CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedHat Linux•added yesterday•5 views

vim: Vim: Command injection allows arbitrary code execution via malicious tag files

A flaw was found in Vim, an open-source command-line text editor. This command injection vulnerability occurs during tag file processing. A local user could craft a malicious tags file containing backtick syntax in the filename field. When Vim resolves a tag from this file, it executes the embedd...

Tenable Nessus•added 6 days ago•6 views

RHEL 8 : vim (RHSA-2026:28553)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:28553 advisory. Vim Vi IMproved is an updated and improved version of the vi editor. Security Fixes: vim: Vim: Command injection allows arbitrary code execution via...

6.6CVSS6.6AI score0.00501EPSS

Tenable Nessus•added 6 days ago•6 views

RHEL 9 : vim (RHSA-2026:28209)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:28209 advisory. Vim Vi IMproved is an updated and improved version of the vi editor. Security Fixes: vim: Vim: Command injection allows arbitrary code execution via...

6.6CVSS6.6AI score0.00501EPSS

RedHat Linux•added last week•10 views

Moderate: Red Hat Security Advisory: vim security update

An update for vim is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

RedHat Linux•added last week•5 views

Moderate: Red Hat Security Advisory: vim security update

An update for vim is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

RedHat Linux•added last week•4 views

vim: Vim: Command injection allows arbitrary code execution via malicious tag files

RedHat Linux•added last week•4 views

vim: Vim: Command injection allows arbitrary code execution via malicious tag files

RedHat Linux•added 2026/06/23 6:43 a.m.•4 views

Important: Red Hat Security Advisory: vim security update

An update for vim is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availab...

8.2CVSS7AI score0.00552EPSS

RedHat Linux•added 2026/06/23 6:43 a.m.•5 views

vim: Vim: Command injection allows arbitrary code execution via malicious tag files

AlmaLinux•added 2026/06/23 12:0 a.m.•3 views

Moderate: vim security update

Vim Vi IMproved is an updated and improved version of the vi editor. Security Fixes: vim: Vim: Command injection allows arbitrary code execution via malicious tag files CVE-2026-41411 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other relate...

AlmaLinux•added 2026/06/23 12:0 a.m.•3 views

Exploits0References4

Moderate: vim security update

RedHat Linux•added 2026/06/22 10:23 p.m.•10 views

Exploits0References4

Important: Red Hat Security Advisory: vim security update

An update for vim is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...

8.2CVSS7AI score0.00552EPSS

RedHat Linux•added 2026/06/22 10:23 p.m.•11 views

vim: Vim: Command injection allows arbitrary code execution via malicious tag files

RedHat Linux•added 2026/06/22 9:53 p.m.•6 views

vim: Vim: Command injection allows arbitrary code execution via malicious tag files

RedHat Linux•added 2026/06/22 9:53 p.m.•6 views

Important: Red Hat Security Advisory: vim security update

An update for vim is now available for Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availab...

8.2CVSS7AI score0.00552EPSS

Tenable Nessus•added 2026/06/08 12:0 a.m.•8 views

TencentOS Server 4: vim (TSSA-2026:0300)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0300 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

6.6CVSS5.6AI score0.00501EPSS

RedhatCVE•added 2026/04/28 12:7 p.m.•7 views

CVE-2026-41411

7.3CVSS6.2AI score0.00501EPSS

Exploits0References6

Vulnrichment•added 2026/04/24 4:51 p.m.•5 views

CVE-2026-41411 Vim: Command injection via backtick expansion in tag filenames

Vim is an open source, command line text editor. Prior to 9.2.0357, A command injection vulnerability exists in Vim's tag file processing. When resolving a tag, the filename field from the tags file is passed through wildcard expansion to resolve environment variables and wildcards. If the filena...

6.6CVSS5.3AI score0.00501EPSS

Exploits0References3

CNNVD•added 2026/04/24 12:0 a.m.•8 views

Vim 操作系统命令注入漏洞

Vim is an open-source cross-platform text editor developed by Vim developers. Versions of Vim prior to 9.2.0357 contained a vulnerability related to operating system command injection. This vulnerability stemmed from the use of wildcards when processing tag files, which could lead to command...

6.6CVSS5.8AI score0.00501EPSS