Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 523
Alerts This Week
Warning Icon 1 523

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 277 articles for you...
100

SUSE python-click Moderate Command Injection Vulnerability 2026-22321-1

An update that solves one vulnerability can now be installed.. # Security update for python-click Announcement ID: SUSE-SU-2026:22321-1 Release Date: 2026-06-22T14:30:37Z Rating: moderate References: * bsc#1263898 Cross-References: * CVE-2026-7246 CVSS scores: * CVE-2026-7246 ( SUSE ): 5.4 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-7246 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2026-7246 ( NVD ): 7.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H * CVE-2026-7246 ( NVD ): 7.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves one vulnerability can now be installed. ## Description: This update for python-click fixes the following issue * CVE-2026-7246: Arbitrary command execution via command injection in click.edit() (bsc#1263898). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-1029=1 * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-1029=1 ## Package List: * SUSE Linux Enterprise Server for SAP applications 16.0 (noarch) * python313-click-8.2.1-160000.3.1 * SUSE Linux Enterprise Server 16.0 (noarch) * python313-click-8.2.1-160000.3.1 ## References: * https://www.suse.com/security/cve/CVE-2026-7246.html * https://bugzilla.suse.com/show_bug.cgi?id=1263898 . This update addresses a moderate severity security issue in python-click on SUSE with potential command execution risks.. SUSE python-click update, moderate security patch, command execution issue. . Severity: moderate. LinuxSecurity.com Team

Calendar%202 Jul 01, 2026 moderate SuSE
89

Fedora 43 Python 3.13 Critical Security Updates 2026-2deb979d80

New Python release including bugfixes and security fixes.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-2deb979d80 2026-06-21 01:09:26.438193+00:00 -------------------------------------------------------------------------------- Name : python3.13 Product : Fedora 43 Version : 3.13.14 Release : 1.fc43 URL : https://www.python.org/ Summary : Version 3.13 of the Python interpreter Description : Python 3.13 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.13 package provides the "python3.13" executable: the reference interpreter for the Python language, version 3. The majority of its standard library is provided in the python3.13-libs package, which should be installed automatically along with python3.13. The remaining parts of the Python standard library are broken out into the python3.13-tkinter and python3.13-test packages, which may need to be installed separately. Documentation for Python is provided in the python3.13-docs package. Packages containing additional libraries for Python are generally named with the "python3.13-" prefix. -------------------------------------------------------------------------------- Update Information: New Python release including bugfixes and security fixes. -------------------------------------------------------------------------------- ChangeLog: * Thu Jun 11 2026 Karolina Surma - 3.13.14-1 - Update to Python 3.13.14 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2457943 - CVE-2026-1502 python3.13: Python: HTTP header injection via CR/LF in proxy tunnel headers [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2457943 [ 2 ] Bug #2458015 - CVE-2026-6100python3.13: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2458015 [ 3 ] Bug #2458223 - CVE-2026-4786 python3.13: Python: Arbitrary code execution via command injection in webbrowser.open() API [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2458223 [ 4 ] Bug #2484194 - CVE-2026-7210 python3.13: Python/Expat: Denial of Service via crafted XML document [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2484194 [ 5 ] Bug #2484559 - CVE-2026-3276 python3.13: Python unicodedata: Denial of Service due to excessive CPU consumption [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2484559 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-2deb979d80' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Enhance your Fedora 43 with the latest Python 3.13.14 update, addressing critical security issuesand bugfixes.. Python updates, Fedora security, package updates, Python releases. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Jun 20, 2026 Critical Fedora
87

Debian libconfig-inifiles-perl Important Shell Command Execution 2026-11527

A flaw was discovered in libconfig-inifiles-perl, a Perl module to read .ini-style configuration files, which may result in the execution of arbitrary shell commands or file overwrite when processing specially crafted file names. For the stable distribution (trixie), this problem has been fixed in. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6354-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Salvatore Bonaccorso June 19, 2026 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : libconfig-inifiles-perl CVE ID : CVE-2026-11527 A flaw was discovered in libconfig-inifiles-perl, a Perl module to read .ini-style configuration files, which may result in the execution of arbitrary shell commands or file overwrite when processing specially crafted file names. For the stable distribution (trixie), this problem has been fixed in version 3.000003-3+deb13u1. We recommend that you upgrade your libconfig-inifiles-perl packages. For the detailed security status of libconfig-inifiles-perl please refer to its security tracker page at: https://security-tracker.debian.org/tracker/libconfig-inifiles-perl Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . A flaw in libconfig-inifiles-perl allows arbitrary command execution via crafted filenames, debian advisory DSA-6354-1.. libconfig-inifiles-perl, Debian security, shell command execution. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 19, 2026 Important Debian
89

Fedora 43 vorbis-tools Important Buffer Underflow CVE-2026-34253

CVE-2026-34253 - fix arbitrary code execution via buffer underflow. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-cbf4cd18d1 2026-06-19 01:08:57.989075+00:00 -------------------------------------------------------------------------------- Name : vorbis-tools Product : Fedora 43 Version : 1.4.3 Release : 4.fc43 URL : https://www.xiph.org/ Summary : The Vorbis General Audio Compression Codec tools Description : Ogg Vorbis is a fully open, non-proprietary, patent- and royalty-free, general-purpose compressed audio format for audio and music at fixed and variable bitrates from 16 to 128 kbps/channel. The vorbis package contains an encoder, a decoder, a playback tool, and a comment editor. -------------------------------------------------------------------------------- Update Information: CVE-2026-34253 - fix arbitrary code execution via buffer underflow -------------------------------------------------------------------------------- ChangeLog: * Tue Jun 9 2026 Lukáš Zaoral - 1:1.4.3-4 - CVE-2026-34253 - fix arbitrary code execution via buffer underflow (rhbz#2479549) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2479549 - CVE-2026-34253 vorbis-tools: vorbis-tools ogg123: Arbitrary code execution via buffer underflow in remote control functionality [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2479549 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-cbf4cd18d1' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/keys -------------------------------------------------------------------------------- . Critical update for Fedora 43's vorbis-tools addressing CVE-2026-34253 involving buffer underflow and execution risk.. arbitrary execution, code execution, buffer underflow, vorbis-tools, Fedora update. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 18, 2026 Important Fedora
197

Debian 12 LibreOffice Critical Denial of Service Vulnerabilities DLA-4633-1

Multiple security vulnerabilities were discovered in LibreOffice, which could result in denial of service or potentially the execution of arbitrary code if malformed files are opened. For Debian 12 bookworm, these problems have been fixed in version 4:7.4.7-1+deb12u13.. Debian LTS Advisory DLA-4633-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Rene Engelhard June 17, 2026 https://wiki.debian.org/LTS Package : libreoffice Version : 4:7.4.7-1+deb12u13 CVE ID : CVE-2026-6039 CVE-2026-6045 CVE-2026-8356 CVE-2026-8357 CVE-2026-8358 Multiple security vulnerabilities were discovered in LibreOffice, which could result in denial of service or potentially the execution of arbitrary code if malformed files are opened. For Debian 12 bookworm, these problems have been fixed in version 4:7.4.7-1+deb12u13. We recommend that you upgrade your libreoffice packages. For the detailed security status of libreoffice please refer to its security tracker page at: https://security-tracker.debian.org/tracker/libreoffice Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Debian LTS DLA-4633-1 addresses multiple security issues in LibreOffice that may allow Denial of Service and arbitrary code execution.. DeBLTS security advisory, LibreOffice update, Debian vulnerabilities, Denial of Service, Arbitrary Code Execution. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Jun 17, 2026 Critical Debian LTS
172

Ubuntu 26.04 Tomcat Critical DoS and Authentication Bypass Vuln 8417-1

Several security issues were fixed in Tomcat.. ========================================================================== Ubuntu Security Notice USN-8417-1 June 10, 2026 tomcat9, tomcat10 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 26.04 LTS - Ubuntu 25.10 - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS Summary: Several security issues were fixed in Tomcat. Software Description: - tomcat10: Servlet and JSP engine - tomcat9: Servlet and JSP engine Details: It was discovered that Tomcat did not properly limit the size of WebDAV LOCK and PROPFIND request bodies. A remote attacker could use this issue to cause Tomcat to consume excessive memory, resulting in a denial of service. (CVE-2026-41284) It was discovered that Tomcat incorrectly validated HTTP/2 header fields. A remote attacker could use this issue to cause Tomcat to crash or possibly execute arbitrary code. (CVE-2026-41293) It was discovered that Tomcat did not properly clear HTTP authentication headers during WebSocket connection upgrades and redirects. A remote attacker could use this issue to obtain sensitive credentials. (CVE-2026-42498) It was discovered that Tomcat incorrectly handled digest authentication. A remote attacker could possibly use this issue to bypass authentication restrictions. (CVE-2026-43512) It was discovered that Tomcat incorrectly handled case sensitivity in LockOutRealm. A remote attacker could possibly use this issue to bypass account lockout protections and obtain sensitive information. (CVE-2026-43513) It was discovered that Tomcat incorrectly handled authorization when multiple method constraints defined the same HTTP method. A remote attacker could possibly use this issue to bypass authorization restrictions. (CVE-2026-43515) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 26.04 LTS libtomcat10-embed-java 10.1.40-1ubuntu1.26.04.1 libtomcat10-java 10.1.40-1ubuntu1.26.04.1 libtomcat9-java 9.0.115-1ubuntu0.1 tomcat10 10.1.40-1ubuntu1.26.04.1 Ubuntu 25.10 libtomcat10-embed-java 10.1.40-1ubuntu1.25.10.1 libtomcat10-java 10.1.40-1ubuntu1.25.10.1 libtomcat9-java 9.0.95-1ubuntu1.1 tomcat10 10.1.40-1ubuntu1.25.10.1 Ubuntu 24.04 LTS libtomcat10-embed-java 10.1.16-1ubuntu0.1~esm4 Available with Ubuntu Pro libtomcat10-java 10.1.16-1ubuntu0.1~esm4 Available with Ubuntu Pro libtomcat9-java 9.0.70-2ubuntu0.1+esm3 Available with Ubuntu Pro tomcat10 10.1.16-1ubuntu0.1~esm4 Available with Ubuntu Pro Ubuntu 22.04 LTS libtomcat9-embed-java 9.0.58-1ubuntu0.2+esm4 Available with Ubuntu Pro libtomcat9-java 9.0.58-1ubuntu0.2+esm4 Available with Ubuntu Pro tomcat9 9.0.58-1ubuntu0.2+esm4 Available with Ubuntu Pro Ubuntu 20.04 LTS libtomcat9-embed-java 9.0.31-1ubuntu0.9+esm3 Available with Ubuntu Pro libtomcat9-java 9.0.31-1ubuntu0.9+esm3 Available with Ubuntu Pro tomcat9 9.0.31-1ubuntu0.9+esm3 Available with Ubuntu Pro Ubuntu 18.04 LTS libtomcat9-embed-java 9.0.16-3ubuntu0.18.04.2+esm8 Available with Ubuntu Pro libtomcat9-java 9.0.16-3ubuntu0.18.04.2+esm8 Available with Ubuntu Pro tomcat9 9.0.16-3ubuntu0.18.04.2+esm8 Available with Ubuntu Pro After a standard system update you need to restart Tomcat to make all the necessary changes. References: https://ubuntu.com/security/notices/USN-8417-1 CVE-2026-41284, CVE-2026-41293, CVE-2026-42498, CVE-2026-43512, CVE-2026-43513, CVE-2026-43515 Package Information: https://launchpad.net/ubuntu/+source/tomcat10/10.1.40-1ubuntu1.26.04.1 https://launchpad.net/ubuntu/+source/tomcat9/9.0.115-1ubuntu0.1 https://launchpad.net/ubuntu/+source/tomcat10/10.1.40-1ubuntu1.25.10.1 https://launchpad.net/ubuntu/+source/tomcat9/9.0.95-1ubuntu1.1 . Address multiple security concerns with Tomcat in Ubuntu 20.04 to 26.04 for safer usage. Update as advised.. Ubuntu Tomcat security issues. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Jun 10, 2026 Critical Ubuntu
89

Fedora 43 Cockpit Critical Arbitrary Code Execution Fix 2026-58cee40a55

Automatic update for cockpit-362-1.fc43. Changelog for cockpit * Wed May 20 2026 Packit - 362-1 - Bug fixes and translation updates - Fix arbitrary code execution via specially crafted logs page link. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-58cee40a55 2026-06-05 04:07:33.979887+00:00 -------------------------------------------------------------------------------- Name : cockpit Product : Fedora 43 Version : 362 Release : 1.fc43 URL : https://cockpit-project.org/ Summary : Web Console for Linux servers Description : The Cockpit Web Console enables users to administer GNU/Linux servers using a web browser. It offers network configuration, log inspection, diagnostic reports, SELinux troubleshooting, interactive command-line sessions, and more. -------------------------------------------------------------------------------- Update Information: Automatic update for cockpit-362-1.fc43. Changelog for cockpit * Wed May 20 2026 Packit - 362-1 - Bug fixes and translation updates - Fix arbitrary code execution via specially crafted logs page link (CVE-2026-4802) -------------------------------------------------------------------------------- ChangeLog: * Wed May 20 2026 Packit - 362-1 - Bug fixes and translation updates - Fix arbitrary code execution via specially crafted logs page link (CVE-2026-4802) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2480095 - [Exploits (KEV)] CVE-2026-4802 cockpit: Cockpit: Arbitrary command execution via crafted links in system logs UI [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2480095 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-58cee40a55' at the command line. For more information, refer to the dnfdocumentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Cockpit update for Fedora 43 addresses critical arbitrary command execution flaw, strengthens overall security.. Fedora Cockpit Update Arbitrary Execution. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 05, 2026 Important Fedora
172

Ubuntu 26.04 Vim Critical Exec Code Denial of Service USN-8304-1

Several security issues were fixed in Vim.. ========================================================================== Ubuntu Security Notice USN-8304-1 May 25, 2026 vim vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 26.04 LTS - Ubuntu 25.10 - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS - Ubuntu 14.04 LTS Summary: Several security issues were fixed in Vim. Software Description: - vim: Vi IMproved - enhanced vi editor Details: Joshua Rogers discovered that Vim incorrectly handled certain URL schemes in the netrw plugin. An attacker could possibly use this issue to execute arbitrary commands. (CVE-2026-42307) It was discovered that Vim incorrectly handled command-line completion for the :find command. An attacker could possibly use this issue to execute arbitrary commands. (CVE-2026-44656) Daniel Cervera discovered that Vim incorrectly handled loading spell files. An attacker could possibly use this issue to cause a denial of service, or to execute arbitrary code. (CVE-2026-45130) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 26.04 LTS vim 2:9.1.2141-1ubuntu4.2 vim-common 2:9.1.2141-1ubuntu4.2 vim-gtk3 2:9.1.2141-1ubuntu4.2 vim-gui-common 2:9.1.2141-1ubuntu4.2 vim-motif 2:9.1.2141-1ubuntu4.2 vim-nox 2:9.1.2141-1ubuntu4.2 vim-runtime 2:9.1.2141-1ubuntu4.2 vim-tiny 2:9.1.2141-1ubuntu4.2 Ubuntu 25.10 vim 2:9.1.0967-1ubuntu6.5 vim-athena 2:9.1.0967-1ubuntu6.5 vim-common 2:9.1.0967-1ubuntu6.5 vim-gtk3 2:9.1.0967-1ubuntu6.5 vim-gui-common 2:9.1.0967-1ubuntu6.5 vim-motif 2:9.1.0967-1ubuntu6.5 vim-nox 2:9.1.0967-1ubuntu6.5 vim-runtime 2:9.1.0967-1ubuntu6.5 vim-tiny 2:9.1.0967-1ubuntu6.5 Ubuntu 24.04 LTS vim 2:9.1.0016-1ubuntu7.14 vim-athena 2:9.1.0016-1ubuntu7.14 vim-common 2:9.1.0016-1ubuntu7.14 vim-gtk3 2:9.1.0016-1ubuntu7.14 vim-gui-common 2:9.1.0016-1ubuntu7.14 vim-motif 2:9.1.0016-1ubuntu7.14 vim-nox 2:9.1.0016-1ubuntu7.14 vim-runtime 2:9.1.0016-1ubuntu7.14 vim-tiny 2:9.1.0016-1ubuntu7.14 Ubuntu 22.04 LTS vim 2:8.2.3995-1ubuntu2.30 vim-athena 2:8.2.3995-1ubuntu2.30 vim-common 2:8.2.3995-1ubuntu2.30 vim-gtk 2:8.2.3995-1ubuntu2.30 vim-gtk3 2:8.2.3995-1ubuntu2.30 vim-gui-common 2:8.2.3995-1ubuntu2.30 vim-nox 2:8.2.3995-1ubuntu2.30 vim-runtime 2:8.2.3995-1ubuntu2.30 vim-tiny 2:8.2.3995-1ubuntu2.30 Ubuntu 20.04 LTS vim 2:8.1.2269-1ubuntu5.32+esm5 Available with Ubuntu Pro vim-athena 2:8.1.2269-1ubuntu5.32+esm5 Available with Ubuntu Pro vim-common 2:8.1.2269-1ubuntu5.32+esm5 Available with Ubuntu Pro vim-gtk 2:8.1.2269-1ubuntu5.32+esm5 Available with Ubuntu Pro vim-gtk3 2:8.1.2269-1ubuntu5.32+esm5 Available with Ubuntu Pro vim-gui-common 2:8.1.2269-1ubuntu5.32+esm5 Available withUbuntu Pro vim-nox 2:8.1.2269-1ubuntu5.32+esm5 Available with Ubuntu Pro vim-runtime 2:8.1.2269-1ubuntu5.32+esm5 Available with Ubuntu Pro vim-tiny 2:8.1.2269-1ubuntu5.32+esm5 Available with Ubuntu Pro Ubuntu 18.04 LTS vim 2:8.0.1453-1ubuntu1.13+esm17 Available with Ubuntu Pro vim-athena 2:8.0.1453-1ubuntu1.13+esm17 Available with Ubuntu Pro vim-common 2:8.0.1453-1ubuntu1.13+esm17 Available with Ubuntu Pro vim-gnome 2:8.0.1453-1ubuntu1.13+esm17 Available with Ubuntu Pro vim-gtk 2:8.0.1453-1ubuntu1.13+esm17 Available with Ubuntu Pro vim-gtk3 2:8.0.1453-1ubuntu1.13+esm17 Available with Ubuntu Pro vim-gui-common 2:8.0.1453-1ubuntu1.13+esm17 Available with Ubuntu Pro vim-nox 2:8.0.1453-1ubuntu1.13+esm17 Available with Ubuntu Pro vim-runtime 2:8.0.1453-1ubuntu1.13+esm17 Available with Ubuntu Pro vim-tiny 2:8.0.1453-1ubuntu1.13+esm17 Available with Ubuntu Pro Ubuntu 16.04 LTS vim 2:7.4.1689-3ubuntu1.5+esm32 Available with Ubuntu Pro vim-athena 2:7.4.1689-3ubuntu1.5+esm32 Available with Ubuntu Pro vim-athena-py2 2:7.4.1689-3ubuntu1.5+esm32 Available with Ubuntu Pro vim-common 2:7.4.1689-3ubuntu1.5+esm32 Available with Ubuntu Pro vim-gnome 2:7.4.1689-3ubuntu1.5+esm32 Available with Ubuntu Pro vim-gnome-py2 2:7.4.1689-3ubuntu1.5+esm32 Available with Ubuntu Pro vim-gtk 2:7.4.1689-3ubuntu1.5+esm32 Available with Ubuntu Pro vim-gtk-py2 2:7.4.1689-3ubuntu1.5+esm32 Available with Ubuntu Pro vim-gtk3 2:7.4.1689-3ubuntu1.5+esm32 Available with Ubuntu Pro vim-gtk3-py2 2:7.4.1689-3ubuntu1.5+esm32 Available with Ubuntu Pro vim-gui-common 2:7.4.1689-3ubuntu1.5+esm32 Available with Ubuntu Pro vim-nox 2:7.4.1689-3ubuntu1.5+esm32 Available with Ubuntu Pro vim-nox-py2 2:7.4.1689-3ubuntu1.5+esm32 Available with Ubuntu Pro vim-runtime 2:7.4.1689-3ubuntu1.5+esm32 Available with Ubuntu Pro vim-tiny 2:7.4.1689-3ubuntu1.5+esm32 Available with Ubuntu Pro Ubuntu 14.04 LTS vim 2:7.4.052-1ubuntu3.1+esm26 Available with Ubuntu Pro vim-athena 2:7.4.052-1ubuntu3.1+esm26 Available with Ubuntu Pro vim-common 2:7.4.052-1ubuntu3.1+esm26 Available with Ubuntu Pro vim-gnome 2:7.4.052-1ubuntu3.1+esm26 Available with Ubuntu Pro vim-gtk 2:7.4.052-1ubuntu3.1+esm26 Available withUbuntu Pro vim-gui-common 2:7.4.052-1ubuntu3.1+esm26 Available with Ubuntu Pro vim-lesstif 2:7.4.052-1ubuntu3.1+esm26 Available with Ubuntu Pro vim-nox 2:7.4.052-1ubuntu3.1+esm26 Available with Ubuntu Pro vim-runtime 2:7.4.052-1ubuntu3.1+esm26 Available with Ubuntu Pro vim-tiny 2:7.4.052-1ubuntu3.1+esm26 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-8304-1 CVE-2026-42307, CVE-2026-44656, CVE-2026-45130 Package Information: https://launchpad.net/ubuntu/+source/vim/2:9.1.2141-1ubuntu4.2 https://launchpad.net/ubuntu/+source/vim/2:9.1.0967-1ubuntu6.5 https://launchpad.net/ubuntu/+source/vim/2:9.1.0016-1ubuntu7.14 https://launchpad.net/ubuntu/+source/vim/2:8.2.3995-1ubuntu2.30 . Several security issues fixed in Vim affect Ubuntu 26.04 and older versions. Key updates prevent potential command executions.. Ubuntu security updates, Vim security patches, command execution security, Denial of service fix, Ubuntu vulnerabilities. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 May 25, 2026 Critical Ubuntu
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200