Lucene search
K

22 matches found

RedHat Linux
RedHat Linux
added 2026/07/01 7:58 p.m.7 views

vim: arbitrary command execution via modeline sandbox bypass

A flaw was found in Vim. A modeline is used to set specific editor options directly from a text file. However, the complete, guitabtooltip, printheader options and the mapset function lack proper security checks, allowing an attacker to bypass restrictions and cause arbitrary OS command execution...

8.2CVSS7AI score0.0047EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/07/01 7:34 p.m.5 views

vim: arbitrary command execution via modeline sandbox bypass

A flaw was found in Vim. A modeline is used to set specific editor options directly from a text file. However, the complete, guitabtooltip, printheader options and the mapset function lack proper security checks, allowing an attacker to bypass restrictions and cause arbitrary OS command execution...

8.2CVSS7.5AI score0.0047EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/06/30 10:38 a.m.5 views

vim: arbitrary command execution via modeline sandbox bypass

A flaw was found in Vim. A modeline is used to set specific editor options directly from a text file. However, the complete, guitabtooltip, printheader options and the mapset function lack proper security checks, allowing an attacker to bypass restrictions and cause arbitrary OS command execution...

8.2CVSS5.9AI score0.0047EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/06/29 7:52 a.m.6 views

vim: arbitrary command execution via modeline sandbox bypass

A flaw was found in Vim. A modeline is used to set specific editor options directly from a text file. However, the complete, guitabtooltip, printheader options and the mapset function lack proper security checks, allowing an attacker to bypass restrictions and cause arbitrary OS command execution...

8.2CVSS6.8AI score0.0047EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/06/22 10:23 p.m.12 views

vim: arbitrary command execution via modeline sandbox bypass

A flaw was found in Vim. A modeline is used to set specific editor options directly from a text file. However, the complete, guitabtooltip, printheader options and the mapset function lack proper security checks, allowing an attacker to bypass restrictions and cause arbitrary OS command execution...

8.2CVSS6.4AI score0.0047EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/05/19 1:40 p.m.13 views

vim: arbitrary command execution via modeline sandbox bypass

A flaw was found in Vim. A modeline is used to set specific editor options directly from a text file. However, the complete, guitabtooltip, printheader options and the mapset function lack proper security checks, allowing an attacker to bypass restrictions and cause arbitrary OS command execution...

8.2CVSS6.3AI score0.0047EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.7 views

MiracleLinux 9 : vim-8.2.2637-23.el9_7.3.ML.1 (AXSA:2026-514:09)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-514:09 advisory. vim: arbitrary command execution via modeline sandbox bypass CVE-2026-34982 Tenable has extracted the preceding description block directly from the MiracleLin...

8.2CVSS6.4AI score0.0047EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/04/29 8:26 a.m.12 views

vim: arbitrary command execution via modeline sandbox bypass

A flaw was found in Vim. A modeline is used to set specific editor options directly from a text file. However, the complete, guitabtooltip, printheader options and the mapset function lack proper security checks, allowing an attacker to bypass restrictions and cause arbitrary OS command execution...

8.2CVSS6AI score0.0047EPSS
Exploits0References8
OSV
OSV
added 2026/04/17 1:0 p.m.15 views

OESA-2026-1922 vim security update

Vim is an advanced text editor that seeks to provide the power of the de-facto Unix editor 'Vi', with a more complete feature set. Vim is a highly configurable text editor built to enable efficient text editing. It is an improved version of the vi editor distributed with most UNIX systems. Securi...

8.2CVSS6AI score0.0047EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2026/04/08 8:1 a.m.6 views

Vim modeline bypass via various options affects Vim < 9.2.0276

...

8.2CVSS6AI score0.0047EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/04/06 7:47 p.m.5 views

CVE-2026-34982

A flaw was found in Vim. A modeline is used to set specific editor options directly from a text file. However, the complete, guitabtooltip, printheader options and the mapset function lack proper security checks, allowing an attacker to bypass restrictions and cause arbitrary OS command execution...

8.2CVSS6.2AI score0.0047EPSS
Exploits0References7
NVD
NVD
added 2026/04/06 4:16 p.m.4 views

CVE-2026-34982

Vim is an open source, command line text editor. Prior to version 9.2.0276, a modeline sandbox bypass in Vim allows arbitrary OS command execution when a user opens a crafted file. The complete, guitabtooltip and printheader options are missing the PMLE flag, allowing a modeline to be executed...

8.2CVSS0.0047EPSS
Exploits0References28
OSV
OSV
added 2026/04/06 4:16 p.m.5 views

UBUNTU-CVE-2026-34982

Vim is an open source, command line text editor. Prior to version 9.2.0276, a modeline sandbox bypass in Vim allows arbitrary OS command execution when a user opens a crafted file. The complete, guitabtooltip and printheader options are missing the PMLE flag, allowing a modeline to be executed...

8.2CVSS6.3AI score0.0047EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2026/04/06 3:16 p.m.5 views

CVE-2026-34982

Vim is an open source, command line text editor. Prior to version 9.2.0276, a modeline sandbox bypass in Vim allows arbitrary OS command execution when a user opens a crafted file. The complete, guitabtooltip and printheader options are missing the PMLE flag, allowing a modeline to be executed...

8.2CVSS6.1AI score0.0047EPSS
Exploits0
CVE
CVE
added 2026/04/06 3:16 p.m.190 views

CVE-2026-34982

CVE-2026-34982 is a Vim modeline sandbox bypass. Prior to Vim 9.2.0276, a crafted file can trigger arbitrary OS command execution due to a modeline vulnerability. The issue arises because the complete, guitabtooltip and printheader options miss the P_MLE flag, allowing a modeline to be executed, ...

8.2CVSS6.3AI score0.0047EPSS
Exploits0References28Affected Software1
AlpineLinux
AlpineLinux
added 2026/04/06 3:16 p.m.6 views

CVE-2026-34982

Vim is an open source, command line text editor. Prior to version 9.2.0276, a modeline sandbox bypass in Vim allows arbitrary OS command execution when a user opens a crafted file. The complete, guitabtooltip and printheader options are missing the PMLE flag, allowing a modeline to be executed...

8.2CVSS6.3AI score0.0047EPSS
Exploits0References28
OSV
OSV
added 2026/04/06 3:16 p.m.1 views

CVE-2026-34982 Vim modeline bypass via various options affects Vim < 9.2.0276

Vim is an open source, command line text editor. Prior to version 9.2.0276, a modeline sandbox bypass in Vim allows arbitrary OS command execution when a user opens a crafted file. The complete, guitabtooltip and printheader options are missing the PMLE flag, allowing a modeline to be executed...

8.2CVSS7AI score0.0047EPSS
Exploits0References30
Cvelist
Cvelist
added 2026/04/06 3:16 p.m.41 views

CVE-2026-34982 Vim modeline bypass via various options affects Vim < 9.2.0276

Vim is an open source, command line text editor. Prior to version 9.2.0276, a modeline sandbox bypass in Vim allows arbitrary OS command execution when a user opens a crafted file. The complete, guitabtooltip and printheader options are missing the PMLE flag, allowing a modeline to be executed...

8.2CVSS0.0047EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/03 12:0 a.m.8 views

Vim < 9.2.0276 OS Command Injection (GHSA-8h6p-m6gr-mpw9)

The version of Vim installed on the remote host is prior to 9.2.0276. It is, therefore, affected by a vulnerability as referenced in the GHSA-8h6p-m6gr-mpw9 advisory. - A modeline sandbox bypass in Vim allows arbitrary OS command execution when a user opens a crafted file. The complete,...

8.2CVSS6.5AI score0.0047EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2020/09/25 12:0 a.m.6 views

getchar.c in Vim before 8.1.1365 and Neovim before 0.3.6 allows remote attackers to execute arbitrary OS commands via the :source! command in a modeline as demonstrated by execute in Vim and assert_fails or nvim_input in Neovim.

...

9.3CVSS9.6AI score0.19111EPSS
Exploits5
Rows per page
Query Builder