CVSS - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8.4	CVE-2026-57456	Vim: Arbitrary Code Execution via Python Omni-Completion Docstrings_CVE-2026-57456 Vim is an open source, command line text editor. Prior to 9.2.0699, Vim's Python omni-completion (runtime/autoload/python3complete.vim and the lega...	vim	vim < 9.2.0699	Jun 25, 2026	CVE
MEDIUM 4	CVE-2026-57455	Vim: Stack out-of-bounds write in `spell_soundfold_sofo()` via an over-length `soundfold()` argument_CVE-2026-57455 Vim is an open source, command line text editor. Prior to 9.2.0698, the single-byte branch of spell_soundfold_sofo() in src/spell.c translates a wo...	vim	vim < 9.2.0698	Jun 25, 2026	CVE
MEDIUM 6.8	CVE-2026-57454	Vim: Out-of-bounds Read with Text Properties_CVE-2026-57454 Vim is an open source, command line text editor. From 9.2.0320 until 9.2.0679, a crafted undo or swap file can store a virtual-text property whose ...	vim	vim >= 9.2.0320, < 9.2.0679	Jun 25, 2026	CVE
MEDIUM 6.5	CVE-2026-57453	Vim: PowerShell Command Injection via Unescaped Filename in zip.vim Extraction_CVE-2026-57453 Vim is an open source, command line text editor. From 9.1.1784 until 9.2.0678, when the bundled zip plugin autoload/zip.vim falls back to PowerShel...	vim	vim >= 9.1.1784, < 9.2.0678	Jun 25, 2026	CVE
MEDIUM 5.5	CVE-2026-57452	Vim: Out-of-bounds Read with libsodium-encrypted Files_CVE-2026-57452 Vim is an open source, command line text editor. Prior to 9.2.0671, when Vim opens a file encrypted with the VimCrypt~04! or VimCrypt~05! method (x...	vim	vim < 9.2.0671	Jun 25, 2026	CVE
MEDIUM 5.3	CVE-2026-57451	Vim: Out-of-bounds Read in Text Property Count_CVE-2026-57451 Vim is an open source, command line text editor. Prior to 9.2.0670, get_text_props() in src/textprop.c reads a uint16 property count stored inline ...	vim	vim < 9.2.0670	Jun 25, 2026	CVE
LOW 2.2	CVE-2026-57438	Nokogiri: Possible Use-After-Free in XInclude Processing_CVE-2026-57438 Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, XInclude substitution performed by Nokogiri::XM...	sparklemotion	nokogiri < 1.19.4	Jun 25, 2026	CVE
MEDIUM 5.7	CVE-2026-55895	Vim: Vimscript Code Injection in netrw NetrwLocalRmFile() via crafted filename_CVE-2026-55895 Vim is an open source, command line text editor. Prior to 9.2.0663, a Vimscript code injection vulnerability exists in s:NetrwLocalRmFile() in the ...	vim	vim < 9.2.0663	Jun 25, 2026	CVE
MEDIUM 5.5	CVE-2026-55892	Vim: Out-of-bounds Write in Spell File Prefix Dump_CVE-2026-55892 Vim is an open source, command line text editor. Prior to 9.2.0662, the dump_prefixes() function in src/spell.c walks a spell-file prefix trie iter...	vim	vim < 9.2.0662	Jun 25, 2026	CVE
MEDIUM 5.7	CVE-2026-55693	Vim: Out-of-bounds Write in Spell File Word Count_CVE-2026-55693 Vim is an open source, command line text editor. Prior to 9.2.0653, the tree_count_words() function in src/spellfile.c fills in the word-count fiel...	vim	vim < 9.2.0653	Jun 25, 2026	CVE