Vim

Vim

246 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.3%
  • Veröffentlicht 11.06.2026 18:33:09
  • Zuletzt bearbeitet 15.06.2026 13:12:47

Vim is an open source, command line text editor. Prior to version 9.2.0565, the update_snapshot() function in src/terminal.c copies the visible terminal screen into the scrollback buffer when a snapshot is taken. For each screen cell it walks the cel...

  • EPSS 0.2%
  • Veröffentlicht 11.06.2026 18:32:32
  • Zuletzt bearbeitet 15.06.2026 13:32:35

Vim is an open source, command line text editor. Prior to version 9.2.0561, the Python omni-completion script in python3complete.vim for Vim with the +python3 interpreter enabled (and the legacy pythoncomplete.vim for builds with the +python interpre...

  • EPSS 0.22%
  • Veröffentlicht 11.06.2026 18:32:14
  • Zuletzt bearbeitet 30.06.2026 03:20:23

Vim is an open source, command line text editor. Prior to version 9.2.0495, a Vimscript code injection vulnerability exists in s:NetrwBookHistSave() in the netrw plugin (runtime/pack/dist/opt/netrw/autoload/netrw.vim) when serializing browsed directo...

  • EPSS 0.14%
  • Veröffentlicht 11.06.2026 18:31:44
  • Zuletzt bearbeitet 15.06.2026 13:32:14

Vim is an open source, command line text editor. Prior to version 9.2.0496, a code injection vulnerability exists in s:stepmatch() in the cucumber filetype plugin (runtime/ftplugin/cucumber.vim) on Vim builds with +ruby support. Step-definition patte...

  • EPSS 0.55%
  • Veröffentlicht 15.05.2026 14:57:31
  • Zuletzt bearbeitet 19.05.2026 12:27:28

Vim is an open source, command line text editor. Prior to 9.2.0479, a command injection vulnerability exists in tar#Vimuntar() in runtime/autoload/tar.vim when decompressing .tgz archives on Unix-like systems. The function builds :!gunzip and :!gzip ...

Exploit
  • EPSS 0.25%
  • Veröffentlicht 08.05.2026 22:42:35
  • Zuletzt bearbeitet 09.06.2026 18:28:04

Vim is an open source, command line text editor. Prior to version 9.2.0450, a heap buffer overflow exists in read_compound() in src/spellfile.c when loading a crafted spell file (.spl) with UTF-8 encoding active. An attacker-controlled length field i...

  • EPSS 0.92%
  • Veröffentlicht 08.05.2026 22:40:49
  • Zuletzt bearbeitet 14.05.2026 13:59:30

Vim is an open source, command line text editor. Prior to version 9.2.0435, an OS command injection vulnerability exists in Vim's :find command-line completion. When the path option contains backtick-enclosed shell commands, those commands are execut...

  • EPSS 0.77%
  • Veröffentlicht 08.05.2026 22:38:53
  • Zuletzt bearbeitet 14.05.2026 13:55:49

Vim is an open source, command line text editor. Prior to version 9.2.0383, an OS command injection vulnerability exists in the netrw standard plugin bundled with Vim. By inducing a user to open a crafted URL (e.g., using the sftp:// or file:// proto...

  • EPSS 0.5%
  • Veröffentlicht 24.04.2026 16:51:39
  • Zuletzt bearbeitet 27.04.2026 13:39:23

Vim is an open source, command line text editor. Prior to 9.2.0357, A command injection vulnerability exists in Vim's tag file processing. When resolving a tag, the filename field from the tags file is passed through wildcard expansion to resolve env...

  • EPSS 0.62%
  • Veröffentlicht 08.04.2026 20:18:19
  • Zuletzt bearbeitet 22.04.2026 16:50:17

Vim is an open source, command line text editor. Prior to 9.2.0316, a command injection vulnerability in Vim's netbeans interface allows a malicious netbeans server to execute arbitrary Ex commands when Vim connects to it, via unsanitized strings in ...