Vim is an open source, command line text editor. Prior to version 9.2.0073, an OS command injection vulnerability exists in the `netrw` standard plugin bundled with Vim. By inducing a user to open a crafted URL (e.g., using the `scp://` protocol handler), an attacker can execute arbitrary shell commands with the privileges of the Vim process. Version 9.2.0073 fixes the issue.
This issue has been addressed in the following products: Red Hat Enterprise Linux 10.0 Extended Update Support Via RHSA-2026:6502 https://access.redhat.com/errata/RHSA-2026:6502
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.4 Extended Update Support Via RHSA-2026:6540 https://access.redhat.com/errata/RHSA-2026:6540
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.6 Extended Update Support Via RHSA-2026:6539 https://access.redhat.com/errata/RHSA-2026:6539
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Via RHSA-2026:6619 https://access.redhat.com/errata/RHSA-2026:6619
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Extended Lifecycle Support Via RHSA-2026:6617 https://access.redhat.com/errata/RHSA-2026:6617
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions Via RHSA-2026:6620 https://access.redhat.com/errata/RHSA-2026:6620
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Advanced Update Support Via RHSA-2026:6730 https://access.redhat.com/errata/RHSA-2026:6730
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On Via RHSA-2026:6729 https://access.redhat.com/errata/RHSA-2026:6729
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Red Hat Enterprise Linux 8.6 Telecommunications Update Service Via RHSA-2026:6731 https://access.redhat.com/errata/RHSA-2026:6731
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions Red Hat Enterprise Linux 8.8 Telecommunications Update Service Via RHSA-2026:6736 https://access.redhat.com/errata/RHSA-2026:6736
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2026:6915 https://access.redhat.com/errata/RHSA-2026:6915
This issue has been addressed in the following products: Red Hat Enterprise Linux 10 Via RHSA-2026:7711 https://access.redhat.com/errata/RHSA-2026:7711
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2026:8259 https://access.redhat.com/errata/RHSA-2026:8259
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.13 Via RHSA-2026:7239 https://access.redhat.com/errata/RHSA-2026:7239
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.19 Via RHSA-2026:7243 https://access.redhat.com/errata/RHSA-2026:7243