Lucene search
K

226 matches found

ATTACKERKB
ATTACKERKB
added 2026/05/08 10:40 p.m.8 views

CVE-2026-44656

Vim is an open source, command line text editor. Prior to version 9.2.0435, an OS command injection vulnerability exists in Vim's :find command-line completion. When the path option contains backtick-enclosed shell commands, those commands are executed during file name completion. Because the pat...

4.6CVSS6AI score0.00917EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/05/08 10:40 p.m.42 views

CVE-2026-44656 Vim: OS Command Injection via 'path' completion

Vim is an open source, command line text editor. Prior to version 9.2.0435, an OS command injection vulnerability exists in Vim's :find command-line completion. When the path option contains backtick-enclosed shell commands, those commands are executed during file name completion. Because the pat...

4.6CVSS0.00917EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/05/08 10:40 p.m.5 views

CVE-2026-44656

Vim is an open source, command line text editor. Prior to version 9.2.0435, an OS command injection vulnerability exists in Vim's :find command-line completion. When the path option contains backtick-enclosed shell commands, those commands are executed during file name completion. Because the pat...

5.3CVSS6AI score0.00917EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.11 views

PT-2026-39222

Name of the Vulnerable Software and Affected Versions Vim versions prior to 9.2.0450 Description A heap buffer overflow occurs in the read compound function within src/spellfile.c when loading a specially crafted spell file .spl while UTF-8 encoding is active. An attacker-controlled length field ...

6.6CVSS6AI score0.00774EPSS
Exploits1References55
Tenable Nessus
Tenable Nessus
added 2026/05/02 12:0 a.m.6 views

RockyLinux 10 : vim (RLSA-2026:11389)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:11389 advisory. vim: arbitrary command execution via modeline sandbox bypass CVE-2026-34982 Tenable has extracted the preceding description block directly from the RockyLinux...

8.2CVSS6.1AI score0.0047EPSS
Exploits0References3
Rockylinux
Rockylinux
added 2026/05/01 12:6 p.m.7 views

vim security update

An update is available for vim. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Vim Vi IMproved is an updated and improved version of the vi editor. Security...

8.2CVSS6.2AI score0.0047EPSS
Exploits0
OSV
OSV
added 2026/05/01 12:6 p.m.6 views

RLSA-2026:11389 Important: vim security update

Vim Vi IMproved is an updated and improved version of the vi editor. Security Fixes: vim: arbitrary command execution via modeline sandbox bypass CVE-2026-34982 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to...

8.2CVSS6.5AI score0.0047EPSS
Exploits0References2
Rockylinux
Rockylinux
added 2026/04/30 6:0 p.m.11 views

vim security update

An update is available for vim. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Vim Vi IMproved is an updated and improved version of the vi editor. Security...

8.2CVSS6.5AI score0.0047EPSS
Exploits0
OSV
OSV
added 2026/04/30 6:0 p.m.9 views

RLSA-2026:11509 Important: vim security update

Vim Vi IMproved is an updated and improved version of the vi editor. Security Fixes: vim: arbitrary command execution via modeline sandbox bypass CVE-2026-34982 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to...

8.2CVSS6.4AI score0.0047EPSS
Exploits0References2
Rockylinux
Rockylinux
added 2026/04/30 12:3 p.m.8 views

vim security update

An update is available for vim. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Vim Vi IMproved is an updated and improved version of the vi editor. Security...

8.2CVSS6AI score0.0047EPSS
Exploits0
OSV
OSV
added 2026/04/30 12:3 p.m.5 views

RLSA-2026:11510 Important: vim security update

Vim Vi IMproved is an updated and improved version of the vi editor. Security Fixes: vim: arbitrary command execution via modeline sandbox bypass CVE-2026-34982 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to...

8.2CVSS6.4AI score0.0047EPSS
Exploits0References2
Amazon
Amazon
added 2026/04/30 12:0 a.m.12 views

Important: vim

Issue Overview: A modeline sandbox bypass in Vim allows arbitrary OS command execution when a user opens a crafted file. The complete, guitabtooltip and printheader options are missing the PMLE flag, allowing a modeline to be executed. Additionally, the mapset function lacks a checksecure call,...

8.2CVSS6.2AI score0.0047EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.13 views

Amazon Linux 2 : vim, --advisory ALAS2-2026-3251 (ALAS-2026-3251)

It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3251 advisory. A modeline sandbox bypass in Vim allows arbitrary OS command execution when a user opens a crafted file. The complete, guitabtooltip and printheader options are missing the PMLE flag, allowing a modeline ...

8.2CVSS5.8AI score0.0047EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.7 views

RockyLinux 9 : vim (RLSA-2026:11510)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:11510 advisory. vim: arbitrary command execution via modeline sandbox bypass CVE-2026-34982 Tenable has extracted the preceding description block directly from the RockyLinux...

8.2CVSS6.4AI score0.0047EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.11 views

AlmaLinux 9 : vim (ALSA-2026:11510)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:11510 advisory. vim: arbitrary command execution via modeline sandbox bypass CVE-2026-34982 Tenable has extracted the preceding description block directly from the AlmaLinux...

8.2CVSS6.2AI score0.0047EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.7 views

MiracleLinux 9 : vim-8.2.2637-23.el9_7.3.ML.1 (AXSA:2026-514:09)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-514:09 advisory. vim: arbitrary command execution via modeline sandbox bypass CVE-2026-34982 Tenable has extracted the preceding description block directly from the MiracleLin...

8.2CVSS6.4AI score0.0047EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.6 views

AlmaLinux 8 : vim (ALSA-2026:11509)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:11509 advisory. vim: arbitrary command execution via modeline sandbox bypass CVE-2026-34982 Tenable has extracted the preceding description block directly from the AlmaLinux...

8.2CVSS6AI score0.0047EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.11 views

RockyLinux 8 : vim (RLSA-2026:11509)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:11509 advisory. vim: arbitrary command execution via modeline sandbox bypass CVE-2026-34982 Tenable has extracted the preceding description block directly from the RockyLinux...

8.2CVSS6.1AI score0.0047EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.8 views

AlmaLinux 10 : vim (ALSA-2026:11389)

The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:11389 advisory. vim: arbitrary command execution via modeline sandbox bypass CVE-2026-34982 Tenable has extracted the preceding description block directly from the AlmaLinux...

8.2CVSS6.2AI score0.0047EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.6 views

MiracleLinux 8 : vim-8.0.1763-22.el8_10.3.ML.1 (AXSA:2026-517:10)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-517:10 advisory. vim: arbitrary command execution via modeline sandbox bypass CVE-2026-34982 Tenable has extracted the preceding description block directly from the MiracleLin...

8.2CVSS6.4AI score0.0047EPSS
Exploits0References2
Rows per page
Query Builder