Lucene search
K

1199 matches found

Tenable Nessus
Tenable Nessus
added 4 days ago8 views

Linux Distros Unpatched Vulnerability : CVE-2026-59858

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vim is an open source, command line text editor. Prior to 9.2.0735, the C omni-completion script in runtime/autoload/ccomplete.vim interpolates the typeref: or...

8.4CVSS6.2AI score0.00137EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 5 days ago7 views

CVE-2026-59858

Vim is an open source, command line text editor. Prior to 9.2.0735, the C omni-completion script in runtime/autoload/ccomplete.vim interpolates the typeref: or typename: extension field of a tags entry, without escaping, into a :vimgrep pattern that is run through :execute. Because :vimgrep honor...

8.4CVSS6AI score0.00137EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/07/02 12:0 a.m.6 views

Vim < 9.2.0662 Stack Out-of-Bounds Write (GHSA-qm9w-fmpj-879h)

The version of Vim installed on the remote host is prior to 9.2.0662. It is, therefore, affected by a vulnerability. - The dumpprefixes function in src/spell.c walks a spell-file prefix trie iteratively with a depth counter while dumping the prefixes that apply to a word. The counter is bounded...

5.5CVSS6.1AI score0.00122EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/30 10:38 a.m.12 views

vim: Vim: Command injection allows arbitrary code execution via malicious tag files

A flaw was found in Vim, an open-source command-line text editor. This command injection vulnerability occurs during tag file processing. A local user could craft a malicious tags file containing backtick syntax in the filename field. When Vim resolves a tag from this file, it executes the embedd...

6.6CVSS6.4AI score0.00501EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-57456

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vim is an open source, command line text editor. Prior to 9.2.0699, Vim's Python omni-completion runtime/autoload/python3complete.vim and the legacy...

8.4CVSS6.2AI score0.00144EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-57452

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vim is an open source, command line text editor. Prior to 9.2.0671, when Vim opens a file encrypted with the VimCrypt04! or VimCrypt05! method xchacha20poly1305...

5.5CVSS6AI score0.0012EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-57451

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vim is an open source, command line text editor. Prior to 9.2.0670, gettextprops in src/textprop.c reads a uint16 property count stored inline after a line's te...

6.1CVSS6AI score0.00113EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-57455

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vim is an open source, command line text editor. Prior to 9.2.0698, the single-byte branch of spellsoundfoldsofo in src/spell.c translates a word through a spel...

7.8CVSS6AI score0.0012EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-57454

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vim is an open source, command line text editor. From 9.2.0320 until 9.2.0679, a crafted undo or swap file can store a virtual-text property whose offset and...

6.8CVSS5.9AI score0.00119EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-55892

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vim is an open source, command line text editor. Prior to 9.2.0662, the dumpprefixes function in src/spell.c walks a spell-file prefix trie iteratively with a...

5.5CVSS6AI score0.00122EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-57453

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vim is an open source, command line text editor. From 9.1.1784 until 9.2.0678, when the bundled zip plugin autoload/zip.vim falls back to PowerShell to browse,...

7.3CVSS6.2AI score0.00137EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/29 11:48 a.m.6 views

CVE-2026-47162

A flaw was found in Vim, an open-source text editor. This vulnerability, located in the netrw plugin, involves a code injection issue when the editor processes directory paths. A malicious directory name, if crafted by an attacker, could bypass security measures and allow for the execution of...

8.8CVSS6.4AI score0.00219EPSS
Exploits0References6
OSV
OSV
added 2026/06/25 4:16 p.m.4 views

UBUNTU-CVE-2026-57456

Vim is an open source, command line text editor. Prior to 9.2.0699, Vim's Python omni-completion runtime/autoload/python3complete.vim and the legacy pythoncomplete.vim executes reconstructed function and class definitions from the current buffer with exec as part of populating the completion...

8.4CVSS6AI score0.00144EPSS
Exploits0References4
AlpineLinux
AlpineLinux
added 2026/06/25 3:31 p.m.11 views

CVE-2026-55895

Vim is an open source, command line text editor. Prior to 9.2.0663, a Vimscript code injection vulnerability exists in s:NetrwLocalRmFile in the netrw plugin runtime/pack/dist/opt/netrw/autoload/netrw.vim when deleting a local file from the browser. A filename derived from the buffer's directory...

8.4CVSS6.2AI score0.00154EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/06/25 3:31 p.m.6 views

CVE-2026-55895

Vim is an open source, command line text editor. Prior to 9.2.0663, a Vimscript code injection vulnerability exists in s:NetrwLocalRmFile in the netrw plugin runtime/pack/dist/opt/netrw/autoload/netrw.vim when deleting a local file from the browser. A filename derived from the buffer's directory...

8.4CVSS6.2AI score0.00154EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/25 3:24 p.m.39 views

CVE-2026-57454 Vim: Out-of-bounds Read with Text Properties

Vim is an open source, command line text editor. From 9.2.0320 until 9.2.0679, a crafted undo or swap file can store a virtual-text property whose offset and length point outside the line's property data. When Vim restores or displays such a line it converts the offset into a pointer and reads th...

6.8CVSS0.00119EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2026/06/25 3:24 p.m.7 views

CVE-2026-57454

Vim is an open source, command line text editor. From 9.2.0320 until 9.2.0679, a crafted undo or swap file can store a virtual-text property whose offset and length point outside the line's property data. When Vim restores or displays such a line it converts the offset into a pointer and reads th...

6.8CVSS5.8AI score0.00119EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/06/25 3:24 p.m.6 views

CVE-2026-57454

Vim is an open source, command line text editor. From 9.2.0320 until 9.2.0679, a crafted undo or swap file can store a virtual-text property whose offset and length point outside the line's property data. When Vim restores or displays such a line it converts the offset into a pointer and reads th...

6.8CVSS5.8AI score0.00119EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/06/25 3:24 p.m.5 views

CVE-2026-57454

Vim is an open source, command line text editor. From 9.2.0320 until 9.2.0679, a crafted undo or swap file can store a virtual-text property whose offset and length point outside the line's property data. When Vim restores or displays such a line it converts the offset into a pointer and reads th...

6.8CVSS5.8AI score0.00119EPSS
Exploits0References4Affected Software1
Debian CVE
Debian CVE
added 2026/06/25 3:22 p.m.5 views

CVE-2026-57455

Vim is an open source, command line text editor. Prior to 9.2.0698, the single-byte branch of spellsoundfoldsofo in src/spell.c translates a word through a spell file's SOFO sound-folding byte map into a caller-owned result buffer. Its copy loop advances the output index ri with no upper bound an...

7.8CVSS6.1AI score0.0012EPSS
Exploits0
Rows per page
Query Builder