VYPR

rpm package

suse/vim&distro=SUSE Linux Micro 6.2

pkg:rpm/suse/vim&distro=SUSE%20Linux%20Micro%206.2

Vulnerabilities (6)

  • CVE-2026-34982HigApr 6, 2026
    affected < 9.2.0280-160000.1.1fixed 9.2.0280-160000.1.1

    Vim is an open source, command line text editor. Prior to version 9.2.0276, a modeline sandbox bypass in Vim allows arbitrary OS command execution when a user opens a crafted file. The `complete`, `guitabtooltip` and `printheader` options are missing the `P_MLE` flag, allowing a

  • CVE-2026-34714CriMar 30, 2026
    affected < 9.2.0280-160000.1.1fixed 9.2.0280-160000.1.1

    Vim before 9.2.0272 allows code execution that happens immediately upon opening a crafted file in the default configuration, because %{expr} injection occurs with tabpanel lacking P_MLE.

  • CVE-2026-33412Mar 24, 2026
    affected < 9.2.0280-160000.1.1fixed 9.2.0280-160000.1.1

    Vim is an open source, command line text editor. Prior to version 9.2.0202, a command injection vulnerability exists in Vim's glob() function on Unix-like systems. By including a newline character (\n) in a pattern passed to glob(), an attacker may be able to execute arbitrary sh

  • CVE-2026-28417Feb 27, 2026
    affected < 9.2.0110-160000.1.1fixed 9.2.0110-160000.1.1

    Vim is an open source, command line text editor. Prior to version 9.2.0073, an OS command injection vulnerability exists in the `netrw` standard plugin bundled with Vim. By inducing a user to open a crafted URL (e.g., using the `scp://` protocol handler), an attacker can execute

  • CVE-2026-26269Feb 13, 2026
    affected < 9.2.0110-160000.1.1fixed 9.2.0110-160000.1.1

    Vim is an open source, command line text editor. Prior to 9.1.2148, a stack buffer overflow vulnerability exists in Vim's NetBeans integration when processing the specialKeys command, affecting Vim builds that enable and use the NetBeans feature. The Stack buffer overflow exists

  • CVE-2025-53906MedJul 15, 2025
    affected < 9.2.0110-160000.1.1fixed 9.2.0110-160000.1.1

    Vim is an open source, command line text editor. Prior to version 9.1.1551, a path traversal issue in Vim’s zip.vim plugin can allow overwriting of arbitrary files when opening specially crafted zip archives. Impact is low because this exploit requires direct user interaction. Ho