Advisories » MGASA-2026-0055

Updated vim packages fix security vulnerability

Publication date: 14 Mar 2026
Modification date: 13 Mar 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-32249

Description

NFA regex engine NULL pointer dereference affects Vim < 9.2.0137.
(CVE-2026-32249)
                

References

• https://bugs.mageia.org/show_bug.cgi?id=35197
• https://www.openwall.com/lists/oss-security/2026/03/11/6
• https://github.com/vim/vim/security/advisories/GHSA-9phh-423r-778r
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32249

SRPMS

9/core

• vim-9.2.140-1.mga9