20 matches found
Vim: Arbitrary Code Execution via Python Omni-Completion
...
UBUNTU-CVE-2026-52858
Vim is an open source, command line text editor. Prior to version 9.2.0561, the Python omni-completion script in python3complete.vim for Vim with the +python3 interpreter enabled and the legacy pythoncomplete.vim for builds with the +python interpreter executes the import and from statements foun...
UBUNTU-CVE-2026-52860
Vim is an open source, command line text editor. Prior to version 9.2.0597, Vim's Python omni-completion executes reconstructed function and class definitions from the current buffer with exec as part of populating the completion dictionary. Python evaluates function default values, parameter...
ALPINE-CVE-2026-52860
Vim is an open source, command line text editor. Prior to version 9.2.0597, Vim's Python omni-completion executes reconstructed function and class definitions from the current buffer with exec as part of populating the completion dictionary. Python evaluates function default values, parameter...
ALPINE-CVE-2026-52858
Vim is an open source, command line text editor. Prior to version 9.2.0561, the Python omni-completion script in python3complete.vim for Vim with the +python3 interpreter enabled and the legacy pythoncomplete.vim for builds with the +python interpreter executes the import and from statements foun...
CVE-2026-52860
Vim is an open source, command line text editor. Prior to version 9.2.0597, Vim's Python omni-completion executes reconstructed function and class definitions from the current buffer with exec as part of populating the completion dictionary. Python evaluates function default values, parameter...
CVE-2026-52860 Vim: Arbitrary Code Execution via Python Omni-Completion
Vim is an open source, command line text editor. Prior to version 9.2.0597, Vim's Python omni-completion executes reconstructed function and class definitions from the current buffer with exec as part of populating the completion dictionary. Python evaluates function default values, parameter...
CVE-2026-52860
Vim before version 9.2.0597 is affected by a Python omni-completion vulnerability: reconstructed function and class definitions from the current buffer are executed via exec(), allowing attacker-controlled Python expressions to run during completion. This can impact confidentiality, integrity, an...
EUVD-2026-36285
Vim is an open source, command line text editor. Prior to version 9.2.0597, Vim's Python omni-completion executes reconstructed function and class definitions from the current buffer with exec as part of populating the completion dictionary. Python evaluates function default values, parameter...
CVE-2026-52860 Vim: Arbitrary Code Execution via Python Omni-Completion
Vim is an open source, command line text editor. Prior to version 9.2.0597, Vim's Python omni-completion executes reconstructed function and class definitions from the current buffer with exec as part of populating the completion dictionary. Python evaluates function default values, parameter...
CVE-2026-52860
Vim is an open source, command line text editor. Prior to version 9.2.0597, Vim's Python omni-completion executes reconstructed function and class definitions from the current buffer with exec as part of populating the completion dictionary. Python evaluates function default values, parameter...
CVE-2026-52858 Vim: Arbitrary Code Execution via Python Omni-Completion
Vim is an open source, command line text editor. Prior to version 9.2.0561, the Python omni-completion script in python3complete.vim for Vim with the +python3 interpreter enabled and the legacy pythoncomplete.vim for builds with the +python interpreter executes the import and from statements foun...
CVE-2026-52858
Vim before 9.2.0561 is vulnerable via Python omni-completion (python3complete.vim for +python3, and legacy pythoncomplete.vim for +python) where the current buffer’s sys.path allows importing and executing a sibling package’s top-level code when opening a hostile .py file. Root cause: omni-comple...
EUVD-2026-36282
Vim is an open source, command line text editor. Prior to version 9.2.0561, the Python omni-completion script in python3complete.vim for Vim with the +python3 interpreter enabled and the legacy pythoncomplete.vim for builds with the +python interpreter executes the import and from statements foun...
CVE-2026-52858 Vim: Arbitrary Code Execution via Python Omni-Completion
Vim is an open source, command line text editor. Prior to version 9.2.0561, the Python omni-completion script in python3complete.vim for Vim with the +python3 interpreter enabled and the legacy pythoncomplete.vim for builds with the +python interpreter executes the import and from statements foun...
CVE-2026-52858
Vim is an open source, command line text editor. Prior to version 9.2.0561, the Python omni-completion script in python3complete.vim for Vim with the +python3 interpreter enabled and the legacy pythoncomplete.vim for builds with the +python interpreter executes the import and from statements foun...
Linux Distros Unpatched Vulnerability : CVE-2026-52858
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vim is an open source, command line text editor. Prior to version 9.2.0561, the Python omni-completion script in python3complete.vim for Vim with the +python3...
Linux Distros Unpatched Vulnerability : CVE-2026-52860
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vim is an open source, command line text editor. Prior to version 9.2.0597, Vim's Python omni-completion executes reconstructed function and class definitions...
Vim code injection vulnerability
Vim is an open-source, cross-platform text editor developed by Vim developers. Prior to Vim 9.2.0561, there was a code injection vulnerability. This vulnerability stemmed from the Python omni-completion script, which executed import and from statements in the current buffer through the Python...
Vim code injection vulnerability
Vim is an open-source, cross-platform text editor developed by Vim developers. Prior to Vim 9.2.0597, there was a code injection vulnerability. This vulnerability stemmed from Python’s omni-completion feature, which used exec to execute function and class definitions reconstructed from the curren...