Advisories » MGASA-2026-0062

Updated vim packages fix security vulnerabilities

Publication date: 24 Mar 2026
Modification date: 24 Mar 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-33412

Description

Command injection via newline in glob() affects Vim < 9.2.0202.
(CVE-2026-33412)
                

References

• https://bugs.mageia.org/show_bug.cgi?id=35239
• https://www.openwall.com/lists/oss-security/2026/03/19/10
• https://github.com/vim/vim/security/advisories/GHSA-w5jw-f54h-x46c
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33412

SRPMS

9/core

• vim-9.2.209-1.mga9