StackPatch is liveSee product

Back to CVE digest
CVE-2026-35177 · cross-distro fix matrix

CVE-2026-35177: Michał Majchrowicz discovered that Vim's zip plugin could overwrite

Affects 5 Linux releases across 50 (distro × package) combinations. First disclosed: 2026-04-27.

Fix per ecosystem

Each block below is a distro release where CVE-2026-35177 has a known fix. Run the listed command on that distro to remediate.

Ubuntu bionic

Source: Ubuntu USN

  • vim→ fixed in2:8.0.1453-1ubuntu1.13+esm16USN-8213-1
    sudo apt-get install --only-upgrade -y vim
  • vim-athena→ fixed in2:8.0.1453-1ubuntu1.13+esm16USN-8213-1
    sudo apt-get install --only-upgrade -y vim-athena
  • vim-common→ fixed in2:8.0.1453-1ubuntu1.13+esm16USN-8213-1
    sudo apt-get install --only-upgrade -y vim-common
  • vim-doc→ fixed in2:8.0.1453-1ubuntu1.13+esm16USN-8213-1
    sudo apt-get install --only-upgrade -y vim-doc
  • vim-gnome→ fixed in2:8.0.1453-1ubuntu1.13+esm16USN-8213-1
    sudo apt-get install --only-upgrade -y vim-gnome
  • vim-gtk→ fixed in2:8.0.1453-1ubuntu1.13+esm16USN-8213-1
    sudo apt-get install --only-upgrade -y vim-gtk
  • vim-gtk3→ fixed in2:8.0.1453-1ubuntu1.13+esm16USN-8213-1
    sudo apt-get install --only-upgrade -y vim-gtk3
  • vim-gui-common→ fixed in2:8.0.1453-1ubuntu1.13+esm16USN-8213-1
    sudo apt-get install --only-upgrade -y vim-gui-common
  • vim-nox→ fixed in2:8.0.1453-1ubuntu1.13+esm16USN-8213-1
    sudo apt-get install --only-upgrade -y vim-nox
  • vim-runtime→ fixed in2:8.0.1453-1ubuntu1.13+esm16USN-8213-1
    sudo apt-get install --only-upgrade -y vim-runtime
  • vim-tiny→ fixed in2:8.0.1453-1ubuntu1.13+esm16USN-8213-1
    sudo apt-get install --only-upgrade -y vim-tiny
  • xxd→ fixed in2:8.0.1453-1ubuntu1.13+esm16USN-8213-1
    sudo apt-get install --only-upgrade -y xxd

Ubuntu focal

Source: Ubuntu USN

  • vim→ fixed in2:8.1.2269-1ubuntu5.32+esm4USN-8213-1
    sudo apt-get install --only-upgrade -y vim
  • vim-athena→ fixed in2:8.1.2269-1ubuntu5.32+esm4USN-8213-1
    sudo apt-get install --only-upgrade -y vim-athena
  • vim-common→ fixed in2:8.1.2269-1ubuntu5.32+esm4USN-8213-1
    sudo apt-get install --only-upgrade -y vim-common
  • vim-doc→ fixed in2:8.1.2269-1ubuntu5.32+esm4USN-8213-1
    sudo apt-get install --only-upgrade -y vim-doc
  • vim-gtk→ fixed in2:8.1.2269-1ubuntu5.32+esm4USN-8213-1
    sudo apt-get install --only-upgrade -y vim-gtk
  • vim-gtk3→ fixed in2:8.1.2269-1ubuntu5.32+esm4USN-8213-1
    sudo apt-get install --only-upgrade -y vim-gtk3
  • vim-gui-common→ fixed in2:8.1.2269-1ubuntu5.32+esm4USN-8213-1
    sudo apt-get install --only-upgrade -y vim-gui-common
  • vim-nox→ fixed in2:8.1.2269-1ubuntu5.32+esm4USN-8213-1
    sudo apt-get install --only-upgrade -y vim-nox
  • vim-runtime→ fixed in2:8.1.2269-1ubuntu5.32+esm4USN-8213-1
    sudo apt-get install --only-upgrade -y vim-runtime
  • vim-tiny→ fixed in2:8.1.2269-1ubuntu5.32+esm4USN-8213-1
    sudo apt-get install --only-upgrade -y vim-tiny
  • xxd→ fixed in2:8.1.2269-1ubuntu5.32+esm4USN-8213-1
    sudo apt-get install --only-upgrade -y xxd

Ubuntu jammy

Source: Ubuntu USN

  • vim→ fixed in2:8.2.3995-1ubuntu2.28USN-8213-1
    sudo apt-get install --only-upgrade -y vim
  • vim-athena→ fixed in2:8.2.3995-1ubuntu2.28USN-8213-1
    sudo apt-get install --only-upgrade -y vim-athena
  • vim-common→ fixed in2:8.2.3995-1ubuntu2.28USN-8213-1
    sudo apt-get install --only-upgrade -y vim-common
  • vim-doc→ fixed in2:8.2.3995-1ubuntu2.28USN-8213-1
    sudo apt-get install --only-upgrade -y vim-doc
  • vim-gtk→ fixed in2:8.2.3995-1ubuntu2.28USN-8213-1
    sudo apt-get install --only-upgrade -y vim-gtk
  • vim-gtk3→ fixed in2:8.2.3995-1ubuntu2.28USN-8213-1
    sudo apt-get install --only-upgrade -y vim-gtk3
  • vim-gui-common→ fixed in2:8.2.3995-1ubuntu2.28USN-8213-1
    sudo apt-get install --only-upgrade -y vim-gui-common
  • vim-nox→ fixed in2:8.2.3995-1ubuntu2.28USN-8213-1
    sudo apt-get install --only-upgrade -y vim-nox
  • vim-runtime→ fixed in2:8.2.3995-1ubuntu2.28USN-8213-1
    sudo apt-get install --only-upgrade -y vim-runtime
  • vim-tiny→ fixed in2:8.2.3995-1ubuntu2.28USN-8213-1
    sudo apt-get install --only-upgrade -y vim-tiny
  • xxd→ fixed in2:8.2.3995-1ubuntu2.28USN-8213-1
    sudo apt-get install --only-upgrade -y xxd

Ubuntu noble

Source: Ubuntu USN

  • vim→ fixed in2:9.1.0016-1ubuntu7.12USN-8213-1
    sudo apt-get install --only-upgrade -y vim
  • vim-athena→ fixed in2:9.1.0016-1ubuntu7.12USN-8213-1
    sudo apt-get install --only-upgrade -y vim-athena
  • vim-common→ fixed in2:9.1.0016-1ubuntu7.12USN-8213-1
    sudo apt-get install --only-upgrade -y vim-common
  • vim-doc→ fixed in2:9.1.0016-1ubuntu7.12USN-8213-1
    sudo apt-get install --only-upgrade -y vim-doc
  • vim-gtk3→ fixed in2:9.1.0016-1ubuntu7.12USN-8213-1
    sudo apt-get install --only-upgrade -y vim-gtk3
  • vim-gui-common→ fixed in2:9.1.0016-1ubuntu7.12USN-8213-1
    sudo apt-get install --only-upgrade -y vim-gui-common
  • vim-motif→ fixed in2:9.1.0016-1ubuntu7.12USN-8213-1
    sudo apt-get install --only-upgrade -y vim-motif
  • vim-nox→ fixed in2:9.1.0016-1ubuntu7.12USN-8213-1
    sudo apt-get install --only-upgrade -y vim-nox
  • vim-runtime→ fixed in2:9.1.0016-1ubuntu7.12USN-8213-1
    sudo apt-get install --only-upgrade -y vim-runtime
  • vim-tiny→ fixed in2:9.1.0016-1ubuntu7.12USN-8213-1
    sudo apt-get install --only-upgrade -y vim-tiny
  • xxd→ fixed in2:9.1.0016-1ubuntu7.12USN-8213-1
    sudo apt-get install --only-upgrade -y xxd

Ubuntu questing

Source: Ubuntu USN

  • vim→ fixed in2:9.1.0967-1ubuntu6.3USN-8213-1
    sudo apt-get install --only-upgrade -y vim
  • vim-athena→ fixed in2:9.1.0967-1ubuntu6.3USN-8213-1
    sudo apt-get install --only-upgrade -y vim-athena
  • vim-common→ fixed in2:9.1.0967-1ubuntu6.3USN-8213-1
    sudo apt-get install --only-upgrade -y vim-common
  • vim-doc→ fixed in2:9.1.0967-1ubuntu6.3USN-8213-1
    sudo apt-get install --only-upgrade -y vim-doc
  • vim-gtk3→ fixed in2:9.1.0967-1ubuntu6.3USN-8213-1
    sudo apt-get install --only-upgrade -y vim-gtk3
Are YOU affected by CVE-2026-35177?

5-second check on your actual server. Reads /etc/os-release, uname -r, and the distro's package manager; matches against this same cross-source index live.

curl https://mindsparkstack.com/scan.sh | bash
Form-based quickscan View on NVD
Continuous monitoring beats manual checking

CVE-2026-35177dropped silently in your distro's update channel. Every new CVE is the same story. StackPatch runs the matcher hourly against all 5 sources and emails the exact remediation when something new applies to one of your servers. $99 lifetime, 50 founder seats, 30-day refund.

See StackPatch ($99 lifetime)