Lucene search
K

436 matches found

EUVD
EUVD
added 2026/06/11 6:32 p.m.10 views

EUVD-2026-36282

Vim is an open source, command line text editor. Prior to version 9.2.0561, the Python omni-completion script in python3complete.vim for Vim with the +python3 interpreter enabled and the legacy pythoncomplete.vim for builds with the +python interpreter executes the import and from statements foun...

7.3CVSS5.7AI score0.00201EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2026/06/11 6:32 p.m.8 views

CVE-2026-52858

Vim is an open source, command line text editor. Prior to version 9.2.0561, the Python omni-completion script in python3complete.vim for Vim with the +python3 interpreter enabled and the legacy pythoncomplete.vim for builds with the +python interpreter executes the import and from statements foun...

7.8CVSS5.5AI score0.00201EPSS
Exploits0References3
CVE
CVE
added 2026/06/11 6:32 p.m.45 views

CVE-2026-52858

Vim before 9.2.0561 is vulnerable via Python omni-completion (python3complete.vim for +python3, and legacy pythoncomplete.vim for +python) where the current buffer’s sys.path allows importing and executing a sibling package’s top-level code when opening a hostile .py file. Root cause: omni-comple...

7.8CVSS5.7AI score0.00201EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2026/06/11 6:32 p.m.8 views

CVE-2026-47162

Vim is an open source, command line text editor. Prior to version 9.2.0495, a Vimscript code injection vulnerability exists in s:NetrwBookHistSave in the netrw plugin runtime/pack/dist/opt/netrw/autoload/netrw.vim when serializing browsed directory paths to the history file /.vim/.netrwhist. A...

8.8CVSS5.9AI score0.00219EPSS
Exploits0
EUVD
EUVD
added 2026/06/11 6:31 p.m.10 views

EUVD-2026-36280

Vim is an open source, command line text editor. Prior to version 9.2.0496, a code injection vulnerability exists in s:stepmatch in the cucumber filetype plugin runtime/ftplugin/cucumber.vim on Vim builds with +ruby support. Step-definition patterns read from .rb files under the repository's...

5.1CVSS5.9AI score0.00135EPSS
Exploits0References3
CVE
CVE
added 2026/06/11 6:31 p.m.86 views

CVE-2026-47167

Vim has a code injection vulnerability in the cucumber filetype plugin (runtime/ftplugin/cucumber.vim) affecting builds with +ruby support prior to version 9.2.0496. A crafted step-definition regex pulled from .rb files under features// or stories/ / directories is embedded into a Ruby Kernel.eva...

5.3CVSS5.9AI score0.00135EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2026/06/11 6:31 p.m.7 views

CVE-2026-47167

Vim is an open source, command line text editor. Prior to version 9.2.0496, a code injection vulnerability exists in s:stepmatch in the cucumber filetype plugin runtime/ftplugin/cucumber.vim on Vim builds with +ruby support. Step-definition patterns read from .rb files under the repository's...

5.3CVSS5.9AI score0.00135EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.14 views

EulerOS Virtualization 2.12.1 : vim (EulerOS-SA-2026-2091)

According to the versions of the vim packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Vim is an open source, command line text editor. Prior to version 9.2.0075, a heap-based buffer underflow exists in Vim's Emacs-style...

7.8CVSS7.3AI score0.01162EPSS
Exploits1References6
OSV
OSV
added 2026/06/05 12:4 p.m.9 views

RLSA-2026:22711 Moderate: vim security update

Vim Vi IMproved is an updated and improved version of the vi editor. Security Fixes: vim: zip.vim: Vim zip.vim plugin: Arbitrary file overwrite via path traversal bypass CVE-2026-35177 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other relat...

4.1CVSS5.5AI score0.00126EPSS
Exploits0References2
OSV
OSV
added 2026/06/05 6:0 a.m.10 views

RLSA-2026:22730 Moderate: vim security update

Vim Vi IMproved is an updated and improved version of the vi editor. Security Fixes: vim: zip.vim: Vim zip.vim plugin: Arbitrary file overwrite via path traversal bypass CVE-2026-35177 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other relat...

4.1CVSS5.5AI score0.00126EPSS
Exploits0References2
Fedora
Fedora
added 2026/06/02 1:11 a.m.16 views

[SECURITY] Fedora 43 Update: vim-9.2.530-1.fc43

VIM VIsual editor iMproved is an updated and improved version of the vi editor. Vi was the first real screen-based editor for UNIX, and is still very popular. VIM improves on vi by adding new features: multiple windows, multi-level undo, block highlighting and more...

7CVSS5.8AI score0.00552EPSS
Exploits0
OSV
OSV
added 2026/05/29 1:33 p.m.14 views

OESA-2026-2475 vim security update

Vim is an advanced text editor that seeks to provide the power of the de-facto Unix editor 'Vi', with a more complete feature set. Vim is a highly configurable text editor built to enable efficient text editing. It is an improved version of the vi editor distributed with most UNIX systems. Securi...

7CVSS5.9AI score0.00552EPSS
Exploits0References2
OSV
OSV
added 2026/05/28 3:43 p.m.19 views

RLSA-2026:19224 Important: vim security update

Vim Vi IMproved is an updated and improved version of the vi editor. Security Fixes: vim: arbitrary command execution via modeline sandbox bypass CVE-2026-34982 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to...

8.2CVSS6.2AI score0.0047EPSS
Exploits0References2
Redos
Redos
added 2026/05/24 12:0 a.m.17 views

ROS-20260524-73-0035

A vulnerability in the vim text editor is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability may allow an intruder to affect the integrity of protected information...

2.2CVSS5.9AI score0.00142EPSS
Exploits0
Redos
Redos
added 2026/05/24 12:0 a.m.24 views

ROS-20260524-73-0036

A vulnerability in the zip.vim plugin of the vim text editor is related to an incorrect restriction of the path name of a restricted directory. Exploitation of the vulnerability could allow an attacker to execute arbitrary commands...

7.1CVSS6.1AI score0.00126EPSS
Exploits0
Redos
Redos
added 2026/05/24 12:0 a.m.21 views

ROS-20260524-73-0034

A vulnerability in the vim text editor is related to the failure to take measures to neutralize special elements. Exploitation of the vulnerability could allow an attacker to execute arbitrary commands provided the user opens a specially generated file...

9.2CVSS6.5AI score0.00588EPSS
Exploits0
OSV
OSV
added 2026/05/23 12:28 a.m.8 views

CLSA-2026-1779496075 vim: Fix of CVE-2026-45130

CVE-2026-45130: fix heap buffer overflow in readcompound in src/spellfile.c...

6.6CVSS6AI score0.00248EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2026/05/20 12:0 a.m.7 views

Amazon Linux 2023 : vim-common, vim-data, vim-default-editor (ALAS2023-2026-1667)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1667 advisory. Vim is an open source, command line text editor. Prior to 9.2.0357, A command injection vulnerability exists in Vim's tag file processing. When resolving a tag, the filename field from the tags file is...

6.6CVSS5.8AI score0.00501EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/05/19 6:37 p.m.12 views

vim: arbitrary command execution via modeline sandbox bypass

A flaw was found in Vim. A modeline is used to set specific editor options directly from a text file. However, the complete, guitabtooltip, printheader options and the mapset function lack proper security checks, allowing an attacker to bypass restrictions and cause arbitrary OS command execution...

8.2CVSS6.3AI score0.0047EPSS
Exploits0References8
OSV
OSV
added 2026/05/19 12:0 a.m.20 views

ALSA-2026:19073 Important: vim security update

Vim Vi IMproved is an updated and improved version of the vi editor. Security Fixes: vim: arbitrary command execution via modeline sandbox bypass CVE-2026-34982 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to...

8.2CVSS6.5AI score0.0047EPSS
Exploits0References4
Rows per page
Query Builder