vim: zip.vim: Vim zip.vim plugin: Arbitrary file overwrite via path traversal bypass

A flaw was found in Vim's zip.vim plugin. A local user could be tricked into opening a specially crafted zip archive, which would allow a path traversal bypass. This vulnerability enables an attacker to overwrite arbitrary files on the system, potentially leading to data integrity issues or furth...

RLSA-2026:22711 Moderate: vim security update

Vim Vi IMproved is an updated and improved version of the vi editor. Security Fixes: vim: zip.vim: Vim zip.vim plugin: Arbitrary file overwrite via path traversal bypass CVE-2026-35177 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other relat...

vim security update

An update is available for vim. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Vim Vi IMproved is an updated and improved version of the vi editor. Security...

RockyLinux 10 : vim (RLSA-2026:22711)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:22711 advisory. vim: zip.vim: Vim zip.vim plugin: Arbitrary file overwrite via path traversal bypass CVE-2026-35177 Tenable has extracted the preceding description block direct...

AlmaLinux 8 : vim (ALSA-2026:22730)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:22730 advisory. vim: zip.vim: Vim zip.vim plugin: Arbitrary file overwrite via path traversal bypass CVE-2026-35177 Tenable has extracted the preceding description block directly...

Moderate: Red Hat Security Advisory: vim security update

An update for vim is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

AlmaLinux 10 : vim (ALSA-2026:22711)

The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:22711 advisory. vim: zip.vim: Vim zip.vim plugin: Arbitrary file overwrite via path traversal bypass CVE-2026-35177 Tenable has extracted the preceding description block directl...

Moderate: vim security update

Vim Vi IMproved is an updated and improved version of the vi editor. Security Fixes: vim: zip.vim: Vim zip.vim plugin: Arbitrary file overwrite via path traversal bypass CVE-2026-35177 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other relat...

ALSA-2026:22730 Moderate: vim security update

Vim Vi IMproved is an updated and improved version of the vi editor. Security Fixes: vim: zip.vim: Vim zip.vim plugin: Arbitrary file overwrite via path traversal bypass CVE-2026-35177 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other relat...

ALSA-2026:22711 Moderate: vim security update

Vim Vi IMproved is an updated and improved version of the vi editor. Security Fixes: vim: zip.vim: Vim zip.vim plugin: Arbitrary file overwrite via path traversal bypass CVE-2026-35177 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other relat...

ROS-20260524-73-0036

A vulnerability in the zip.vim plugin of the vim text editor is related to an incorrect restriction of the path name of a restricted directory. Exploitation of the vulnerability could allow an attacker to execute arbitrary commands...

CVE-2026-35177

Vim is an open source, command line text editor. Prior to 9.2.0280, a path traversal bypass in Vim's zip.vim plugin allows overwriting of arbitrary files when opening specially crafted zip archives, circumventing the previous fix for CVE-2025-53906. This vulnerability is fixed in 9.2.0280...

EulerOS 2.0 SP10 : vim (EulerOS-SA-2025-2432)

According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Vim is an open source, command line text editor. Prior to version 9.1.1552, a path traversal issue in Vims tar.vim plugin can allow overwriting of...

Huawei EulerOS: Security Advisory for vim (EulerOS-SA-2025-2219)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EUVD-2025-21553

Malicious code in bioql PyPI...

AZL-65516 CVE-2025-53906 affecting package vim for versions less than 9.1.1552-1

Vim is an open source, command line text editor. Prior to version 9.1.1551, a path traversal issue in Vim’s zip.vim plugin can allow overwriting of arbitrary files when opening specially crafted zip archives. Impact is low because this exploit requires direct user interaction. However, successful...

CVE-2025-53906 Vim has path traversal issue with zip.vim and special crafted zip archives

Vim is an open source, command line text editor. Prior to version 9.1.1551, a path traversal issue in Vim’s zip.vim plugin can allow overwriting of arbitrary files when opening specially crafted zip archives. Impact is low because this exploit requires direct user interaction. However, successful...

CVE-2025-53906

Vim is an open source, command line text editor. Prior to version 9.1.1551, a path traversal issue in Vim’s zip.vim plugin can allow overwriting of arbitrary files when opening specially crafted zip archives. Impact is low because this exploit requires direct user interaction. However, successful...

Vim 路径遍历漏洞

Vim is a cross-platform text editor from the Vim open source. A path traversal vulnerability exists in versions prior to Vim 9.1.1551, which stems from a path traversal issue in the zip.vim plugin that could lead to arbitrary file overwrites...

PT-2025-29686

Name of the Vulnerable Software and Affected Versions Vim versions prior to 9.1.1551 Description Vim, an open-source command-line text editor, contains a path traversal issue within its zip.vim plugin. This issue allows overwriting of arbitrary files when opening specially crafted zip archives...