Search CVE reports


Toggle filters

1 – 10 of 262 results


CVE-2026-59858

Medium priority
Needs evaluation

Vim is an open source, command line text editor. Prior to 9.2.0735, the C omni-completion script in runtime/autoload/ccomplete.vim interpolates the typeref: or typename: extension field of a tags entry, without escaping, into a...

1 affected package

vim

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
vim Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2026-59857

Medium priority
Needs evaluation

Vim is an open source, command line text editor. Prior to 9.2.0725, the single-byte branch of spell_soundfold_sal() in src/spell.c translates a word through a spell file's SAL sound-folding rules into a caller-owned result buffer,...

1 affected package

vim

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
vim Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2026-59856

Medium priority
Needs evaluation

Vim is an open source, command line text editor. Prior to 9.2.0736, the PHP omni-completion script in runtime/autoload/phpcomplete.vim interpolates a class or trait name, taken from the contents of the edited buffer, into...

1 affected package

vim

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
vim Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2026-57456

Medium priority
Fixed

Vim is an open source, command line text editor. Prior to 9.2.0699, Vim's Python omni-completion (runtime/autoload/python3complete.vim and the legacy pythoncomplete.vim) executes reconstructed function and class definitions from...

1 affected package

vim

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
vim Fixed Fixed Fixed Fixed Fixed
Show less packages

CVE-2026-57455

Medium priority
Fixed

Vim is an open source, command line text editor. Prior to 9.2.0698, the single-byte branch of spell_soundfold_sofo() in src/spell.c translates a word through a spell file's SOFO (sound-folding) byte map into a caller-owned result...

1 affected package

vim

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
vim Fixed Fixed Fixed Fixed Fixed
Show less packages

CVE-2026-57454

Medium priority
Not affected

Vim is an open source, command line text editor. From 9.2.0320 until 9.2.0679, a crafted undo or swap file can store a virtual-text property whose offset and length point outside the line's property data. When Vim restores or...

1 affected package

vim

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
vim Not affected Not affected Not affected Not affected Not affected
Show less packages

CVE-2026-57453

Medium priority
Fixed

Vim is an open source, command line text editor. From 9.1.1784 until 9.2.0678, when the bundled zip plugin autoload/zip.vim falls back to PowerShell to browse, read, extract, update or delete entries in a zip archive, it builds...

1 affected package

vim

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
vim Fixed Not affected Not affected Not affected Not affected
Show less packages

CVE-2026-57452

Medium priority
Fixed

Vim is an open source, command line text editor. Prior to 9.2.0671, when Vim opens a file encrypted with the VimCrypt~04! or VimCrypt~05! method (xchacha20poly1305, requires the +sodium feature) whose body is shorter than a single...

1 affected package

vim

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
vim Fixed Fixed Fixed Not affected Not affected
Show less packages

CVE-2026-57451

Medium priority
Not affected

Vim is an open source, command line text editor. Prior to 9.2.0670, get_text_props() in src/textprop.c reads a uint16 property count stored inline after a line's text and returns it as the number of 32-byte textprop_T entries that...

1 affected package

vim

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
vim Not affected Not affected Not affected Not affected Not affected
Show less packages

CVE-2026-55895

Medium priority
Fixed

Vim is an open source, command line text editor. Prior to 9.2.0663, a Vimscript code injection vulnerability exists in s:NetrwLocalRmFile() in the netrw plugin (runtime/pack/dist/opt/netrw/autoload/netrw.vim) when deleting a local...

1 affected package

vim

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
vim Fixed Fixed Fixed Fixed Fixed
Show less packages