[CLSA-2026:1781010825] vim: Fix of CVE-2026-41411
Type:
security
Severity:
Important
Release date:
2026-06-13 10:28:47 UTC
Description:
- CVE-2026-41411: fix OS command injection in tag file processing by disallowing backticks in the filename field before wildcard expansion (upstream 9.2.0357)
CVEs fixed:
Updated packages:
  • vim-X11-7.4.629-8.0.1.el7_9.tuxcare.els19.x86_64.rpm
    sha:a6f05a4ec9b7718a178a877fa76518bd9fdab89e4e7143de6c909b623077958c
  • vim-common-7.4.629-8.0.1.el7_9.tuxcare.els19.x86_64.rpm
    sha:92ed1e8077f0ae129df639d19245c5340373090a125569853f465d3518375d11
  • vim-enhanced-7.4.629-8.0.1.el7_9.tuxcare.els19.x86_64.rpm
    sha:3475cf719d69e39ef960f43fcd082d873610d7dbb5dd3f715a26c88641127626
  • vim-filesystem-7.4.629-8.0.1.el7_9.tuxcare.els19.x86_64.rpm
    sha:a909a92e0092412fe2e614d0ebeff6de4ba96ee98047a14ffcb304ac33a811a7
  • vim-minimal-7.4.629-8.0.1.el7_9.tuxcare.els19.x86_64.rpm
    sha:d414a5896af865a329d3b20ec6f24b17c220731750803d25557ea574071ea30e
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.