{
  "schema_version": "1.7.0",
  "id": "MGASA-2026-0240",
  "published": "2026-07-10T15:41:14Z",
  "modified": "2026-07-10T14:39:40Z",
  "summary": "Updated vim packages fix security vulnerabilities",
  "details": "The updated packages fix security vulnerabilities:\nArbitrary Code Execution via Python Omni-Completion in Vim < 9.2.0561.\n(CVE-2026-52858)\nOut-of-bounds Read in Terminal Screen Snapshot in Vim < 9.2.0565.\n(CVE-2026-52859)\nArbitrary Code Execution via Python Omni-Completion in Vim < 9.2.0597.\n(CVE-2026-52860)\nOut-of-bounds Write in Spell File Word Count in Vim < 9.2.0653.\n(CVE-2026-55693)\nOut-of-bounds Write in Spell File Prefix Dump in Vim < 9.2.0662.\n(CVE-2026-55892)\nVimscript Code Injection in netrw NetrwLocalRmFile() via crafted\nfilename affects Vim < 9.2.0663. (CVE-2026-55895)\nOut-of-bounds Read in Text Property Count in Vim < 9.2.0670.\n(CVE-2026-57451)\nOut-of-bounds Read with libsodium-encrypted Files in Vim < 9.2.0671.\n(CVE-2026-57452)\nPowerShell Command Injection in zip.vim via Crafted Archive Entry Names\nin Vim > 9.1.1783 && Vim < 9.2.0678. (CVE-2026-57453)\nOut-of-bounds Read with Text Properties in Vim >= 9.2.0320 && Vim <\n9.2.0679. (CVE-2026-57454)\nOut-of-bounds Write in SOFO Soundfolding in Vim < 9.2.0698.\n(CVE-2026-57455)\nArbitrary Code Execution via Python Omni-Completion Docstrings in Vim <\n9.2.0699. (CVE-2026-57456)\n",
  "upstream": [
    "CVE-2026-52858",
    "CVE-2026-52859",
    "CVE-2026-52860",
    "CVE-2026-55693",
    "CVE-2026-55892",
    "CVE-2026-55895",
    "CVE-2026-57451",
    "CVE-2026-57452",
    "CVE-2026-57453",
    "CVE-2026-57454",
    "CVE-2026-57455",
    "CVE-2026-57456"
  ],
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://advisories.mageia.org/MGASA-2026-0240.html"
    },
    {
      "type": "REPORT",
      "url": "https://bugs.mageia.org/show_bug.cgi?id=35580"
    },
    {
      "type": "WEB",
      "url": "https://www.openwall.com/lists/oss-security/2026/05/22/13"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/vim/vim/security/advisories/GHSA-3h95-3962-mmvf"
    },
    {
      "type": "WEB",
      "url": "https://www.openwall.com/lists/oss-security/2026/05/29/5"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/vim/vim/security/advisories/GHSA-52mc-rq6p-rc7c"
    },
    {
      "type": "WEB",
      "url": "https://www.openwall.com/lists/oss-security/2026/05/30/4"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/vim/vim/security/advisories/GHSA-47gw-8gc3-mgcm"
    },
    {
      "type": "WEB",
      "url": "https://www.openwall.com/lists/oss-security/2026/06/04/14"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/vim/vim/security/advisories/GHSA-65p9-mwwx-7468"
    },
    {
      "type": "WEB",
      "url": "https://www.openwall.com/lists/oss-security/2026/06/15/8"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/vim/vim/security/advisories/GHSA-wgh4-64f7-q3jq"
    },
    {
      "type": "WEB",
      "url": "https://www.openwall.com/lists/oss-security/2026/06/16/12"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/vim/vim/security/advisories/GHSA-qm9w-fmpj-879h"
    },
    {
      "type": "WEB",
      "url": "https://www.openwall.com/lists/oss-security/2026/06/16/13"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/vim/vim/security/advisories/GHSA-vhh8-v6wx-hjjh"
    },
    {
      "type": "WEB",
      "url": "https://www.openwall.com/lists/oss-security/2026/06/17/10"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/vim/vim/security/advisories/GHSA-f36c-2qcp-7gpw"
    },
    {
      "type": "WEB",
      "url": "https://www.openwall.com/lists/oss-security/2026/06/18/7"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/vim/vim/security/advisories/GHSA-c4j9-wr9j-4486"
    },
    {
      "type": "WEB",
      "url": "https://www.openwall.com/lists/oss-security/2026/06/20/2"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/vim/vim/security/advisories/GHSA-x5fg-h5w9-9frf"
    },
    {
      "type": "WEB",
      "url": "https://www.openwall.com/lists/oss-security/2026/06/20/3"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/vim/vim/security/advisories/GHSA-ww8h-47xp-hp4w"
    },
    {
      "type": "WEB",
      "url": "https://www.openwall.com/lists/oss-security/2026/06/21/1"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/vim/vim/security/advisories/GHSA-q8mh-6qm3-25g4"
    },
    {
      "type": "WEB",
      "url": "https://www.openwall.com/lists/oss-security/2026/06/21/2"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/vim/vim/security/advisories/GHSA-ppj8-wqjf-6fp3"
    },
    {
      "type": "WEB",
      "url": "https://www.openwall.com/lists/oss-security/2026/06/24/9"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/vim/vim/security/advisories/GHSA-m3hf-xcm3-xhm2"
    },
    {
      "type": "WEB",
      "url": "https://www.openwall.com/lists/oss-security/2026/06/27/6"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/vim/vim/security/advisories/GHSA-mf92-v4xw-j45x"
    },
    {
      "type": "WEB",
      "url": "https://www.openwall.com/lists/oss-security/2026/06/28/1"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/vim/vim/security/advisories/GHSA-fh26-8f79-wj97"
    }
  ],
  "affected": [
    {
      "package": {
        "ecosystem": "Mageia:10",
        "name": "vim",
        "purl": "pkg:rpm/mageia/vim?arch=source&distro=mageia-10"
      },
      "ranges": [
        {
          "type": "ECOSYSTEM",
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "9.2.782-1.mga10"
            }
          ]
        }
      ],
      "ecosystem_specific": {
        "section": "core"
      }
    },
    {
      "package": {
        "ecosystem": "Mageia:9",
        "name": "vim",
        "purl": "pkg:rpm/mageia/vim?arch=source&distro=mageia-9"
      },
      "ranges": [
        {
          "type": "ECOSYSTEM",
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "9.2.782-1.mga9"
            }
          ]
        }
      ],
      "ecosystem_specific": {
        "section": "core"
      }
    }
  ],
  "credits": [
    {
      "name": "Mageia",
      "type": "COORDINATOR",
      "contact": [
        "https://wiki.mageia.org/en/Packages_Security_Team"
      ]
    }
  ]
}
