CVE-2026-55693
- EPSS 0.13%
- Veröffentlicht 25.06.2026 15:34:33
- Zuletzt bearbeitet 26.06.2026 14:17:05
Vim is an open source, command line text editor. Prior to 9.2.0653, the tree_count_words() function in src/spellfile.c fills in the word-count fields of a spell-file word trie by walking it iteratively with a depth counter. The counter is bounded onl...
CVE-2026-55892
- EPSS 0.12%
- Veröffentlicht 25.06.2026 15:32:41
- Zuletzt bearbeitet 26.06.2026 19:16:44
Vim is an open source, command line text editor. Prior to 9.2.0662, the dump_prefixes() function in src/spell.c walks a spell-file prefix trie iteratively with a depth counter while dumping the prefixes that apply to a word. The counter is bounded on...
CVE-2026-55895
- EPSS 0.15%
- Veröffentlicht 25.06.2026 15:31:29
- Zuletzt bearbeitet 26.06.2026 05:16:31
Vim is an open source, command line text editor. Prior to 9.2.0663, a Vimscript code injection vulnerability exists in s:NetrwLocalRmFile() in the netrw plugin (runtime/pack/dist/opt/netrw/autoload/netrw.vim) when deleting a local file from the brows...
CVE-2026-57451
- EPSS 0.11%
- Veröffentlicht 25.06.2026 15:28:50
- Zuletzt bearbeitet 26.06.2026 04:11:55
Vim is an open source, command line text editor. Prior to 9.2.0670, get_text_props() in src/textprop.c reads a uint16 property count stored inline after a line's text and returns it as the number of 32-byte textprop_T entries that follow. The only ch...
CVE-2026-57452
- EPSS 0.12%
- Veröffentlicht 25.06.2026 15:27:50
- Zuletzt bearbeitet 26.06.2026 04:12:32
Vim is an open source, command line text editor. Prior to 9.2.0671, when Vim opens a file encrypted with the VimCrypt~04! or VimCrypt~05! method (xchacha20poly1305, requires the +sodium feature) whose body is shorter than a single libsodium secretstr...
CVE-2026-57453
- EPSS 0.14%
- Veröffentlicht 25.06.2026 15:26:48
- Zuletzt bearbeitet 26.06.2026 17:16:34
Vim is an open source, command line text editor. From 9.1.1784 until 9.2.0678, when the bundled zip plugin autoload/zip.vim falls back to PowerShell to browse, read, extract, update or delete entries in a zip archive, it builds the PowerShell command...
CVE-2026-57454
- EPSS 0.12%
- Veröffentlicht 25.06.2026 15:24:54
- Zuletzt bearbeitet 26.06.2026 19:16:45
Vim is an open source, command line text editor. From 9.2.0320 until 9.2.0679, a crafted undo or swap file can store a virtual-text property whose offset and length point outside the line's property data. When Vim restores or displays such a line it ...
CVE-2026-57455
- EPSS 0.12%
- Veröffentlicht 25.06.2026 15:22:37
- Zuletzt bearbeitet 26.06.2026 04:23:21
Vim is an open source, command line text editor. Prior to 9.2.0698, the single-byte branch of spell_soundfold_sofo() in src/spell.c translates a word through a spell file's SOFO (sound-folding) byte map into a caller-owned result buffer. Its copy loo...
CVE-2026-57456
- EPSS 0.14%
- Veröffentlicht 25.06.2026 15:16:16
- Zuletzt bearbeitet 26.06.2026 05:16:31
Vim is an open source, command line text editor. Prior to 9.2.0699, Vim's Python omni-completion (runtime/autoload/python3complete.vim and the legacy pythoncomplete.vim) executes reconstructed function and class definitions from the current buffer wi...
CVE-2026-52860
- EPSS 0.22%
- Veröffentlicht 11.06.2026 18:33:45
- Zuletzt bearbeitet 30.06.2026 03:20:49
Vim is an open source, command line text editor. Prior to version 9.2.0597, Vim's Python omni-completion executes reconstructed function and class definitions from the current buffer with exec() as part of populating the completion dictionary. Python...