ALSA-2026:6915

[ALSA-2026:6915] Important: vim security update

Type:

security

Severity:

important

Release date:

2026-04-09

Description:

Vim (Vi IMproved) is an updated and improved version of the vi editor.  

Security Fix(es):  

  * vim: Vim: Arbitrary code execution via OS command injection in the netrw plugin (CVE-2026-28417)
  * vim: Vim: Denial of service and information disclosure via crafted swap file (CVE-2026-28421)
  * vim: Vim: Arbitrary code execution via command injection in glob() function (CVE-2026-33412)


For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	vim-enhanced-8.0.1763-22.el8_10.1.aarch64.rpm	046214274c5fdfad647cf39b01a518b7c1eec7fb7652c4e242284578fd9b4aa6
aarch64	vim-X11-8.0.1763-22.el8_10.1.aarch64.rpm	195b90d3212e74b5240c92310d65a01b3f18591c0d423656d61054ee0b9074ec
aarch64	vim-minimal-8.0.1763-22.el8_10.1.aarch64.rpm	b46a11f0402db90e5ddf33f7315b2a2e6a4f07130e2399603bec50bd3e6e1fb7
aarch64	vim-common-8.0.1763-22.el8_10.1.aarch64.rpm	cc6ff85bad1aafbedbb12408bd8d6969f4c2159a04e4e2117678dc053b8bda33
noarch	vim-filesystem-8.0.1763-22.el8_10.1.noarch.rpm	5d41f078b6c9fd5ac7c36f605093122fe3af69830d8e82ee4fb414291cc0fd29
ppc64le	vim-common-8.0.1763-22.el8_10.1.ppc64le.rpm	2fb929e18a809152b1500240c5739d3d498a8a61ada6d1145bc367b6001c5531
ppc64le	vim-minimal-8.0.1763-22.el8_10.1.ppc64le.rpm	b0d29b71eaea805ada97f6b8121e0d57b1634118120d50993872429793443bc7
ppc64le	vim-X11-8.0.1763-22.el8_10.1.ppc64le.rpm	ec9dd8c1d33f08e5328ccda316859e5711761724dc97351e2bb76b84aec895d2
ppc64le	vim-enhanced-8.0.1763-22.el8_10.1.ppc64le.rpm	f837f1f27d8ac86db4645e8a63f1eff9c2686c95f98d084178f5a88f7b66fde0
s390x	vim-common-8.0.1763-22.el8_10.1.s390x.rpm	c7f039dcd3a20f64378c8aa8499299ff027b0fdf203c59bacfc0cafa1db2eec5
s390x	vim-minimal-8.0.1763-22.el8_10.1.s390x.rpm	ceb2d83b20346c5560e7ebb45d69f45fa39003a050595eb9e4150c90597e59df
s390x	vim-enhanced-8.0.1763-22.el8_10.1.s390x.rpm	ee246be14bbc01d426650c7e5889e8dbebcf39c9e9ca3c48f5105431cad16dc4
s390x	vim-X11-8.0.1763-22.el8_10.1.s390x.rpm	f9703cdedf435b8ab3685d7900ba1331fef5f72d1afcfcb1b67c21211e6d33f1
x86_64	vim-common-8.0.1763-22.el8_10.1.x86_64.rpm	2ea4d4ed11f2c3ccf5f8332adf2307caaf008ef503e73394328f1f64fa1900e1
x86_64	vim-minimal-8.0.1763-22.el8_10.1.x86_64.rpm	46bc931ea8ea384e4fd38d6aa0f4a5ec8319b1d740459184974fba046d4cdaa4
x86_64	vim-X11-8.0.1763-22.el8_10.1.x86_64.rpm	559600b2f97849e7ed171d787c1312ac1ef8d7b2f183598bc87133f0b63c6ae0
x86_64	vim-enhanced-8.0.1763-22.el8_10.1.x86_64.rpm	57bf7c448f1612db5a4ab367cb276005672066cfac2a5e443a6539ed5d003a0b

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.