[Git][security-tracker-team/security-tracker][master] Add some more vim issues

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Jun 25 20:36:46 BST 2026



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
af2b63ad by Salvatore Bonaccorso at 2026-06-25T21:36:23+02:00
Add some more vim issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -67,9 +67,13 @@ CVE-2026-57453 (Vim is an open source, command line text editor. From 9.1.1784 u
 	NOTE: https://github.com/vim/vim/security/advisories/GHSA-x5fg-h5w9-9frf
 	NOTE: Fixed by: https://github.com/vim/vim/commit/b2cc9be119d51212bf0d3f2a994c7e517c73f4a9 (v9.2.0678)
 CVE-2026-57452 (Vim is an open source, command line text editor. Prior to 9.2.0671, wh ...)
-	TODO: check
+	- vim <unfixed>
+	NOTE: https://github.com/vim/vim/security/advisories/GHSA-c4j9-wr9j-4486
+	NOTE: Fixed by: https://github.com/vim/vim/commit/c8777cec25dcfae89c42e9aff51af61f71c5745f (v9.2.0671)
 CVE-2026-57451 (Vim is an open source, command line text editor. Prior to 9.2.0670, ge ...)
-	TODO: check
+	- vim <unfixed>
+	NOTE: https://github.com/vim/vim/security/advisories/GHSA-f36c-2qcp-7gpw
+	NOTE: Fixed by: https://github.com/vim/vim/commit/b2338ca90643e2f01ecb6547c1172716aaec4f79 (v9.2.0670)
 CVE-2026-57438 (Nokogiri is an open source XML and HTML library for the Ruby programmi ...)
 	TODO: check
 CVE-2026-57437 (Nokogiri is an open source XML and HTML library for the Ruby programmi ...)
@@ -155,9 +159,13 @@ CVE-2026-55967 (AES-GCM encryption/decryption with extremely large cumulative si
 CVE-2026-55961 (wolfSSL_PKCS7_verify() returning success for a degenerate (certs-only) ...)
 	TODO: check
 CVE-2026-55895 (Vim is an open source, command line text editor. Prior to 9.2.0663, a  ...)
-	TODO: check
+	- vim <unfixed>
+	NOTE: https://github.com/vim/vim/security/advisories/GHSA-vhh8-v6wx-hjjh
+	NOTE: Fixed by: https://github.com/vim/vim/commit/55bc757a5d436e59d50fe43f7cda94b118f86cb2 (v9.2.0663)
 CVE-2026-55892 (Vim is an open source, command line text editor. Prior to 9.2.0662, th ...)
-	TODO: check
+	 - vim <unfixed>
+	NOTE: https://github.com/vim/vim/security/advisories/GHSA-qm9w-fmpj-879h
+	NOTE: Fixed by: https://github.com/vim/vim/commit/8325b193bba5f01e7a7d8241fc8633d93dff996b (v9.2.0662)
 CVE-2026-55700 (pnpm is a package manager. From 11.3.0 until 11.5.3, `pnpm stage downl ...)
 	TODO: check
 CVE-2026-55699 (pnpm is a package manager. Prior to 10.34.2 and 11.5.3, Manifest bin o ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/af2b63ad2d8b6477e1ed31ac73fc87df6fff3c31

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/af2b63ad2d8b6477e1ed31ac73fc87df6fff3c31
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260625/17e43229/attachment-0001.htm>


More information about the debian-security-tracker-commits mailing list