Oracle Linux 9 Vim Moderate Command Injection Vuln ELSA-2026-28209
oracle
June 26, 2026
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:
Summary
[8.2.2637-26.0.1.el9_8.6] - Remove upstream references [Orabug: 31197557] [2:8.2.2637-26.6] - CVE-2026-41411 vim: Command injection via backticks in tag files [2:8.2.2637-26.5] - RHEL-170136 CVE-2026-35177 vim: Vim zip.vim plugin: Arbitrary file overwrite via path traversal bypass [2:8.2.2637-26.4] - Resolves: RHEL-164966 vim: arbitrary command execution via modeline sandbox bypass [2:8.2.2637-26.3] - Related: RHEL-159630 rebuild to build with exception target [2:8.2.2637-26.2] - remove -O0 from flags [2:8.2.2637-26.1] - RHEL-159630 CVE-2026-33412 vim: Vim: Arbitrary code execution via command injection in glob() function
Topics Covered
SRPMs
http://oss.oracle.com/ol9/SRPMS-updates/vim-8.2.2637-26.0.1.el9_8.6.src.rpm
x86_64
vim-X11-8.2.2637-26.0.1.el9_8.6.x86_64.rpm vim-common-8.2.2637-26.0.1.el9_8.6.x86_64.rpm vim-enhanced-8.2.2637-26.0.1.el9_8.6.x86_64.rpm vim-filesystem-8.2.2637-26.0.1.el9_8.6.noarch.rpm vim-minimal-8.2.2637-26.0.1.el9_8.6.x86_64.rpm
aarch64
vim-X11-8.2.2637-26.0.1.el9_8.6.aarch64.rpm vim-common-8.2.2637-26.0.1.el9_8.6.aarch64.rpm vim-enhanced-8.2.2637-26.0.1.el9_8.6.aarch64.rpm vim-filesystem-8.2.2637-26.0.1.el9_8.6.noarch.rpm vim-minimal-8.2.2637-26.0.1.el9_8.6.aarch64.rpm
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Related CVEs:
CVE-2026-41411
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!