EUVD-2026-36282

Vim is an open source, command line text editor. Prior to version 9.2.0561, the Python omni-completion script in python3complete.vim for Vim with the +python3 interpreter enabled and the legacy pythoncomplete.vim for builds with the +python interpreter executes the import and from statements foun...

CVE-2026-52858

Vim is an open source, command line text editor. Prior to version 9.2.0561, the Python omni-completion script in python3complete.vim for Vim with the +python3 interpreter enabled and the legacy pythoncomplete.vim for builds with the +python interpreter executes the import and from statements foun...

PT-2026-48723

Name of the Vulnerable Software and Affected Versions Vim versions prior to 9.2.0597 Description Python omni-completion in the text editor executes reconstructed function and class definitions from the current buffer using the exec function to populate the completion dictionary. Because Python...

PT-2026-48721

Name of the Vulnerable Software and Affected Versions Vim versions prior to 9.2.0561 Description The Python omni-completion script in python3complete.vim for builds with the +python3 interpreter enabled and pythoncomplete.vim for builds with the +python interpreter executes import and from...

Vim 代码注入漏洞

Vim is an open-source, cross-platform text editor developed by Vim developers. Prior to Vim 9.2.0561, there was a code injection vulnerability. This vulnerability stemmed from the Python omni-completion script, which executed import and from statements in the current buffer through the Python...

Vim 代码注入漏洞

Vim is an open-source, cross-platform text editor developed by Vim developers. Prior to Vim 9.2.0597, there was a code injection vulnerability. This vulnerability stemmed from Python’s omni-completion feature, which used exec to execute function and class definitions reconstructed from the curren...

Linux Distros Unpatched Vulnerability : CVE-2026-52858

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vim is an open source, command line text editor. Prior to version 9.2.0561, the Python omni-completion script in python3complete.vim for Vim with the +python3...

Linux Distros Unpatched Vulnerability : CVE-2026-52860

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vim is an open source, command line text editor. Prior to version 9.2.0597, Vim's Python omni-completion executes reconstructed function and class definitions...

PT-2026-48244

This update for xen fixes the following issues: - CVE-2026-42487: x86 HVM I/O port list traversal bsc1266952. - CVE-2026-42488: x86: mismatched mapcache metadata bsc1266955. - CVE-2026-42489,CVE-2026-42490: domctl lock open to abuse bsc1266953...

CVE-2026-49366

In JetBrains IntelliJ IDEA before 2026.1.1 command injection was possible via filename completion...

CVE-2026-45350

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.6, there is a vulnerability in chat completion API, which allows attackers to bypass tool restrictions, potentially enabling unauthorized actions or access. In the chatcompletion API, t...

CVE-2026-44656

A flaw was found in Vim, an open-source command-line text editor. An attacker who controls the contents of a file can exploit an OS command injection vulnerability in Vim's :find command-line completion. This occurs when the path option, which can be set from a modeline, contains backtick-enclose...

JetBrains IntelliJ IDEA < 2026.1.1 Multiple Vulnerabilities

The version of JetBrains IntelliJ IDEA installed on the remote host is prior to 2026.1.1. It is, therefore, affected by multiple vulnerabilities: - In JetBrains IntelliJ IDEA before 2026.1.1 command injection was possible via filename completion CVE-2026-49366 - In JetBrains IntelliJ IDEA before...

Linux Distros Unpatched Vulnerability : CVE-2026-46081

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: acomp - fix wrong pointer stored by acompsavereq acompsavereq stores &req-chain in req-base.data. When acompreqchaindone is invoked on asynchronous...

goclaw 安全漏洞

Goclaw is an open-source multi-tenant AI smart agent platform developed by Next Level Builder. Versions of GoClaw 3.11.3 and earlier contain security vulnerabilities. These vulnerabilities stem from a flaw in the Team Task Completion Handler component, where the TeamTasksTool.executeComplete...

CVE-2026-49366

In JetBrains IntelliJ IDEA before 2026.1.1 command injection was possible via filename completion...

CVE-2026-49366

In JetBrains IntelliJ IDEA before 2026.1.1 command injection was possible via filename completion...

CVE-2026-49366

In JetBrains IntelliJ IDEA before 2026.1.1 command injection was possible via filename completion...

EUVD-2026-33414

In JetBrains IntelliJ IDEA before 2026.1.1 command injection was possible via filename completion...

CVE-2026-49366

CVE-2026-49366 affects JetBrains IntelliJ IDEA prior to 2026.1.1. The issue enables command injection via filename completion, with CVSSv3.1 base score 7.8 (HIGH) and user interaction required. The root cause is not detailed in the provided documents; affected component is IntelliJ IDEA’s filenam...