CVE-2026-35177
Description
RHSA-2026:22717: vim security update (Moderate)
Predictions
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Mitigation details
Description vim: zip.vim: Vim zip.vim plugin: Arbitrary file overwrite via path traversal bypass Red Hat statement There's a flaw in `zip.vim` plugin in Vim, allowing a local attacker to overwrite arbitrary files. A user must be tricked into opening a specially crafted zip archive for exploitation, potentially compromising data integrity or the system. When successfully exploited thisβ¦
Description
vim: zip.vim: Vim zip.vim plugin: Arbitrary file overwrite via path traversal bypass
Red Hat statement
There's a flaw in `zip.vim` plugin in Vim, allowing a local attacker to overwrite arbitrary files. A user must be tricked into opening a specially crafted zip archive for exploitation, potentially compromising data integrity or the system. When successfully exploited this vulnerability enables the attacker to overwrite arbitrary files or inject code in sensitive system's location, the impact of the exploitation depends on the privileges which the `vim` process is being executed. Sensitive or privileges files are only susceptible to be overwritten only if the `vim` process is being executed by a high privileged user. Red Hat Product Security team has rated this vulnerability as having a impact of MODERATE, this decision was made by the fact the user needs to be tricked to open a maliciously crafted file in order to a successful attack to be performed. Additionally the impact will be limited to files which the user running the `vim` process has write permissions.
CVSS v3: 4.1 (CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:L)
Errata / fixed releases
| Product | Package | Advisory | Released |
|---|---|---|---|
| Red Hat Enterprise Linux 10 | vim-2:9.1.083-9.el10_2.3 | RHSA-2026:22711 | 2026-06-03T00:00:00Z |
Package state
| Product | Package | State |
|---|---|---|
| Red Hat Enterprise Linux 6 | vim | Affected |
| Red Hat Enterprise Linux 7 | vim | Affected |
| Red Hat Enterprise Linux 8 | vim | Affected |
| Red Hat Enterprise Linux 9 | vim | Affected |
| Red Hat OpenShift Container Platform 4 | rhcos | Affected |
Apply commands
yum update -y vim
# or:
dnf upgrade -y vimAffected
| Vendor | Product | Version |
|---|---|---|
| redhat | Red Hat Enterprise Linux 6 | Affected |
| redhat | Red Hat Enterprise Linux 7 | Affected |
| redhat | Red Hat Enterprise Linux 8 | Affected |
| redhat | Red Hat Enterprise Linux 9 | Affected |
| redhat | Red Hat OpenShift Container Platform 4 | Affected |
OS impact
SUSE Affected 1 release
| Version | Status | Fixed in |
|---|---|---|
| β | Affected | β |
Debian Mixed 5 releases
| Version | Status | Fixed in |
|---|---|---|
| trixie | Affected | β |
| sid | Fixed | 2:9.2.0315-1 |
| forky | Fixed | 2:9.2.0315-1 |
| bullseye | Affected | β |
| bookworm | Affected | β |
Red Hat Fixed 2 releases
| Version | Status | Fixed in |
|---|---|---|
| 9 | Fixed | β |
| 8 | Fixed | β |
References
Community-verified mitigations for this CVE will appear above when contributors publish them.
Verify integrity in audit chain (admin only). AS-IS.