Lucene search
K

13 matches found

RedhatCVE
RedhatCVE
added yesterday6 views

CVE-2026-55895

A flaw was found in Vim, specifically within the netrw plugin. A local user could exploit a Vimscript code injection vulnerability by attempting to delete a specially crafted local file from the browser. This crafted filename, containing a bar character, could be interpolated into an Ex command,...

8.4CVSS6.4AI score0.00154EPSS
Exploits0References6
Cvelist
Cvelist
added last week32 views

CVE-2026-55895 Vim: Vimscript Code Injection in netrw NetrwLocalRmFile() via crafted filename

Vim is an open source, command line text editor. Prior to 9.2.0663, a Vimscript code injection vulnerability exists in s:NetrwLocalRmFile in the netrw plugin runtime/pack/dist/opt/netrw/autoload/netrw.vim when deleting a local file from the browser. A filename derived from the buffer's directory...

8.4CVSS0.00154EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added last week8 views

CVE-2026-55895

Vim is an open source, command line text editor. Prior to 9.2.0663, a Vimscript code injection vulnerability exists in s:NetrwLocalRmFile in the netrw plugin runtime/pack/dist/opt/netrw/autoload/netrw.vim when deleting a local file from the browser. A filename derived from the buffer's directory...

8.4CVSS6.2AI score0.00154EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.4 views

Amazon Linux 2 : vim, --advisory ALAS2-2026-3368 (ALAS-2026-3368)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3368 advisory. Vim is an open source, command line text editor. Prior to version 9.2.0495, a Vimscript code injection vulnerability exists in s:NetrwBookHistSave in the netrw plugin...

8.8CVSS6.3AI score0.00224EPSS
Exploits0References10
NVD
NVD
added 2026/06/11 7:16 p.m.37 views

CVE-2026-47162

Vim is an open source, command line text editor. Prior to version 9.2.0495, a Vimscript code injection vulnerability exists in s:NetrwBookHistSave in the netrw plugin runtime/pack/dist/opt/netrw/autoload/netrw.vim when serializing browsed directory paths to the history file /.vim/.netrwhist. A...

8.8CVSS0.00219EPSS
Exploits0References6
AlpineLinux
AlpineLinux
added 2026/06/11 6:32 p.m.6 views

CVE-2026-47162

Vim is an open source, command line text editor. Prior to version 9.2.0495, a Vimscript code injection vulnerability exists in s:NetrwBookHistSave in the netrw plugin runtime/pack/dist/opt/netrw/autoload/netrw.vim when serializing browsed directory paths to the history file /.vim/.netrwhist. A...

8.8CVSS5.8AI score0.00219EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/11 6:32 p.m.35 views

CVE-2026-47162 Vim: Vimscript Code Injection in netrw NetrwBookHistSave() via crafted directory name

Vim is an open source, command line text editor. Prior to version 9.2.0495, a Vimscript code injection vulnerability exists in s:NetrwBookHistSave in the netrw plugin runtime/pack/dist/opt/netrw/autoload/netrw.vim when serializing browsed directory paths to the history file /.vim/.netrwhist. A...

7.3CVSS0.00219EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/11 6:32 p.m.7 views

CVE-2026-47162 Vim: Vimscript Code Injection in netrw NetrwBookHistSave() via crafted directory name

Vim is an open source, command line text editor. Prior to version 9.2.0495, a Vimscript code injection vulnerability exists in s:NetrwBookHistSave in the netrw plugin runtime/pack/dist/opt/netrw/autoload/netrw.vim when serializing browsed directory paths to the history file /.vim/.netrwhist. A...

7.3CVSS5.8AI score0.00219EPSS
Exploits0References3
CVE
CVE
added 2026/06/11 6:32 p.m.45 views

CVE-2026-47162

Vim (with the netrw plugin) is affected by CVE-2026-47162 due to a Vimscript code injection in s:NetrwBookHistSave() when serializing directory paths to the history file ~/.vim/.netrwhist. A directory name from the filesystem can be interpolated into a single-quoted Vimscript string literal witho...

8.8CVSS5.9AI score0.00219EPSS
Exploits0References6Affected Software1
EUVD
EUVD
added 2026/06/11 6:32 p.m.9 views

EUVD-2026-36281

Vim is an open source, command line text editor. Prior to version 9.2.0495, a Vimscript code injection vulnerability exists in s:NetrwBookHistSave in the netrw plugin runtime/pack/dist/opt/netrw/autoload/netrw.vim when serializing browsed directory paths to the history file /.vim/.netrwhist. A...

7.3CVSS5.9AI score0.00219EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/11 12:0 a.m.14 views

PT-2026-48705

Name of the Vulnerable Software and Affected Versions Vim versions prior to 9.2.0495 Description A Vimscript code injection exists in the s:NetrwBookHistSave function within the netrw plugin. The issue occurs when serializing browsed directory paths to the history file /.vim/.netrwhist. A directo...

8.8CVSS5.7AI score0.00219EPSS
Exploits0References17
OSV
OSV
added 2026/06/01 10:46 a.m.4 views

SUSE-SU-2026:21944-1 Security update for vim

This update for vim fixes the following issues - CVE-2026-42307: Prior to version 9.2.0383, an OS command injection vulnerability exists in the netrw standard plugin bundled with Vim bsc1264706. - CVE-2026-43961: Vimscript Code Injection in netrw NetrwMarkFile via crafted filename bsc1265349. -...

7CVSS6AI score0.00917EPSS
Exploits1References12
OSV
OSV
added 2026/05/28 12:13 p.m.6 views

SUSE-SU-2026:21840-1 Security update for vim

This update for vim fixes the following issues - CVE-2026-39881: command injection in NetBeans interface can lead to arbitrary file reads and writes bsc1261833. - CVE-2026-42307: Prior to version 9.2.0383, an OS command injection vulnerability exists in the netrw standard plugin bundled with Vim...

7.8CVSS7.5AI score0.00917EPSS
Exploits1References14
Rows per page
Query Builder