ALSA-2026:7711

See a problem?
Please try reporting it to the source first.

Source

https://errata.almalinux.org/10/ALSA-2026-7711.html

Import Source

https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2026:7711.json

JSON Data

https://api.test.osv.dev/v1/vulns/ALSA-2026:7711

Related

Published

2026-04-13T00:00:00Z

Modified

2026-04-17T13:15:13.635247Z

Summary

Important: vim security update

Details

Vim (Vi IMproved) is an updated and improved version of the vi editor.

Security Fix(es):

vim: Vim: Arbitrary code execution via OS command injection in the netrw plugin (CVE-2026-28417)
vim: Vim: Denial of service and information disclosure via crafted swap file (CVE-2026-28421)
vim: Vim: Arbitrary code execution via command injection in glob() function (CVE-2026-33412)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References

Affected packages

AlmaLinux:10

vim-X11

Package

Name: vim-X11
Purl: pkg:rpm/almalinux/vim-X11

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2:9.1.083-6.el10_1.3

Database specific

source

"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2026:7711.json"

vim-common

Package

Name: vim-common
Purl: pkg:rpm/almalinux/vim-common

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2:9.1.083-6.el10_1.3

Database specific

source

"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2026:7711.json"

vim-data

Package

Name: vim-data
Purl: pkg:rpm/almalinux/vim-data

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2:9.1.083-6.el10_1.3

Database specific

source

"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2026:7711.json"

vim-enhanced

Package

Name: vim-enhanced
Purl: pkg:rpm/almalinux/vim-enhanced

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2:9.1.083-6.el10_1.3

Database specific

source

"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2026:7711.json"

vim-filesystem

Package

Name: vim-filesystem
Purl: pkg:rpm/almalinux/vim-filesystem

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2:9.1.083-6.el10_1.3

Database specific

source

"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2026:7711.json"

vim-minimal

Package

Name: vim-minimal
Purl: pkg:rpm/almalinux/vim-minimal

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2:9.1.083-6.el10_1.3

Database specific

source

"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2026:7711.json"

xxd

Package

Name: xxd
Purl: pkg:rpm/almalinux/xxd

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2:9.1.083-6.el10_1.3

Database specific

source

"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2026:7711.json"