Moderate: Red Hat Security Advisory: vim security update

An update for vim is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

Moderate: vim security update

Vim Vi IMproved is an updated and improved version of the vi editor. Security Fixes: vim: zip.vim: Vim zip.vim plugin: Arbitrary file overwrite via path traversal bypass CVE-2026-35177 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other relat...

CLSA-2026-1779271299 vim: Fix of 2 CVEs

CVE-2026-35177: fix path traversal in zip.vim — block .. components via simplify in zipWrite and zipExtract upstream vim 9.2.0280 + CVE-2025-53906 prereq combined...

CLSA-2026-1777943581 vim: Fix of 2 CVEs

CVE-2026-35177: fix path traversal bypass in zip.vim by using simplify to detect attacks that circumvent the previous regex-only check - CVE-2026-39881: fix command injection in netbeans interface via unsanitized defineAnnoType and specialKeys parameters...

CLSA-2026-1777889241 vim: Fix of 2 CVEs

CVE-2026-35177: fix path traversal bypass in zip.vim by using simplify to detect attacks that circumvent the previous regex-only check - CVE-2026-39881: fix command injection in netbeans interface via unsanitized defineAnnoType and specialKeys parameters...

Path traversal issue with zip.vim in Vim

...

EulerOS Virtualization 2.12.1 : vim (EulerOS-SA-2026-1469)

According to the versions of the vim packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Vim is an open source, command line text editor. Prior to version 9.1.1552, a path traversal issue in Vims tar.vim plugin can allow...

EulerOS Virtualization 2.10.0 : vim (EulerOS-SA-2026-1202)

According to the versions of the vim packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Vim is an open source, command line text editor. Prior to version 9.1.1552, a path traversal issue in Vims tar.vim plugin can allow...

EulerOS Virtualization 2.13.1 : vim (EulerOS-SA-2025-2568)

According to the versions of the vim packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Vim is an open source, command line text editor. Prior to version 9.1.1552, a path traversal issue in Vims tar.vim plugin can allow...

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-7.3.1.2)

The version of AOS installed on the remote host is prior to 7.3.1.2. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-7.3.1.2 advisory. - A heap-buffer-overflow off-by-one flaw was found in the GnuTLS software in the template parsing logic within the certtool...

EulerOS 2.0 SP12 : vim (EulerOS-SA-2025-2376)

According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Vim is an open source, command line text editor. Prior to version 9.1.1552, a path traversal issue in Vims tar.vim plugin can allow overwriting of...

Security Bulletin: IBM Financial Transaction Manager is impacted by multiple vulnerabilities in RedHat Proxy for Kubernetes RBAC authorization

Summary IBM Financial Transaction Manager for RedHat OpenShift has addressed the following vulnerabilities. Vulnerability Details CVEID:CVE-2025-53905 DESCRIPTION: Vim is an open source, command line text editor. Prior to version 9.1.1552, a path traversal issue in Vim’s tar.vim plugin can allow...

Alibaba Cloud Linux 3 : 0160: vim (ALINUX3-SA-2025:0160)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2025:0160 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-53905: Vim is an open source,...

EulerOS 2.0 SP11 : vim (EulerOS-SA-2025-2219)

According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Vim is an open source, command line text editor. Prior to version 9.1.1551, a path traversal issue in Vims zip.vim plugin can allow overwriting of...

Updated vim packages fix vulnerabilities

Path traversal issue with tar.vim and special crafted tar archives in Vim 9.1.1552. CVE-2025-53905 Path traversal issue with zip.vim and special crafted zip archives in Vim v9.1.1551. CVE-2025-53906...

Linux Distros Unpatched Vulnerability : CVE-2025-53906

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vim is an open source, command line text editor. Prior to version 9.1.1551, a path traversal issue in Vim's zip.vim plugin can allow overwriting of arbitrary...

OESA-2025-1945 vim security update

Vim is an advanced text editor that seeks to provide the power of the de-facto Unix editor 'Vi', with a more complete feature set. Vim is a highly configurable text editor built to enable efficient text editing. It is an improved version of the vi editor distributed with most UNIX systems. Securi...

Security update for vim

This update for vim fixes the following issues: CVE-2024-41965: Fixed improper neutralization of argument delimiters in zip.vim that could have led to data loss bsc1228776. CVE-2025-29768: Fixed double-free in dialogchanged bsc1239602. Patch Instructions: To install this SUSE update use the SUSE...

SUSE CVE-2025-29768

Vim, a text editor, is vulnerable to potential data loss with zip.vim and special crafted zip files in versions prior to 9.1.1198. The impact is medium because a user must be made to view such an archive with Vim and then press 'x' on such a strange filename. The issue has been fixed as of Vim...