CVE-2025-55158
- EPSS 0.33%
- Veröffentlicht 11.08.2025 22:54:12
- Zuletzt bearbeitet 12.08.2025 18:49:05
Vim is an open source, command line text editor. In versions from 9.1.1231 to before 9.1.1406, when processing nested tuples during Vim9 script import operations, an error during evaluation can trigger a double-free in Vim’s internal typed value (typ...
CVE-2025-53906
- EPSS 0.73%
- Veröffentlicht 15.07.2025 20:52:40
- Zuletzt bearbeitet 01.04.2026 19:16:24
Vim is an open source, command line text editor. Prior to version 9.1.1551, a path traversal issue in Vim’s zip.vim plugin can allow overwriting of arbitrary files when opening specially crafted zip archives. Impact is low because this exploit requir...
CVE-2025-53905
- EPSS 0.24%
- Veröffentlicht 15.07.2025 20:48:34
- Zuletzt bearbeitet 04.11.2025 22:16:27
Vim is an open source, command line text editor. Prior to version 9.1.1552, a path traversal issue in Vim’s tar.vim plugin can allow overwriting of arbitrary files when opening specially crafted tar archives. Impact is low because this exploit requir...
CVE-2025-29768
- EPSS 0.34%
- Veröffentlicht 13.03.2025 17:15:37
- Zuletzt bearbeitet 18.08.2025 14:14:27
Vim, a text editor, is vulnerable to potential data loss with zip.vim and special crafted zip files in versions prior to 9.1.1198. The impact is medium because a user must be made to view such an archive with Vim and then press 'x' on such a strange ...
CVE-2025-27423
- EPSS 20.78%
- Veröffentlicht 03.03.2025 17:15:15
- Zuletzt bearbeitet 18.08.2025 18:20:37
Vim is an open source, command line text editor. Vim is distributed with the tar.vim plugin, that allows easy editing and viewing of (compressed or uncompressed) tar files. Starting with 9.1.0858, the tar.vim plugin uses the ":read" ex command line t...
CVE-2025-26603
- EPSS 0.22%
- Veröffentlicht 18.02.2025 19:15:29
- Zuletzt bearbeitet 18.08.2025 18:23:32
Vim is a greatly improved version of the good old UNIX editor Vi. Vim allows to redirect screen messages using the `:redir` ex command to register, variables and files. It also allows to show the contents of registers using the `:registers` or `:disp...
CVE-2025-1215
- EPSS 0.49%
- Veröffentlicht 12.02.2025 19:15:10
- Zuletzt bearbeitet 13.08.2025 17:28:19
A vulnerability classified as problematic was found in vim up to 9.1.1096. This vulnerability affects unknown code of the file src/main.c. The manipulation of the argument --log leads to memory corruption. It is possible to launch the attack on the l...
CVE-2025-24014
- EPSS 0.26%
- Veröffentlicht 20.01.2025 23:15:07
- Zuletzt bearbeitet 14.08.2025 01:40:54
Vim is an open source, command line text editor. A segmentation fault was found in Vim before 9.1.1043. In silent Ex mode (-s -e), Vim typically doesn't show a screen and just operates silently in batch mode. However, it is still possible to trigger ...
CVE-2025-22134
- EPSS 0.37%
- Veröffentlicht 13.01.2025 21:15:14
- Zuletzt bearbeitet 09.06.2026 18:28:13
When switching to other buffers using the :all command and visual mode still being active, this may cause a heap-buffer overflow, because Vim does not properly end visual mode and therefore may try to access beyond the end of a line in a buffer. In P...
CVE-2024-47814
- EPSS 0.29%
- Veröffentlicht 07.10.2024 22:15:03
- Zuletzt bearbeitet 03.11.2025 21:16:30
Vim is an open source, command line text editor. A use-after-free was found in Vim < 9.1.0764. When closing a buffer (visible in a window) a BufWinLeave auto command can cause an use-after-free if this auto command happens to re-open the same buffer ...