{"id":"MGASA-2026-0240","summary":"Updated vim packages fix security vulnerabilities","details":"The updated packages fix security vulnerabilities:\nArbitrary Code Execution via Python Omni-Completion in Vim \u003c 9.2.0561.\n(CVE-2026-52858)\nOut-of-bounds Read in Terminal Screen Snapshot in Vim \u003c 9.2.0565.\n(CVE-2026-52859)\nArbitrary Code Execution via Python Omni-Completion in Vim \u003c 9.2.0597.\n(CVE-2026-52860)\nOut-of-bounds Write in Spell File Word Count in Vim \u003c 9.2.0653.\n(CVE-2026-55693)\nOut-of-bounds Write in Spell File Prefix Dump in Vim \u003c 9.2.0662.\n(CVE-2026-55892)\nVimscript Code Injection in netrw NetrwLocalRmFile() via crafted\nfilename affects Vim \u003c 9.2.0663. (CVE-2026-55895)\nOut-of-bounds Read in Text Property Count in Vim \u003c 9.2.0670.\n(CVE-2026-57451)\nOut-of-bounds Read with libsodium-encrypted Files in Vim \u003c 9.2.0671.\n(CVE-2026-57452)\nPowerShell Command Injection in zip.vim via Crafted Archive Entry Names\nin Vim \u003e 9.1.1783 && Vim \u003c 9.2.0678. (CVE-2026-57453)\nOut-of-bounds Read with Text Properties in Vim \u003e= 9.2.0320 && Vim \u003c\n9.2.0679. (CVE-2026-57454)\nOut-of-bounds Write in SOFO Soundfolding in Vim \u003c 9.2.0698.\n(CVE-2026-57455)\nArbitrary Code Execution via Python Omni-Completion Docstrings in Vim \u003c\n9.2.0699. (CVE-2026-57456)\n","modified":"2026-07-10T15:45:04.007440114Z","published":"2026-07-10T15:41:14Z","upstream":["CVE-2026-52858","CVE-2026-52859","CVE-2026-52860","CVE-2026-55693","CVE-2026-55892","CVE-2026-55895","CVE-2026-57451","CVE-2026-57452","CVE-2026-57453","CVE-2026-57454","CVE-2026-57455","CVE-2026-57456"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2026-0240.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=35580"},{"type":"WEB","url":"https://www.openwall.com/lists/oss-security/2026/05/22/13"},{"type":"ADVISORY","url":"https://github.com/vim/vim/security/advisories/GHSA-3h95-3962-mmvf"},{"type":"WEB","url":"https://www.openwall.com/lists/oss-security/2026/05/29/5"},{"type":"ADVISORY","url":"https://github.com/vim/vim/security/advisories/GHSA-52mc-rq6p-rc7c"},{"type":"WEB","url":"https://www.openwall.com/lists/oss-security/2026/05/30/4"},{"type":"ADVISORY","url":"https://github.com/vim/vim/security/advisories/GHSA-47gw-8gc3-mgcm"},{"type":"WEB","url":"https://www.openwall.com/lists/oss-security/2026/06/04/14"},{"type":"ADVISORY","url":"https://github.com/vim/vim/security/advisories/GHSA-65p9-mwwx-7468"},{"type":"WEB","url":"https://www.openwall.com/lists/oss-security/2026/06/15/8"},{"type":"ADVISORY","url":"https://github.com/vim/vim/security/advisories/GHSA-wgh4-64f7-q3jq"},{"type":"WEB","url":"https://www.openwall.com/lists/oss-security/2026/06/16/12"},{"type":"ADVISORY","url":"https://github.com/vim/vim/security/advisories/GHSA-qm9w-fmpj-879h"},{"type":"WEB","url":"https://www.openwall.com/lists/oss-security/2026/06/16/13"},{"type":"ADVISORY","url":"https://github.com/vim/vim/security/advisories/GHSA-vhh8-v6wx-hjjh"},{"type":"WEB","url":"https://www.openwall.com/lists/oss-security/2026/06/17/10"},{"type":"ADVISORY","url":"https://github.com/vim/vim/security/advisories/GHSA-f36c-2qcp-7gpw"},{"type":"WEB","url":"https://www.openwall.com/lists/oss-security/2026/06/18/7"},{"type":"ADVISORY","url":"https://github.com/vim/vim/security/advisories/GHSA-c4j9-wr9j-4486"},{"type":"WEB","url":"https://www.openwall.com/lists/oss-security/2026/06/20/2"},{"type":"ADVISORY","url":"https://github.com/vim/vim/security/advisories/GHSA-x5fg-h5w9-9frf"},{"type":"WEB","url":"https://www.openwall.com/lists/oss-security/2026/06/20/3"},{"type":"ADVISORY","url":"https://github.com/vim/vim/security/advisories/GHSA-ww8h-47xp-hp4w"},{"type":"WEB","url":"https://www.openwall.com/lists/oss-security/2026/06/21/1"},{"type":"ADVISORY","url":"https://github.com/vim/vim/security/advisories/GHSA-q8mh-6qm3-25g4"},{"type":"WEB","url":"https://www.openwall.com/lists/oss-security/2026/06/21/2"},{"type":"ADVISORY","url":"https://github.com/vim/vim/security/advisories/GHSA-ppj8-wqjf-6fp3"},{"type":"WEB","url":"https://www.openwall.com/lists/oss-security/2026/06/24/9"},{"type":"ADVISORY","url":"https://github.com/vim/vim/security/advisories/GHSA-m3hf-xcm3-xhm2"},{"type":"WEB","url":"https://www.openwall.com/lists/oss-security/2026/06/27/6"},{"type":"ADVISORY","url":"https://github.com/vim/vim/security/advisories/GHSA-mf92-v4xw-j45x"},{"type":"WEB","url":"https://www.openwall.com/lists/oss-security/2026/06/28/1"},{"type":"ADVISORY","url":"https://github.com/vim/vim/security/advisories/GHSA-fh26-8f79-wj97"}],"affected":[{"package":{"name":"vim","ecosystem":"Mageia:10","purl":"pkg:rpm/mageia/vim?arch=source&distro=mageia-10"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"9.2.782-1.mga10"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2026-0240.json"}},{"package":{"name":"vim","ecosystem":"Mageia:9","purl":"pkg:rpm/mageia/vim?arch=source&distro=mageia-9"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"9.2.782-1.mga9"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2026-0240.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}