Vim

Vim

246 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.13%
  • Veröffentlicht 06.04.2026 17:54:42
  • Zuletzt bearbeitet 20.04.2026 18:28:03

Vim is an open source, command line text editor. Prior to 9.2.0280, a path traversal bypass in Vim's zip.vim plugin allows overwriting of arbitrary files when opening specially crafted zip archives, circumventing the previous fix for CVE-2025-53906. ...

Medienbericht
  • EPSS 0.47%
  • Veröffentlicht 06.04.2026 15:16:48
  • Zuletzt bearbeitet 07.07.2026 12:16:39

Vim is an open source, command line text editor. Prior to version 9.2.0276, a modeline sandbox bypass in Vim allows arbitrary OS command execution when a user opens a crafted file. The `complete`, `guitabtooltip` and `printheader` options are missing...

Medienbericht
  • EPSS 0.59%
  • Veröffentlicht 30.03.2026 18:27:55
  • Zuletzt bearbeitet 30.06.2026 03:18:57

Vim before 9.2.0272 allows code execution that happens immediately upon opening a crafted file in the default configuration, because %{expr} injection occurs with tabpanel lacking P_MLE.

  • EPSS 0.83%
  • Veröffentlicht 24.03.2026 19:43:07
  • Zuletzt bearbeitet 30.06.2026 03:18:39

Vim is an open source, command line text editor. Prior to version 9.2.0202, a command injection vulnerability exists in Vim's glob() function on Unix-like systems. By including a newline character (\n) in a pattern passed to glob(), an attacker may b...

  • EPSS 0.13%
  • Veröffentlicht 12.03.2026 19:17:23
  • Zuletzt bearbeitet 18.03.2026 11:50:06

Vim is an open source, command line text editor. From 9.1.0011 to before 9.2.0137, Vim's NFA regex compiler, when encountering a collection containing a combining character as the endpoint of a character range (e.g. [0-0\u05bb]), incorrectly emits th...

  • EPSS 0.17%
  • Veröffentlicht 27.02.2026 22:16:25
  • Zuletzt bearbeitet 04.03.2026 21:22:05

Vim is an open source, command line text editor. Prior to version 9.2.0075, a heap-based buffer underflow exists in Vim's Emacs-style tags file parsing logic. When processing a malformed tags file where a delimiter appears at the start of a line, Vim...

  • EPSS 0.18%
  • Veröffentlicht 27.02.2026 22:16:25
  • Zuletzt bearbeitet 04.03.2026 20:47:23

Vim is an open source, command line text editor. Prior to version 9.2.0076, a heap-based buffer overflow WRITE and an out-of-bounds READ exist in Vim's terminal emulator when processing maximum combining characters from Unicode supplementary planes. ...

  • EPSS 0.18%
  • Veröffentlicht 27.02.2026 22:16:25
  • Zuletzt bearbeitet 04.03.2026 20:47:36

Vim is an open source, command line text editor. Versions prior to 9.2.0077 have a heap-buffer-overflow and a segmentation fault (SEGV) exist in Vim's swap file recovery logic. Both are caused by unvalidated fields read from crafted pointer blocks wi...

  • EPSS 0.14%
  • Veröffentlicht 27.02.2026 22:16:25
  • Zuletzt bearbeitet 04.03.2026 20:44:22

Vim is an open source, command line text editor. Prior to version 9.2.0078, a stack-buffer-overflow occurs in `build_stl_str_hl()` when rendering a statusline with a multi-byte fill character on a very wide terminal. Version 9.2.0078 patches the issu...

  • EPSS 0.22%
  • Veröffentlicht 27.02.2026 21:58:37
  • Zuletzt bearbeitet 03.03.2026 17:49:55

Vim is an open source, command line text editor. Prior to version 9.2.0074, a heap-based buffer overflow out-of-bounds read exists in Vim's Emacs-style tags file parsing logic. When processing a malformed tags file, Vim can be tricked into reading up...