exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 7

CVE-2026-28417

27 дней назад

Vim is an open source, command line text editor. Prior to version 9.2.0073, an OS command injection vulnerability exists in the `netrw` standard plugin bundled with Vim. By inducing a user to open a crafted URL (e.g., using the `scp://` protocol handler), an attacker can execute arbitrary shell commands with the privileges of the Vim process. Version 9.2.0073 fixes the issue.

CVSS3: 4.4

EPSS: Низкий

CVE-2026-28417

27 дней назад

Vim is an open source, command line text editor. Prior to version 9.2.0073, an OS command injection vulnerability exists in the `netrw` standard plugin bundled with Vim. By inducing a user to open a crafted URL (e.g., using the `scp://` protocol handler), an attacker can execute arbitrary shell commands with the privileges of the Vim process. Version 9.2.0073 fixes the issue.

CVSS3: 4.4

EPSS: Низкий

CVE-2026-28417

27 дней назад

Vim is an open source, command line text editor. Prior to version 9.2.0073, an OS command injection vulnerability exists in the `netrw` standard plugin bundled with Vim. By inducing a user to open a crafted URL (e.g., using the `scp://` protocol handler), an attacker can execute arbitrary shell commands with the privileges of the Vim process. Version 9.2.0073 fixes the issue.

CVSS3: 4.4

EPSS: Низкий

CVE-2026-28417

26 дней назад

Vim has OS Command Injection in netrw

CVSS3: 4.4

EPSS: Низкий

CVE-2026-28417

27 дней назад

Vim is an open source, command line text editor. Prior to version 9.2. ...

CVSS3: 4.4

EPSS: Низкий

BDU:2026-02589

28 дней назад

Уязвимость текстового редактора vim, связанная с непринятием мер по нейтрализации специальных элементов, позволяющая нарушителю выполнить произвольные команды

CVSS3: 7.8

EPSS: Низкий

SUSE-SU-2026:0910-1

9 дней назад

Security update for vim

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2026-28417 Vim is an open source, command line text editor. Prior to version 9.2.0073, an OS command injection vulnerability exists in the `netrw` standard plugin bundled with Vim. By inducing a user to open a crafted URL (e.g., using the `scp://` protocol handler), an attacker can execute arbitrary shell commands with the privileges of the Vim process. Version 9.2.0073 fixes the issue.	CVSS3: 4.4	0% Низкий	27 дней назад
CVE-2026-28417 Vim is an open source, command line text editor. Prior to version 9.2.0073, an OS command injection vulnerability exists in the `netrw` standard plugin bundled with Vim. By inducing a user to open a crafted URL (e.g., using the `scp://` protocol handler), an attacker can execute arbitrary shell commands with the privileges of the Vim process. Version 9.2.0073 fixes the issue.	CVSS3: 4.4	0% Низкий	27 дней назад
CVE-2026-28417 Vim is an open source, command line text editor. Prior to version 9.2.0073, an OS command injection vulnerability exists in the `netrw` standard plugin bundled with Vim. By inducing a user to open a crafted URL (e.g., using the `scp://` protocol handler), an attacker can execute arbitrary shell commands with the privileges of the Vim process. Version 9.2.0073 fixes the issue.	CVSS3: 4.4	0% Низкий	27 дней назад
CVE-2026-28417 Vim has OS Command Injection in netrw	CVSS3: 4.4	0% Низкий	26 дней назад
CVE-2026-28417 Vim is an open source, command line text editor. Prior to version 9.2. ...	CVSS3: 4.4	0% Низкий	27 дней назад
BDU:2026-02589 Уязвимость текстового редактора vim, связанная с непринятием мер по нейтрализации специальных элементов, позволяющая нарушителю выполнить произвольные команды	CVSS3: 7.8	0% Низкий	28 дней назад
SUSE-SU-2026:0910-1 Security update for vim			9 дней назад

Уязвимостей на страницу