Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 493
Alerts This Week
Warning Icon 1 493

Oracle Linux 9 ELSA-2026-38511 vim Important Code Injection

oracle
Calendar Grey July 14, 2026
Oracle Linux Logo Esm H88
Important security advisory for Oracle Linux 9 addressing critical code injection issues in vim and providing vital updates.
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

Summary

[8.2.2637-26.0.1.el9_8.10] - Remove upstream references [Orabug: 31197557] [2:8.2.2637-26.10] - RHEL-186659 CVE-2026-47162 vim: code injection via NetrwBookHistSave() [2:8.2.2637-26.9] - RHEL-186646 CVE-2026-52858 vim: possible code execution with python3complete [2:8.2.2637-26.8] - RHEL-185874 CVE-2026-47167 vim: Code Injection in cucumber filetype plugin [2:8.2.2637-26.7] - RHEL-178243 CVE-2026-46483 vim: command injection in tar plugin [2:8.2.2637-26.6] - CVE-2026-41411 vim: Command injection via backticks in tag files [2:8.2.2637-26.5] - RHEL-170136 CVE-2026-35177 vim: Vim zip.vim plugin: Arbitrary file overwrite via path traversal bypass [2:8.2.2637-26.4] - Resolves: RHEL-164966 vim: arbitrary command execution via modeline sandbox bypass [2:8.2.2637-26.3] - Related: RHEL-159630 rebuild to build with exception target [2:8.2.2637-26.2] - remove -O0 from flags

SRPMs

http://oss.oracle.com/ol9/SRPMS-updates/vim-8.2.2637-26.0.1.el9_8.10.src.rpm

x86_64

vim-X11-8.2.2637-26.0.1.el9_8.10.x86_64.rpm vim-common-8.2.2637-26.0.1.el9_8.10.x86_64.rpm vim-enhanced-8.2.2637-26.0.1.el9_8.10.x86_64.rpm vim-filesystem-8.2.2637-26.0.1.el9_8.10.noarch.rpm vim-minimal-8.2.2637-26.0.1.el9_8.10.x86_64.rpm

aarch64

vim-X11-8.2.2637-26.0.1.el9_8.10.aarch64.rpm vim-common-8.2.2637-26.0.1.el9_8.10.aarch64.rpm vim-enhanced-8.2.2637-26.0.1.el9_8.10.aarch64.rpm vim-filesystem-8.2.2637-26.0.1.el9_8.10.noarch.rpm vim-minimal-8.2.2637-26.0.1.el9_8.10.aarch64.rpm

Severity
important
Lowest
Low
Medium
High
Critical

Related CVEs: CVE-2026-46483 CVE-2026-47162 CVE-2026-47167 CVE-2026-52858

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.