SecurityHome.eu [USN-8451-1] Vim vulnerabilities

Home / mailings PDF

[USN-8451-1] Vim vulnerabilities
Posted on 18 June 2026
Ubuntu Security
==========================================================================Ubuntu Security Notice USN-8451-1
June 18, 2026

vim vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 26.04 LTS
- Ubuntu 25.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS

Summary:

Several security issues were fixed in Vim.

Software Description:
- vim: Vi IMproved - enhanced vi editor

Details:

Srinivas Piskala Ganesh Babu discovered that Vim incorrectly handled
directory names when serializing browsed paths to the netrw history file.
An attacker could possibly use this issue to execute arbitrary code.
(CVE-2026-47162)

It was discovered that Vim incorrectly handled step-definition patterns in
the cucumber filetype plugin. An attacker could possibly use this issue to
execute arbitrary code. (CVE-2026-47167)

It was discovered that Vim incorrectly handled import statements during
Python omni-completion. An attacker could possibly use this issue to
execute arbitrary code. (CVE-2026-52858)

Andrej Tomči discovered that Vim incorrectly handled certain terminal
screen cells when taking a snapshot, leading to an out-of-bounds read. An
attacker could possibly use this issue to cause Vim to crash, resulting in
a denial of service. (CVE-2026-52859)

David Carliez discovered that Vim incorrectly handled reconstructed
function and class definitions during Python omni-completion. An attacker
could possibly use this issue to execute arbitrary code. (CVE-2026-52860)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 26.04 LTS
vim 2:9.1.2141-1ubuntu4.5
vim-common 2:9.1.2141-1ubuntu4.5
vim-gtk3 2:9.1.2141-1ubuntu4.5
vim-gui-common 2:9.1.2141-1ubuntu4.5
vim-motif 2:9.1.2141-1ubuntu4.5
vim-nox 2:9.1.2141-1ubuntu4.5
vim-runtime 2:9.1.2141-1ubuntu4.5
vim-tiny 2:9.1.2141-1ubuntu4.5
xxd 2:9.1.2141-1ubuntu4.5

Ubuntu 25.10
vim 2:9.1.0967-1ubuntu6.7
vim-athena 2:9.1.0967-1ubuntu6.7
vim-common 2:9.1.0967-1ubuntu6.7
vim-gtk3 2:9.1.0967-1ubuntu6.7
vim-gui-common 2:9.1.0967-1ubuntu6.7
vim-motif 2:9.1.0967-1ubuntu6.7
vim-nox 2:9.1.0967-1ubuntu6.7
vim-runtime 2:9.1.0967-1ubuntu6.7
vim-tiny 2:9.1.0967-1ubuntu6.7
xxd 2:9.1.0967-1ubuntu6.7

Ubuntu 24.04 LTS
vim 2:9.1.0016-1ubuntu7.16
vim-athena 2:9.1.0016-1ubuntu7.16
vim-common 2:9.1.0016-1ubuntu7.16
vim-gtk3 2:9.1.0016-1ubuntu7.16
vim-gui-common 2:9.1.0016-1ubuntu7.16
vim-motif 2:9.1.0016-1ubuntu7.16
vim-nox 2:9.1.0016-1ubuntu7.16
vim-runtime 2:9.1.0016-1ubuntu7.16
vim-tiny 2:9.1.0016-1ubuntu7.16
xxd 2:9.1.0016-1ubuntu7.16

Ubuntu 22.04 LTS
vim 2:8.2.3995-1ubuntu2.32
vim-athena 2:8.2.3995-1ubuntu2.32
vim-common 2:8.2.3995-1ubuntu2.32
vim-gtk 2:8.2.3995-1ubuntu2.32
vim-gtk3 2:8.2.3995-1ubuntu2.32
vim-gui-common 2:8.2.3995-1ubuntu2.32
vim-nox 2:8.2.3995-1ubuntu2.32
vim-runtime 2:8.2.3995-1ubuntu2.32
vim-tiny 2:8.2.3995-1ubuntu2.32
xxd 2:8.2.3995-1ubuntu2.32

Ubuntu 20.04 LTS
vim 2:8.1.2269-1ubuntu5.32+esm8
Available with Ubuntu Pro
vim-athena 2:8.1.2269-1ubuntu5.32+esm8
Available with Ubuntu Pro
vim-common 2:8.1.2269-1ubuntu5.32+esm8
Available with Ubuntu Pro
vim-gtk 2:8.1.2269-1ubuntu5.32+esm8
Available with Ubuntu Pro
vim-gtk3 2:8.1.2269-1ubuntu5.32+esm8
Available with Ubuntu Pro
vim-gui-common 2:8.1.2269-1ubuntu5.32+esm8
Available with Ubuntu Pro
vim-nox 2:8.1.2269-1ubuntu5.32+esm8
Available with Ubuntu Pro
vim-runtime 2:8.1.2269-1ubuntu5.32+esm8
Available with Ubuntu Pro
vim-tiny 2:8.1.2269-1ubuntu5.32+esm8
Available with Ubuntu Pro
xxd 2:8.1.2269-1ubuntu5.32+esm8
Available with Ubuntu Pro

Ubuntu 18.04 LTS
vim 2:8.0.1453-1ubuntu1.13+esm20
Available with Ubuntu Pro
vim-athena 2:8.0.1453-1ubuntu1.13+esm20
Available with Ubuntu Pro
vim-common 2:8.0.1453-1ubuntu1.13+esm20
Available with Ubuntu Pro
vim-gnome 2:8.0.1453-1ubuntu1.13+esm20
Available with Ubuntu Pro
vim-gtk 2:8.0.1453-1ubuntu1.13+esm20
Available with Ubuntu Pro
vim-gtk3 2:8.0.1453-1ubuntu1.13+esm20
Available with Ubuntu Pro
vim-gui-common 2:8.0.1453-1ubuntu1.13+esm20
Available with Ubuntu Pro
vim-nox 2:8.0.1453-1ubuntu1.13+esm20
Available with Ubuntu Pro
vim-runtime 2:8.0.1453-1ubuntu1.13+esm20
Available with Ubuntu Pro
vim-tiny 2:8.0.1453-1ubuntu1.13+esm20
Available with Ubuntu Pro
xxd 2:8.0.1453-1ubuntu1.13+esm20
Available with Ubuntu Pro

Ubuntu 16.04 LTS
vim 2:7.4.1689-3ubuntu1.5+esm35
Available with Ubuntu Pro
vim-athena 2:7.4.1689-3ubuntu1.5+esm35
Available with Ubuntu Pro
vim-athena-py2 2:7.4.1689-3ubuntu1.5+esm35
Available with Ubuntu Pro
vim-common 2:7.4.1689-3ubuntu1.5+esm35
Available with Ubuntu Pro
vim-gnome 2:7.4.1689-3ubuntu1.5+esm35
Available with Ubuntu Pro
vim-gnome-py2 2:7.4.1689-3ubuntu1.5+esm35
Available with Ubuntu Pro
vim-gtk 2:7.4.1689-3ubuntu1.5+esm35
Available with Ubuntu Pro
vim-gtk-py2 2:7.4.1689-3ubuntu1.5+esm35
Available with Ubuntu Pro
vim-gtk3 2:7.4.1689-3ubuntu1.5+esm35
Available with Ubuntu Pro
vim-gtk3-py2 2:7.4.1689-3ubuntu1.5+esm35
Available with Ubuntu Pro
vim-gui-common 2:7.4.1689-3ubuntu1.5+esm35
Available with Ubuntu Pro
vim-nox 2:7.4.1689-3ubuntu1.5+esm35
Available with Ubuntu Pro
vim-nox-py2 2:7.4.1689-3ubuntu1.5+esm35
Available with Ubuntu Pro
vim-runtime 2:7.4.1689-3ubuntu1.5+esm35
Available with Ubuntu Pro
vim-tiny 2:7.4.1689-3ubuntu1.5+esm35
Available with Ubuntu Pro

Ubuntu 14.04 LTS
vim 2:7.4.052-1ubuntu3.1+esm29
Available with Ubuntu Pro
vim-athena 2:7.4.052-1ubuntu3.1+esm29
Available with Ubuntu Pro
vim-common 2:7.4.052-1ubuntu3.1+esm29
Available with Ubuntu Pro
vim-gnome 2:7.4.052-1ubuntu3.1+esm29
Available with Ubuntu Pro
vim-gtk 2:7.4.052-1ubuntu3.1+esm29
Available with Ubuntu Pro
vim-gui-common 2:7.4.052-1ubuntu3.1+esm29
Available with Ubuntu Pro
vim-lesstif 2:7.4.052-1ubuntu3.1+esm29
Available with Ubuntu Pro
vim-nox 2:7.4.052-1ubuntu3.1+esm29
Available with Ubuntu Pro
vim-runtime 2:7.4.052-1ubuntu3.1+esm29
Available with Ubuntu Pro
vim-tiny 2:7.4.052-1ubuntu3.1+esm29
Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-8451-1
CVE-2026-47162, CVE-2026-47167, CVE-2026-52858, CVE-2026-52859,
CVE-2026-52860

Package Information:
https://launchpad.net/ubuntu/+source/vim/2:9.1.2141-1ubuntu4.5
https://launchpad.net/ubuntu/+source/vim/2:9.1.0967-1ubuntu6.7
https://launchpad.net/ubuntu/+source/vim/2:9.1.0016-1ubuntu7.16
https://launchpad.net/ubuntu/+source/vim/2:8.2.3995-1ubuntu2.32

--===============3991521902051463490==Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature

TOP

Mailings :

Last 20

Exploits :

Last 20