RockyLinux 10 : vim (RLSA-2026:19073)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:19073 advisory. vim: arbitrary command execution via modeline sandbox bypass CVE-2026-34982 Tenable has extracted the preceding description block directly from the RockyLinux...

ROS-20260524-73-0029

Vulnerability in vim related to null pointer dereferencing. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

Astra Linux - уязвимость в xterm

xterm before 375 allows code execution via font ops. For example, an OSC 50 response may trigger Ctrl-g, thereby leading to command execution within the vi line-editing mode of Zsh. NOTE: Font ops are not allowed in the default configurations of xterm in some Linux distributions...

[SECURITY] Fedora 42 Update: vim-9.2.390-1.fc42

VIM VIsual editor iMproved is an updated and improved version of the vi editor. Vi was the first real screen-based editor for UNIX, and is still very popular. VIM improves on vi by adding new features: multiple windows, multi-level undo, block highlighting and more...

Astra Linux - уязвимость в vim

Heap-based Buffer Overflow in the GitHub repository vim/vim before version 9.0.1376...

RHSA-2026:11509 Red Hat Security Advisory: vim security update

Bulletin has no description...

[SECURITY] Fedora 44 Update: vim-9.2.390-1.fc44

VIM VIsual editor iMproved is an updated and improved version of the vi editor. Vi was the first real screen-based editor for UNIX, and is still very popular. VIM improves on vi by adding new features: multiple windows, multi-level undo, block highlighting and more...

CVE-2026-32864

There is a memory corruption vulnerability due to an out-of-bounds read in mgcoreSH253!alignedfree in NI LabVIEW. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI file...

CVE-2026-32864

There is a memory corruption vulnerability due to an out-of-bounds read in mgcoreSH253!alignedfree in NI LabVIEW. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI file...

CVE-2026-32864

CVE-2026-32864 affects NI LabVIEW (2026 Q1, 26.1.0 and earlier). The vulnerability is a memory corruption due to an out-of-bounds read in mgcore_SH_25_3!aligned_free(), potentially leading to information disclosure or arbitrary code execution. Exploitation requires the user to open a specially cr...

CVE-2026-32863 Out-of-Bounds Read in sentry_transaction_context_set_operation()

There is a memory corruption vulnerability due to an out-of-bounds read in sentrytransactioncontextsetoperation in NI LabVIEW. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafte...

CVE-2026-32863

NI LabVIEW (2026 Q1 26.1.0 and earlier) contains a memory corruption vulnerability due to an out-of-bounds read in sentry_transaction_context_set_operation(). This may lead to information disclosure or arbitrary code execution. Exploitation requires a user to open a specially crafted VI file, ind...

CVE-2026-32862 Out-of-Bounds Write in ResFileFactory::InitResourceMgr()

There is a memory corruption vulnerability due to an out-of-bounds write in ResFileFactory::InitResourceMgr in NI LabVIEW. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI...

vim: Vim: Arbitrary code execution via command injection in glob() function

A flaw was found in Vim. By including a newline character in a pattern passed to Vim's glob function, an attacker may be able to execute arbitrary shell commands. This command injection vulnerability allows for arbitrary code execution, depending on the user's shell settings...

PT-2026-31001

There is a memory corruption vulnerability due to an out-of-bounds read in sentry transaction context set operation in NI LabVIEW. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially...

[SECURITY] Fedora 43 Update: vim-9.2.240-1.fc43

VIM VIsual editor iMproved is an updated and improved version of the vi editor. Vi was the first real screen-based editor for UNIX, and is still very popular. VIM improves on vi by adding new features: multiple windows, multi-level undo, block highlighting and more...

[SECURITY] Fedora 44 Update: vim-9.2.148-1.fc44

VIM VIsual editor iMproved is an updated and improved version of the vi editor. Vi was the first real screen-based editor for UNIX, and is still very popular. VIM improves on vi by adding new features: multiple windows, multi-level undo, block highlighting and more...

CVE-2026-1706

The All-in-One Video Gallery plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'vi' parameter in all versions up to, and including, 4.7.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary...

EUVD-2026-9388

The All-in-One Video Gallery plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'vi' parameter in all versions up to, and including, 4.7.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary...

CVE-2026-1706

The All-in-One Video Gallery plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'vi' parameter in all versions up to, and including, 4.7.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary...