Moderate: Red Hat Security Advisory: vim security update

An update for vim is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

ALSA-2026:22711 Moderate: vim security update

Vim Vi IMproved is an updated and improved version of the vi editor. Security Fixes: vim: zip.vim: Vim zip.vim plugin: Arbitrary file overwrite via path traversal bypass CVE-2026-35177 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other relat...

ROS-20260524-73-0036

A vulnerability in the zip.vim plugin of the vim text editor is related to an incorrect restriction of the path name of a restricted directory. Exploitation of the vulnerability could allow an attacker to execute arbitrary commands...

CVE-2026-35177

Vim is an open source, command line text editor. Prior to 9.2.0280, a path traversal bypass in Vim's zip.vim plugin allows overwriting of arbitrary files when opening specially crafted zip archives, circumventing the previous fix for CVE-2025-53906. This vulnerability is fixed in 9.2.0280...

EulerOS 2.0 SP10 : vim (EulerOS-SA-2025-2432)

According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Vim is an open source, command line text editor. Prior to version 9.1.1552, a path traversal issue in Vims tar.vim plugin can allow overwriting of...

Huawei EulerOS: Security Advisory for vim (EulerOS-SA-2025-2219)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EUVD-2025-21553

Malicious code in bioql PyPI...

AZL-65516 CVE-2025-53906 affecting package vim for versions less than 9.1.1552-1

Vim is an open source, command line text editor. Prior to version 9.1.1551, a path traversal issue in Vim’s zip.vim plugin can allow overwriting of arbitrary files when opening specially crafted zip archives. Impact is low because this exploit requires direct user interaction. However, successful...

CVE-2025-53906 Vim has path traversal issue with zip.vim and special crafted zip archives

Vim is an open source, command line text editor. Prior to version 9.1.1551, a path traversal issue in Vim’s zip.vim plugin can allow overwriting of arbitrary files when opening specially crafted zip archives. Impact is low because this exploit requires direct user interaction. However, successful...

CVE-2025-53906

Vim is an open source, command line text editor. Prior to version 9.1.1551, a path traversal issue in Vim’s zip.vim plugin can allow overwriting of arbitrary files when opening specially crafted zip archives. Impact is low because this exploit requires direct user interaction. However, successful...

Vim 路径遍历漏洞

Vim is a cross-platform text editor from the Vim open source. A path traversal vulnerability exists in versions prior to Vim 9.1.1551, which stems from a path traversal issue in the zip.vim plugin that could lead to arbitrary file overwrites...

PT-2025-29686

Name of the Vulnerable Software and Affected Versions Vim versions prior to 9.1.1551 Description Vim, an open-source command-line text editor, contains a path traversal issue within its zip.vim plugin. This issue allows overwriting of arbitrary files when opening specially crafted zip archives...

PT-2025-11214 · Vim +3 · Vim +4

Name of the Vulnerable Software and Affected Versions: Vim versions prior to 9.1.1198 Description: The issue concerns potential data loss when using Vim with the zip.vim plugin and specially crafted zip files. The impact is considered medium as it requires a user to view the malicious archive wit...

RHEL 5 : vim (RHSA-2008:0580)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2008:0580 advisory. - vim format string flaw CVE-2007-2953 - vim: command execution via scripts not sanitizing inputs to execute and system CVE-2008-2712 - Vim...