Detections
Analytics

SUSE SLES12 Security Update : vim (SUSE-SU-2026:1764-1)

high Nessus Plugin ID 313684

Synopsis

The remote SUSE host is missing a security update.

Description

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2026:1764-1 advisory.

 This update for vim fixes the following issue:

 Security fixes:

 - CVE-2026-39881: command injection in NetBeans interface can lead to arbitrary file reads and writes (bsc#1261833).

 Other fixes:

 - Update to 9.2.0398.
 * 9.2.0398: MS-Windows: missing strptime() support
 * 9.2.0397: tabpanel: double-click opens a new tab
 * 9.2.0396: tests: Test_error_callback_terminal is flaky on macOS
 * 9.2.0395: tests: Test_backupskip() may read from $HOME
 * 9.2.0394: xxd: offsets greater than LONG_MAX print as negative
 * 9.2.0393: MS-Windows: link error with XPM support on UCRT64
 * 9.2.0392: tests: Some tests are flaky
 * 9.2.0391: tests: Comment in test_vim9_cmd breaks syntax highlighting
 * 9.2.0390: filetype: some Beancount files are not recognized
 * 9.2.0389: DECRQM still leaves stray 'pp' on Apple Terminal.app
 * 9.2.0388: strange indent in update_topline()
 * 9.2.0387: DECRQM request may leave stray chars in terminal
 * 9.2.0386: No scroll/scrollbar support in the tabpanel
 * 9.2.0385: Integer overflow with 'ze' and large 'sidescrolloff'
 * 9.2.0384: stale Insstart after <Cmd> cursor move breaks undo
 * 9.2.0383: [security]: runtime(netrw): shell-injection via sftp: and file: URLs
 * 9.2.0382: Wayland: focus-stealing is non-working
 * 9.2.0381: Vim9: Missing check_secure() in exec_instructions()
 * 9.2.0380: completion: a few issues in completion code
 * 9.2.0379: gui.color_approx is never used
 * 9.2.0378: Using int as bool type in win_T struct
 * 9.2.0377: Using int as bool type in gui_T struct
 * 9.2.0376: Vim9: elseif condition compiled in dead branch
 * 9.2.0375: prop_find() does not find a virt text in starting line
 * 9.2.0374: c_CTRL-{G,T} does not handle offset
 * 9.2.0373: Ctrl-R mapping not triggered during completion
 * 9.2.0372: pum: rendering issues with multibyte text and opacity
 * 9.2.0371: filetype: ghostty config files are not recognized
 * 9.2.0370: duplicate code with literal string_T assignment
 * 9.2.0369: multiple definitions of STRING_INIT macro
 * 9.2.0368: too many strlen() calls when adding strings to dicts
 * 9.2.0367: runtime(netrw): ~ note expanded on MS Windows
 * 9.2.0366: pum: flicker when updating pum in place
 * 9.2.0365: using int as bool
 * 9.2.0364: tests: test_smoothscroll_textoff_showbreak() fails
 * 9.2.0363: Vim9: variable shadowed by script-local function
 * 9.2.0362: division by zero with smoothscroll and small windows
 * 9.2.0361: tests: no tests for ch_listen() with IPs
 * 9.2.0360: Cannot handle mouse-clicks in the tabpanel
 * 9.2.0359: wrong VertSplitNC highlighting on winbar
 * 9.2.0358: runtime(vimball): still path traversal attacks possible
 * 9.2.0357: [security]: command injection via backticks in tag files
 * 9.2.0356: Cannot apply 'scrolloff' context lines at end of file
 * 9.2.0355: runtime(tar): missing path traversal checks in tar#Extract()
 * 9.2.0354: filetype: not all Bitbake include files are recognized
 * 9.2.0353: Missing out-of-memory check in register.c
 * 9.2.0352: 'winhighlight' of left window blends into right window
 * 9.2.0351: repeat_string() can be improved
 * 9.2.0350: Enabling modelines poses a risk
 * 9.2.0349: cannot style non-current window separator
 * 9.2.0348: potential buffer underrun when setting statusline like option
 * 9.2.0347: Vim9: script-local variable not found
 * 9.2.0346: Wrong cursor position when entering command line window
 * 9.2.0345: Wrong autoformatting with 'autocomplete'
 * 9.2.0344: channel: ch_listen() can bind to network interface
 * 9.2.0343: tests: test_clientserver may fail on slower systems
 * 9.2.0342: tests: test_excmd.vim leaves swapfiles behind
 * 9.2.0341: some functions can be run from the sandbox
 * 9.2.0340: pum_redraw() may cause flicker
 * 9.2.0339: regexp: nfa_regmatch() allocates and frees too often
 * 9.2.0338: Cannot handle mouseclicks in the tabline
 * 9.2.0337: list indexing broken on big-endian 32-bit platforms
 * 9.2.0336: libvterm: no terminal reflow support
 * 9.2.0335: json_encode() uses recursive algorithm
 * 9.2.0334: GTK: window geometry shrinks with with client-side decorations
 * 9.2.0333: filetype: PklProject files are not recognized
 * 9.2.0332: popup: still opacity rendering issues
 * 9.2.0331: spellfile: stack buffer overflows in spell file generation
 * 9.2.0330: tests: some patterns in tar and zip plugin tests not strict enough
 * 9.2.0329: tests: test_indent.vim leaves swapfiles behind
 * 9.2.0328: Cannot handle mouseclicks in the statusline
 * 9.2.0327: filetype: uv scripts are not detected
 * 9.2.0326: runtime(tar): but with dotted path
 * 9.2.0325: runtime(tar): bug in zstd handling
 * 9.2.0324: 0x9b byte not unescaped in <Cmd> mapping
 * 9.2.0323: filetype: buf.lock files are not recognized
 * 9.2.0322: tests: test_popupwin fails
 * 9.2.0321: MS-Windows: No OpenType font support
 * 9.2.0320: several bugs with text properties
 * 9.2.0319: popup: rendering issues with partially transparent popups
 * 9.2.0318: cannot configure opacity for popup menu
 * 9.2.0317: listener functions do not check secure flag
 * 9.2.0316: [security]: command injection in netbeans interface via defineAnnoType
 * 9.2.0315: missing bound-checks
 * 9.2.0314: channel: can bind to all network interfaces
 * 9.2.0313: Callback channel not registered in GUI
 * 9.2.0312: C-type names are marked as translatable
 * 9.2.0311: redrawing logic with text properties can be improved
 * 9.2.0310: unnecessary work in vim_strchr() and find_term_bykeys()
 * 9.2.0309: Missing out-of-memory check to may_get_cmd_block()
 * 9.2.0308: Error message E1547 is wrong
 * 9.2.0307: more mismatches between return types and documentation
 * 9.2.0306: runtime(tar): some issues with lz4 support
 * 9.2.0305: mismatch between return types and documentation
 * 9.2.0304: tests: test for 9.2.0285 doesn't always fail without the fix
 * 9.2.0303: tests: zip plugin tests don't check for warning message properly
 * 9.2.0302: runtime(netrw): RFC2396 decoding double escaping spaces
 * 9.2.0301: Vim9: void function return value inconsistent
 * 9.2.0300: The vimball plugin needs some love
 * 9.2.0299: runtime(zip): may write using absolute paths
 * 9.2.0298: Some internal variables are not modified
 * 9.2.0297: libvterm: can improve CSI overflow code
 * 9.2.0296: Redundant and incorrect integer pointer casts in drawline.c
 * 9.2.0295: 'showcmd' shows wrong Visual block size with 'linebreak'
 * 9.2.0294: if_lua: lua interface does not work with lua 5.5
 * 9.2.0293: :packadd may lead to heap-buffer-overflow
 * 9.2.0292: E340 internal error when using method call on void value
 * 9.2.0291: too many strlen() calls
 * 9.2.0290: Amiga: no support for AmigaOS 3.x
 * 9.2.0289: 'linebreak' may lead to wrong Visual block highlighting
 * 9.2.0288: libvterm: signed integer overflow parsing long CSI args
 * 9.2.0287: filetype: not all ObjectScript routines are recognized
 * 9.2.0286: still some unnecessary (int) casts in alloc()
 * 9.2.0285: :syn sync grouphere may go beyond end of line
 * 9.2.0284: tabpanel: crash when tabpanel expression returns variable line count
 * 9.2.0283: unnecessary (int) casts before alloc() calls
 * 9.2.0282: tests: Test_viminfo_len_overflow() fails
 * 9.2.0281: tests: Test_netrw_FileUrlEdit.. fails on Windows

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected gvim, vim, vim-data and / or vim-data-common packages.

See Also

https://bugzilla.suse.com/1261833

https://lists.suse.com/pipermail/sle-updates/2026-May/046318.html

https://www.suse.com/security/cve/CVE-2026-39881

Plugin Details

Severity: High

ID: 313684

File Name: suse_SU-2026-1764-1.nasl

Version: 1.1

Type: Local

Agent: unix

Published: 5/10/2026

Updated: 5/10/2026

Supported Sensors: Continuous Assessment, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 7.2

Temporal Score: 5.3

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2026-39881

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 6.8

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:novell:suse_linux:12, p-cpe:/a:novell:suse_linux:vim-data, p-cpe:/a:novell:suse_linux:gvim, p-cpe:/a:novell:suse_linux:vim, p-cpe:/a:novell:suse_linux:vim-data-common

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 5/8/2026

Vulnerability Publication Date: 4/8/2026

Reference Information

CVE: CVE-2026-39881

IAVA: 2026-A-0325-S

SuSE: SUSE-SU-2026:1764-1