83 matches found
CVE-2026-11487
A flaw was found in Neovim. A local user could exploit this vulnerability by manipulating the argument path in the M.read function within the runtime/lua/vim/secure.lua file. This can lead to command injection, allowing the attacker to execute arbitrary commands on the local system...
CVE-2026-11487
A flaw has been found in Neovim up to 0.12.2. Affected by this issue is the function M.read of the file runtime/lua/vim/secure.lua of the component View Branch. Executing a manipulation of the argument path can lead to command injection. It is possible to launch the attack on the local host. The...
EUVD-2026-35018
A flaw has been found in Neovim up to 0.12.2. Affected by this issue is the function M.read of the file runtime/lua/vim/secure.lua of the component View Branch. Executing a manipulation of the argument path can lead to command injection. It is possible to launch the attack on the local host. The...
CVE-2026-11487
A flaw has been found in Neovim up to 0.12.2. Affected by this issue i...
CVE-2026-11487
CVE-2026-11487 affects Neovim up to 0.12.2. The vulnerability resides in the M.read function of runtime/lua/vim/secure.lua (View Branch). Manipulation of the argument path can lead to local command injection. An exploit has been published and may be used locally. A patch identified by f83e0dcaf8c...
CVE-2026-11487
A flaw has been found in Neovim up to 0.12.2. Affected by this issue is the function M.read of the file runtime/lua/vim/secure.lua of the component View Branch. Executing a manipulation of the argument path can lead to command injection. It is possible to launch the attack on the local host. The...
CVE-2026-11487 Neovim View Branch secure.lua M.read command injection
A flaw has been found in Neovim up to 0.12.2. Affected by this issue is the function M.read of the file runtime/lua/vim/secure.lua of the component View Branch. Executing a manipulation of the argument path can lead to command injection. It is possible to launch the attack on the local host. The...
CVE-2026-11487 Neovim View Branch secure.lua M.read command injection
A flaw has been found in Neovim up to 0.12.2. Affected by this issue is the function M.read of the file runtime/lua/vim/secure.lua of the component View Branch. Executing a manipulation of the argument path can lead to command injection. It is possible to launch the attack on the local host. The...
PT-2026-47249
A flaw has been found in Neovim up to 0.12.2. Affected by this issue is the function M.read of the file runtime/lua/vim/secure.lua of the component View Branch. Executing a manipulation of the argument path can lead to command injection. It is possible to launch the attack on the local host. The...
NewStart CGSL MAIN 6.06 (SP) : vim Vulnerability (NS-SA-2026-0010)
The remote NewStart CGSL host, running version MAIN 6.06 SP, has vim packages installed that are affected by a vulnerability: - getchar.c in Vim before 8.1.1365 and Neovim before 0.3.6 allows remote attackers to execute arbitrary OS commands via the :source! command in a modeline, as demonstrated...
[SECURITY] Fedora 42 Update: helix-25.07.1-7.fc42
A Kakoune / Neovim inspired editor, written in Rust...
[SECURITY] Fedora 43 Update: helix-25.07.1-7.fc43
A Kakoune / Neovim inspired editor, written in Rust...
[SECURITY] Fedora 41 Update: helix-25.01.1-6.fc41
A Kakoune / Neovim inspired editor, written in Rust...
[SECURITY] Fedora 42 Update: neovim-0.10.4-3.fc42
Neovim is a refactor - and sometimes redactor - in the tradition of Vim, which itself derives from Stevie. It is not a rewrite, but a continuation and extension of Vim. Many rewrites, clones, emulators and imitators exist; some are very clever, but none are Vim. Neovim strives to be a superset of...
OPENSUSE-SU-2024:11081-1 neovim-0.5.1-1.1 on GA media
These are all security issues fixed in the neovim-0.5.1-1.1 package on the GA media of openSUSE Tumbleweed...
Fedora: Security Advisory for helix (FEDORA-2024-40ee18b2e7)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 39 Update: helix-24.03-3.fc39
A Kakoune / Neovim inspired editor, written in Rust...
Fedora: Security Advisory for helix (FEDORA-2024-ce2936b568)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 40 Update: helix-24.03-3.fc40
A Kakoune / Neovim inspired editor, written in Rust...
Ubuntu 18.04 ESM : Neovim vulnerability (USN-4862-1)
The remote Ubuntu 18.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-4862-1 advisory. It was discovered that Neovim incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code...