CLSA-2026-1774432816
See a problem?- Import Source
- https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2026-1774432816.json
- JSON Data
- https://api.osv.dev/v1/vulns/CLSA-2026-1774432816
- Upstream
- Published
- 2026-03-27T12:33:20Z
- Modified
- 2026-06-01T00:33:16.775616597Z
- Summary
- vim: Fix of 2 CVEs
- Details
-
- CVE-2026-28417: fix OS command injection in netrw plugin when handling specially crafted URLs such as scp://
- CVE-2026-28421: fix heap-buffer-overflow and crash when recovering from a maliciously crafted Vim swap file
- References
Affected packages
TuxCare:CentOS:6 / vim-X11
Package
- Name
- vim-X11
- Purl
- pkg:rpm/tuxcare/vim-X11?distro=centos-6
TuxCare:CentOS:6 / vim-common
Package
- Name
- vim-common
- Purl
- pkg:rpm/tuxcare/vim-common?distro=centos-6
TuxCare:CentOS:6 / vim-enhanced
Package
- Name
- vim-enhanced
- Purl
- pkg:rpm/tuxcare/vim-enhanced?distro=centos-6
TuxCare:CentOS:6 / vim-filesystem
Package
- Name
- vim-filesystem
- Purl
- pkg:rpm/tuxcare/vim-filesystem?distro=centos-6