Updated vim packages fix security vulnerabilities

Heap Buffer Overflow in spell file loading affects Vim 9.2.0450. CVE-2026-45130 Vimscript Code Injection in netrw NetrwMarkFile via crafted filename affects Vim 9.2.0480. CVE-2026-43961 Command Injection in tar.vim affects Vim 9.2.0479. CVE-2026-46483 Vimscript Code Injection in netrw...

Vim < 9.2.0383 OS Command Injection in netrw (GHSA-85ch-p2qr-m5gx)

The version of Vim installed on the remote host is prior to 9.2.0383. It is, therefore, affected by a vulnerability as referenced in the GHSA-85ch-p2qr-m5gx advisory. - An OS command injection vulnerability exists in the netrw standard plugin bundled with Vim. The suffix extraction logic in...

OESA-2026-2448 vim security update

Vim is an advanced text editor that seeks to provide the power of the de-facto Unix editor 'Vi', with a more complete feature set. Vim is a highly configurable text editor built to enable efficient text editing. It is an improved version of the vi editor distributed with most UNIX systems. Securi...

OESA-2026-2447 vim security update

Vim is an advanced text editor that seeks to provide the power of the de-facto Unix editor 'Vi', with a more complete feature set. Vim is a highly configurable text editor built to enable efficient text editing. It is an improved version of the vi editor distributed with most UNIX systems. Securi...

RockyLinux 9 : vim (RLSA-2026:8259)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:8259 advisory. vim: Vim: Arbitrary code execution via OS command injection in the netrw plugin CVE-2026-28417 vim: Vim: Denial of service and information disclosure via...

MiracleLinux 8 : vim-8.0.1763-22.el8_10.1.ML.1 (AXSA:2026-423:06)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-423:06 advisory. vim: Vim: Arbitrary code execution via OS command injection in the netrw plugin CVE-2026-28417 vim: Vim: Denial of service and information disclosure...

RHEL 8 : vim (RHSA-2026:6915)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:6915 advisory. Vim Vi IMproved is an updated and improved version of the vi editor. Security Fixes: vim: Vim: Arbitrary code execution via OS command...

RHEL 8 : vim (RHSA-2026:6731)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:6731 advisory. Vim Vi IMproved is an updated and improved version of the vi editor. Security Fixes: vim: Vim: Arbitrary code execution via 'helpfile' optio...

Important: Red Hat Security Advisory: vim security update

An update for vim is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availab...

RHEL 9 : vim (RHSA-2026:6619)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:6619 advisory. Vim Vi IMproved is an updated and improved version of the vi editor. Security Fixes: vim: Vim: Arbitrary code execution via 'helpfile' optio...

CLSA-2026-1774526052 Fix CVE(s): CVE-2026-28417, CVE-2026-28421

SECURITY UPDATE: Crash when recovering a corrupted swap file - debian/patches/CVE-2026-28421.patch: add bounds checks in swap file recovery to prevent heap-buffer-overflow and SEGV from crafted swap files - CVE-2026-28421 SECURITY UPDATE: Command injection via crafted netrw URIs -...