Lucene search
K

9 matches found

ATTACKERKB
ATTACKERKB
added last week7 views

CVE-2026-59858

Vim is an open source, command line text editor. Prior to 9.2.0735, the C omni-completion script in runtime/autoload/ccomplete.vim interpolates the typeref: or typename: extension field of a tags entry, without escaping, into a :vimgrep pattern that is run through :execute. Because :vimgrep honor...

8.4CVSS6AI score0.00137EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/06/25 3:31 p.m.3 views

CVE-2026-55895 Vim: Vimscript Code Injection in netrw NetrwLocalRmFile() via crafted filename

Vim is an open source, command line text editor. Prior to 9.2.0663, a Vimscript code injection vulnerability exists in s:NetrwLocalRmFile in the netrw plugin runtime/pack/dist/opt/netrw/autoload/netrw.vim when deleting a local file from the browser. A filename derived from the buffer's directory...

8.4CVSS6.2AI score0.00154EPSS
Exploits0References5
OSV
OSV
added 2026/04/28 2:32 p.m.4 views

SUSE-SU-2026:21414-1 Security update for vim

This update for vim fixes the following issue: Update to version 9.2.0398. Security issues fixed: - CVE-2026-39881: missing sanitization in defineAnnoType and specialKeys can lead to arbitrary Ex command injection via a malicious NetBeans server bsc1261833...

7.8CVSS5.9AI score0.0062EPSS
Exploits0References3
OSV
OSV
added 2026/04/08 9:17 p.m.4 views

UBUNTU-CVE-2026-39881

Vim is an open source, command line text editor. Prior to 9.2.0316, a command injection vulnerability in Vim's netbeans interface allows a malicious netbeans server to execute arbitrary Ex commands when Vim connects to it, via unsanitized strings in the defineAnnoType and specialKeys protocol...

7.8CVSS6.1AI score0.0062EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/04/08 8:18 p.m.27 views

CVE-2026-39881 Vim Ex command injection in Vims NetBeans integration

Vim is an open source, command line text editor. Prior to 9.2.0316, a command injection vulnerability in Vim's netbeans interface allows a malicious netbeans server to execute arbitrary Ex commands when Vim connects to it, via unsanitized strings in the defineAnnoType and specialKeys protocol...

5CVSS0.0062EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/04/08 8:18 p.m.5 views

CVE-2026-39881

Vim is an open source, command line text editor. Prior to 9.2.0316, a command injection vulnerability in Vim's netbeans interface allows a malicious netbeans server to execute arbitrary Ex commands when Vim connects to it, via unsanitized strings in the defineAnnoType and specialKeys protocol...

7.8CVSS5.8AI score0.0062EPSS
Exploits0
OSV
OSV
added 2026/04/08 8:18 p.m.1 views

CVE-2026-39881 Vim Ex command injection in Vims NetBeans integration

Vim is an open source, command line text editor. Prior to 9.2.0316, a command injection vulnerability in Vim's netbeans interface allows a malicious netbeans server to execute arbitrary Ex commands when Vim connects to it, via unsanitized strings in the defineAnnoType and specialKeys protocol...

5CVSS7.4AI score0.0062EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2026/04/08 12:0 a.m.11 views

CVE-2026-39881

Vim is an open source, command line text editor. Prior to 9.2.0316, a command injection vulnerability in Vim's netbeans interface allows a malicious netbeans server to execute arbitrary Ex commands when Vim connects to it, via unsanitized strings in the defineAnnoType and specialKeys protocol...

7.8CVSS6.1AI score0.0062EPSS
Exploits0References4
Mageia
Mageia
added 2023/11/09 11:37 p.m.52 views

Updated vim packages fix a security vulnerability

The updated packages fix a security vulnerability: Integer overflow in :history Ex-Command in Vim 9.0.2068...

5.5CVSS7.6AI score0.00366EPSS
Exploits1References2
Rows per page
Query Builder