Several security issues were fixed in Vim.
Software Description:
- vim: Vi IMproved - enhanced vi editor
Details:
It was discovered that Vim incorrectly handled file extraction when opening
maliciously crafted zip or tar archives. An attacker could possibly use
this issue to create or overwrite files on the system and execute arbitrary
code.
The problem can be corrected by updating your system to the following package versions: Ubuntu 25.04 vim 2:9.1.0967-1ubuntu4.1 Ubuntu 24.04 LTS vim 2:9.1.0016-1ubuntu7.9 In general, a standard system update will make all the necessary changes.
https://ubuntu.com/security/notices/USN-7748-1
CVE-2025-53905, CVE-2025-53906
Get the latest Linux and open source security news straight to your inbox.