Moderate: Red Hat Security Advisory: vim security update

An update for vim is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

vim: zip.vim: Vim zip.vim plugin: Arbitrary file overwrite via path traversal bypass

A flaw was found in Vim's zip.vim plugin. A local user could be tricked into opening a specially crafted zip archive, which would allow a path traversal bypass. This vulnerability enables an attacker to overwrite arbitrary files on the system, potentially leading to data integrity issues or furth...

vim: zip.vim: Vim zip.vim plugin: Arbitrary file overwrite via path traversal bypass

A flaw was found in Vim's zip.vim plugin. A local user could be tricked into opening a specially crafted zip archive, which would allow a path traversal bypass. This vulnerability enables an attacker to overwrite arbitrary files on the system, potentially leading to data integrity issues or furth...

ALSA-2026:22711 Moderate: vim security update

Vim Vi IMproved is an updated and improved version of the vi editor. Security Fixes: vim: zip.vim: Vim zip.vim plugin: Arbitrary file overwrite via path traversal bypass CVE-2026-35177 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other relat...

Moderate: vim security update

Vim Vi IMproved is an updated and improved version of the vi editor. Security Fixes: vim: zip.vim: Vim zip.vim plugin: Arbitrary file overwrite via path traversal bypass CVE-2026-35177 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other relat...

ROS-20260524-73-0036

A vulnerability in the zip.vim plugin of the vim text editor is related to an incorrect restriction of the path name of a restricted directory. Exploitation of the vulnerability could allow an attacker to execute arbitrary commands...

CLSA-2026-1779271865 vim: Fix of 2 CVEs

CVE-2026-35177: fix path traversal in zip.vim — block .. components via simplify in zipWrite and zipExtract upstream vim 9.2.0280 + CVE-2025-53906 prereq combined...

CVE-2026-35177

A flaw was found in Vim's zip.vim plugin. A local user could be tricked into opening a specially crafted zip archive, which would allow a path traversal bypass. This vulnerability enables an attacker to overwrite arbitrary files on the system, potentially leading to data integrity issues or furth...

UBUNTU-CVE-2026-35177

Vim is an open source, command line text editor. Prior to 9.2.0280, a path traversal bypass in Vim's zip.vim plugin allows overwriting of arbitrary files when opening specially crafted zip archives, circumventing the previous fix for CVE-2025-53906. This vulnerability is fixed in 9.2.0280...

CVE-2026-35177

Vim is an open source, command line text editor. Prior to 9.2.0280, a path traversal bypass in Vim's zip.vim plugin allows overwriting of arbitrary files when opening specially crafted zip archives, circumventing the previous fix for CVE-2025-53906. This vulnerability is fixed in 9.2.0280...

CVE-2026-35177

CVE-2026-35177 affects Vim with the zip.vim plugin prior to 9.2.0280. The issue is a path traversal bypass that can overwrite arbitrary files when opening crafted zip archives, circumventing the prior fix for CVE-2025-53906. The vulnerability is fixed in Vim 9.2.0280. Connected sources also note ...

CVE-2026-35177 Path traversal issue with zip.vim in Vim

Vim is an open source, command line text editor. Prior to 9.2.0280, a path traversal bypass in Vim's zip.vim plugin allows overwriting of arbitrary files when opening specially crafted zip archives, circumventing the previous fix for CVE-2025-53906. This vulnerability is fixed in 9.2.0280...

Updated vim packages fix security vulnerabilities

Vim modeline bypass via various options affects Vim 9.2.0276. CVE-2026-34982 Path traversal issue with zip.vim in Vim v9.2.0280. CVE-2026-35177...

MGASA-2026-0083 Updated vim packages fix security vulnerabilities

Vim modeline bypass via various options affects Vim 9.2.0276. CVE-2026-34982 Path traversal issue with zip.vim in Vim v9.2.0280. CVE-2026-35177...

Vim 路径遍历漏洞

Vim is an open-source, cross-platform text editor developed by Vim developers. Versions of Vim prior to 9.2.0280 contained a path traversal vulnerability. This vulnerability stemmed from a path traversal bypass issue in the zip.vim plugin, which could potentially overwrite any file when opening...

PT-2026-29691

Name of the Vulnerable Software and Affected Versions Vim versions prior to 9.2.0280 Description A path traversal bypass in Vim's zip.vim plugin allows overwriting of arbitrary files when opening specially crafted zip archives. This circumvents a previous fix. Recommendations Update to version...

Unity Linux 20.1070e Security Update: vim (UTSA-2026-006145)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006145 advisory. Vim, a text editor, is vulnerable to potential data loss with zip.vim and special crafted zip files in versions prior to 9.1.1198. The impact is medium because a use...

Unity Linux 20.1070e Security Update: vim (UTSA-2026-006149)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006149 advisory. Vim is an open source, command line text editor. Prior to version 9.1.1551, a path traversal issue in Vims zip.vim plugin can allow overwriting of arbitrary files wh...

EulerOS Virtualization 2.10.1 : vim (EulerOS-SA-2026-1150)

According to the versions of the vim packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Vim is an open source, command line text editor. Prior to version 9.1.1552, a path traversal issue in Vims tar.vim plugin can allow...

EulerOS 2.0 SP10 : vim (EulerOS-SA-2025-2432)

According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Vim is an open source, command line text editor. Prior to version 9.1.1552, a path traversal issue in Vims tar.vim plugin can allow overwriting of...