Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 616
Alerts This Week
Warning Icon 1 616

SUSE Linux Micro 6.2 Vim Important Fix for Buffer Overflow 2026-20759-1

suse
Calendar Grey March 24, 2026
Dist Suse Esm H88
SUSE update for Vim addresses critical issues including buffer overflow and security risks with important fixes.
An update that solves three vulnerabilities can now be installed.

Summary

## This update for vim fixes the following issues: * Update Vim to version 9.2.0110 that includes security fixes for: * CVE-2026-28417: crafted URL parsed by netrw plugin can lead to execute arbitrary shell commands (bsc#1259051). * CVE-2026-26269: stack buffer overflow in Vim's NetBeans integration when processing the specialKeys command (bsc#1258229). * CVE-2025-53906: path traversal in Vim's zip.vim plugin (bsc#1246602). * Other changes: * Add wayland-client to BuildRequires and enable Wayland support. * Add Wayland include path to CFLAGS to fix clipboard compilation. * Package new Swedish (sv) man pages and clean up duplicate encodings (sv.ISO8859-1 and sv.UTF-8). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".

References

* bsc#1246602

* bsc#1258229

* bsc#1259051

Cross-

* CVE-2025-53906

* CVE-2026-26269

* CVE-2026-28417

CVSS scores:

* CVE-2025-53906 ( SUSE ): 1.8

CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:A/VC:N/VI:L/VA:L/SC:N/SI:L/SA:L

* CVE-2025-53906 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:L

* CVE-2025-53906 ( NVD ): 4.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:L

* CVE-2026-26269 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L

* CVE-2026-26269 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

* CVE-2026-26269 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L

* CVE-2026-28417 ( SUSE ): 4.6

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

* CVE-2026-28417 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2026:20759-1
Release Date: 2026-03-20T03:12:35Z
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.