vim (SUSE:Linux Enterprise Server 16.0) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Server 16.0 package vim, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (6)
CVE-2026-34714 — CVSS 9.2 (critical): Vim before 9.2.0272 allows code execution that happens immediately upon opening a crafted file in the default configuration, because…
CVE-2026-34982 — CVSS 8.2 (high): Vim is an open source, command line text editor. Prior to version 9.2.0276, a modeline sandbox bypass in Vim allows arbitrary OS command…
CVE-2026-33412 — CVSS 5.6 (medium): Vim is an open source, command line text editor. Prior to version 9.2.0202, a command injection vulnerability exists in Vim's glob()…
CVE-2026-26269 — CVSS 5.4 (medium): Vim is an open source, command line text editor. Prior to 9.1.2148, a stack buffer overflow vulnerability exists in Vim's NetBeans…
CVE-2026-28417 — CVSS 4.4 (medium): Vim is an open source, command line text editor. Prior to version 9.2.0073, an OS command injection vulnerability exists in the `netrw`…
CVE-2025-53906 — CVSS 4.1 (medium): Vim is an open source, command line text editor. Prior to version 9.1.1551, a path traversal issue in Vim’s zip.vim plugin can allow…