CLSA-2026-1779371406 vim: Fix of CVE-2026-42307

CVE-2026-42307: fix shell injection in netrw via the tempfile suffix when reading sftp:// or file:// URLs by escaping the tempfile and restricting the suffix regex to word characters...

CLSA-2026-1779183235 vim: Fix of 6 CVEs

CVE-2021-4069: copy mlgetcurline in exopen so a flushed line buffer is not used after vimregexec - CVE-2022-2000: truncate IObuff with "..." in appendcommand when remaining space is below threshold - CVE-2022-3099: guard docmdline breakpoint lookup with linesga.galen currentline check -...

CLSA-2026-1778856286 vim: Fix of CVE-2026-34982

CVE-2026-34982: fix vim modeline sandbox bypass via complete/guitabtooltip/printheader options and mapset...

CVE-2026-44656 affecting package vim for versions less than 9.2.0461-1

CVE-2026-44656 affecting package vim for versions less than 9.2.0461-1. An upgraded version of the package is available that resolves this issue...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: vim (UTSA-2026-016514)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016514 advisory. Vim is an open source command line text editor. Vim v9.1.0647 has double free in src/alloc.c:616. When closing a window, the corresponding tagstack data will be...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: vim (UTSA-2026-016507)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016507 advisory. Vim is an improved version of the unix vi text editor. When flushing the typeahead buffer, Vim moves the current position in the typeahead buffer but does not check...

CLSA-2026-1777476716 vim: Fix of 8 CVEs

CVE-2021-4019: replace the unbounded STRCPY pair in findhelptags with vimsnprintf bounded by IOSIZE to prevent heap buffer overflow with long :help arguments starting with "%z@". - CVE-2021-4192: re-fetch regline/reginput via reggetline after getvvcol in regmatchvisual so the cached line pointer...

CLSA-2026-1777544441 vim: Fix of 13 CVEs

CVE-2021-3796: fix use-after-free in nvreplace by getting the line pointer again after inscopychar may have released it - CVE-2021-3973: fix heap buffer overflow in findfileinpathoption by rejecting len == 0 inputs - CVE-2022-0413: fix use-after-free in dosub when the substitute string is a "="...

CLSA-2026-1776953969 vim: Fix of CVE-2022-2889

CVE-2022-2889: fix use-after-free with multiple line breaks in Vim9 expression by deferring the free of evalarg-evaltofree...

ROOT-OS-ALPINE-319-CVE-2024-43374 CVE-2024-43374 in rootio-vim - Patched by Root

Root has patched CVE-2024-43374 in the rootio-vim package for Root:Alpine:3.19. Multiple fixed versions available...

ROOT-OS-ALPINE-318-CVE-2023-48235 CVE-2023-48235 in rootio-vim - Patched by Root

Root has patched CVE-2023-48235 in the rootio-vim package for Root:Alpine:3.18. Multiple fixed versions available...

Unity Linux 20.1070e Security Update: vim (UTSA-2026-006132)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006132 advisory. Vim is an open source, command line text editor. Prior to 9.1.2148, a stack buffer overflow vulnerability exists in Vim's NetBeans integration when processing the...

CLSA-2026-1773506143 vim: Fix of CVE-2026-26269

CVE-2026-26269: fix stack-based buffer overflow in NetBeans integration that could lead to a crash or arbitrary code execution via a malicious server...

OESA-2026-1499 vim security update

Vim is an advanced text editor that seeks to provide the power of the de-facto Unix editor 'Vi', with a more complete feature set. Vim is a highly configurable text editor built to enable efficient text editing. It is an improved version of the vi editor distributed with most UNIX systems. Securi...

OESA-2026-1498 vim security update

Vim is an advanced text editor that seeks to provide the power of the de-facto Unix editor 'Vi', with a more complete feature set. Vim is a highly configurable text editor built to enable efficient text editing. It is an improved version of the vi editor distributed with most UNIX systems. Securi...

CLSA-2026-1772622920 vim: Fix of CVE-2026-26269

CVE-2026-26269: fix buffer overflow in netbeans interface...

OESA-2026-1429 vim security update

Vim is an advanced text editor that seeks to provide the power of the de-facto Unix editor 'Vi', with a more complete feature set. Vim is a highly configurable text editor built to enable efficient text editing. It is an improved version of the vi editor distributed with most UNIX systems. Securi...

ROOT-OS-DEBIAN-12-CVE-2025-53906 CVE-2025-53906 in rootio-vim - Patched by Root

Root has patched CVE-2025-53906 in the rootio-vim package for Root:Debian:12. Multiple fixed versions available...

EUVD-2025-2654

Malicious code in bioql PyPI...

Amazon Linux 2023 : vim-common, vim-data, vim-default-editor (ALAS2023-2025-1138)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1138 advisory. Vim is an open source, command line text editor. Prior to version 9.1.1552, a path traversal issue in Vim's tar.vim plugin can allow overwriting of arbitrary files when opening specially craft...