[CLSA-2026:1777567716] vim: Fix of CVE-2026-39881
Type:
security
Severity:
Important
Release date:
2026-04-30 16:48:42 UTC
Description:
- CVE-2026-39881: fix command injection in netbeans interface by validating defineAnnoType typeName/fg/bg and specialKeys tokens against an allowlist of safe characters before interpolating them into Ex commands
Updated packages:
  • vim-X11-7.4.629-5.2.el6.tuxcare.els50.x86_64.rpm
    sha:7dce76b52859dd59b507e182d58dca473293ce88b770cff5b5995256e8bc4867
  • vim-common-7.4.629-5.2.el6.tuxcare.els50.x86_64.rpm
    sha:fdde00ddef9c358a78d87c97dea1e0848a6699ab410a52eb22ef0c69d5b86742
  • vim-enhanced-7.4.629-5.2.el6.tuxcare.els50.x86_64.rpm
    sha:8d1dd11f2416631577babfa722703bc487b4f9836dcfbd544626dbffb1048e10
  • vim-filesystem-7.4.629-5.2.el6.tuxcare.els50.x86_64.rpm
    sha:754e7e7e9556552fded211c2d2a309889eb85c954b37684dd4ab7550f4b4eb18
  • vim-minimal-7.4.629-5.2.el6.tuxcare.els50.x86_64.rpm
    sha:f7885176359cfaa22c8d256c8495cff2a0f07504110fd8098d6b91bbed713db0
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.