ALSA-2026:8259

[ALSA-2026:8259] Important: vim security update

Type:

security

Severity:

important

Release date:

2026-04-15

Description:

Vim (Vi IMproved) is an updated and improved version of the vi editor.  

Security Fix(es):  

  * vim: Vim: Arbitrary code execution via OS command injection in the netrw plugin (CVE-2026-28417)
  * vim: Vim: Denial of service and information disclosure via crafted swap file (CVE-2026-28421)
  * vim: Vim: Arbitrary code execution via command injection in glob() function (CVE-2026-33412)


For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	vim-common-8.2.2637-23.el9_7.2.aarch64.rpm	6fa685dd3591b89ae9269f222b582bbea3906a9a3b0d847a5eb2e9065d943a09
aarch64	vim-X11-8.2.2637-23.el9_7.2.aarch64.rpm	c38bbfe23b9643585d372876bba943cc9bc9e97a3265bd1d386a60faa18873df
aarch64	vim-enhanced-8.2.2637-23.el9_7.2.aarch64.rpm	d1b9476109907ebf7cbf34501d9b05096d0958aa8e86b601cb289e67968be302
aarch64	vim-minimal-8.2.2637-23.el9_7.2.aarch64.rpm	f0c0534dc2dd0b6b05b486c017c1052ee04ca581a5c2066e8b912af9b6782333
noarch	vim-filesystem-8.2.2637-23.el9_7.2.noarch.rpm	94fe2cb8f2f54709fc1042edb356a556e14c1d5d65d2ddd8d1c19e1e5ff29b64
ppc64le	vim-common-8.2.2637-23.el9_7.2.ppc64le.rpm	6eddbb7a96c74a8fe0347f235a82e7b9ec3b7c555f1a281fdb115ee138c44c7e
ppc64le	vim-enhanced-8.2.2637-23.el9_7.2.ppc64le.rpm	bdae06590657c2273d8f8df4ac5d3e45bbfcd793d32eadb9aa58e20767c6c625
ppc64le	vim-minimal-8.2.2637-23.el9_7.2.ppc64le.rpm	d538307b0c19655b2eed805ea706663f7875d18e7dc37d6fc5534797411651d8
ppc64le	vim-X11-8.2.2637-23.el9_7.2.ppc64le.rpm	f6bcd2949299faca13ea68c7acb208048b2d5033a47074a03f84953c24f935c9
s390x	vim-common-8.2.2637-23.el9_7.2.s390x.rpm	6f0063b887b5a228594c2cf5a123510b031dfe786c36c5a1b32da7cd3f1c3e7c
s390x	vim-enhanced-8.2.2637-23.el9_7.2.s390x.rpm	723274c91fe996b5631ac9e76ba5cd31be3dddbc32d01dd874c34e28f169f7fa
s390x	vim-X11-8.2.2637-23.el9_7.2.s390x.rpm	95f747a2051274bf0fbedf6912fd4c929a3352602b5d2985a00f8e2d84526994
s390x	vim-minimal-8.2.2637-23.el9_7.2.s390x.rpm	f70a4140577c7be7930a6f7094eb9f76b06f87e50dfc3cf0d39cfaaa804ee9e6
x86_64	vim-minimal-8.2.2637-23.el9_7.2.x86_64.rpm	3b0272851ab3fd77becb4a8daf66652bfaf722d867a5e920d915c80e4d3b2966
x86_64	vim-X11-8.2.2637-23.el9_7.2.x86_64.rpm	7e75e702f3fdcfa3e33766cd35cda530c27603ca825dc24439abb5c3ef8d8a1b
x86_64	vim-enhanced-8.2.2637-23.el9_7.2.x86_64.rpm	d58734512cdec6be51b515e5d4afa1e1fd9a20b9f5b80208f9bdc9cda739f8cc
x86_64	vim-common-8.2.2637-23.el9_7.2.x86_64.rpm	e8e9c799af3642acbe7c0f05e54a12240ad29b84c63ac1e6822662275d631b5e

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.