

CVE-2026-57456 Vim: Arbitrary Code Execution via Python Omni-Completion Docstrings

Vim is an open source, command line text editor. Prior to 9.2.0699, Vim's Python omni-completion runtime/autoload/python3complete.vim and the legacy pythoncomplete.vim executes reconstructed function and class definitions from the current buffer with exec as part of populating the completion...

8.4CVSS0.00144EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2026/06/25 3:16 p.m.11 views

CVE-2026-57456

Vim is an open source, command line text editor. Prior to 9.2.0699, Vim's Python omni-completion runtime/autoload/python3complete.vim and the legacy pythoncomplete.vim executes reconstructed function and class definitions from the current buffer with exec as part of populating the completion...

8.4CVSS6.1AI score0.00144EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/20 12:0 a.m.8 views

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : Vim vulnerabilities (USN-8451-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8451-1 advisory. Srinivas Piskala Ganesh Babu discovered that Vim incorrectly handled...

8.8CVSS6.2AI score0.00303EPSS
Exploits0References6
OSV
OSV
added 2026/06/18 4:5 p.m.8 views

USN-8451-1 vim vulnerabilities

Srinivas Piskala Ganesh Babu discovered that Vim incorrectly handled directory names when serializing browsed paths to the netrw history file. An attacker could possibly use this issue to execute arbitrary code. CVE-2026-47162 It was discovered that Vim incorrectly handled step-definition pattern...

8.8CVSS6AI score0.00303EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/06/18 3:45 p.m.8 views

CVE-2026-52860

A flaw was found in Vim, an open-source command-line text editor. The Python omni-completion feature executes reconstructed function and class definitions from the current buffer. A remote attacker can exploit this by crafting a hostile buffer, leading to the execution of attacker-controlled Pyth...

8CVSS5.8AI score0.00224EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/06/18 12:0 a.m.6 views

Vim < 9.2.0561 Code Injection (GHSA-52mc-rq6p-rc7c)

The version of Vim installed on the remote host is prior to 9.2.0561. It is, therefore, affected by a vulnerability as referenced in the GHSA-52mc-rq6p-rc7c advisory. - The Python omni-completion script python3complete.vim for Vim with the +python3 interpreter enabled executes import and from...

7.8CVSS6.3AI score0.00201EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/18 12:0 a.m.10 views

Vim < 9.2.0597 Code Execution (GHSA-65p9-mwwx-7468)

The version of Vim installed on the remote host is prior to 9.2.0597. It is, therefore, affected by a vulnerability as referenced in the GHSA-65p9-mwwx-7468 advisory. - Vim's Python omni-completion executes reconstructed function and class definitions from the current buffer with exec as part of...

8CVSS6.2AI score0.00224EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2026/06/13 8:1 a.m.17 views

Vim: Arbitrary Code Execution via Python Omni-Completion

...

7.8CVSS5.3AI score0.00201EPSS
Exploits0
OSV
OSV
added 2026/06/11 7:16 p.m.6 views

ALPINE-CVE-2026-52858

Vim is an open source, command line text editor. Prior to version 9.2.0561, the Python omni-completion script in python3complete.vim for Vim with the +python3 interpreter enabled and the legacy pythoncomplete.vim for builds with the +python interpreter executes the import and from statements foun...

7.8CVSS5.5AI score0.00201EPSS
Exploits0References1
NVD
NVD
added 2026/06/11 7:16 p.m.17 views

CVE-2026-52860

Vim is an open source, command line text editor. Prior to version 9.2.0597, Vim's Python omni-completion executes reconstructed function and class definitions from the current buffer with exec as part of populating the completion dictionary. Python evaluates function default values, parameter...

8CVSS0.00224EPSS
Exploits0References7
OSV
OSV
added 2026/06/11 7:16 p.m.8 views

ALPINE-CVE-2026-52860

Vim is an open source, command line text editor. Prior to version 9.2.0597, Vim's Python omni-completion executes reconstructed function and class definitions from the current buffer with exec as part of populating the completion dictionary. Python evaluates function default values, parameter...

7.8CVSS5.6AI score0.00224EPSS
Exploits0References1
OSV
OSV
added 2026/06/11 7:16 p.m.7 views

UBUNTU-CVE-2026-52860

Vim is an open source, command line text editor. Prior to version 9.2.0597, Vim's Python omni-completion executes reconstructed function and class definitions from the current buffer with exec as part of populating the completion dictionary. Python evaluates function default values, parameter...

8CVSS5.6AI score0.00224EPSS
Exploits0References7
OSV
OSV
added 2026/06/11 7:16 p.m.10 views

UBUNTU-CVE-2026-52858

Vim is an open source, command line text editor. Prior to version 9.2.0561, the Python omni-completion script in python3complete.vim for Vim with the +python3 interpreter enabled and the legacy pythoncomplete.vim for builds with the +python interpreter executes the import and from statements foun...

7.8CVSS5.5AI score0.00201EPSS
Exploits0References6
Rows per page
Query Builder