Neovim

Neovim

7 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 0.92%
  • Veröffentlicht 08.06.2026 04:15:11
  • Zuletzt bearbeitet 08.06.2026 14:57:14

A flaw has been found in Neovim up to 0.12.2. Affected by this issue is the function M.read of the file runtime/lua/vim/secure.lua of the component View Branch. Executing a manipulation of the argument path can lead to command injection. It is possib...

Exploit
  • EPSS 0.25%
  • Veröffentlicht 08.05.2026 22:42:35
  • Zuletzt bearbeitet 09.06.2026 18:28:04

Vim is an open source, command line text editor. Prior to version 9.2.0450, a heap buffer overflow exists in read_compound() in src/spellfile.c when loading a crafted spell file (.spl) with UTF-8 encoding active. An attacker-controlled length field i...

Exploit
  • EPSS 0.21%
  • Veröffentlicht 06.02.2026 22:43:38
  • Zuletzt bearbeitet 09.06.2026 18:28:09

Vim is an open source, command line text editor. Prior to version 9.1.2132, a heap buffer overflow vulnerability exists in Vim's tag file resolution logic when processing the 'helpfile' option. The vulnerability is located in the get_tagfname() funct...

  • EPSS 0.37%
  • Veröffentlicht 13.01.2025 21:15:14
  • Zuletzt bearbeitet 09.06.2026 18:28:13

When switching to other buffers using the :all command and visual mode still being active, this may cause a heap-buffer overflow, because Vim does not properly end visual mode and therefore may try to access beyond the end of a line in a buffer. In P...

  • EPSS 0.35%
  • Veröffentlicht 16.08.2024 02:15:17
  • Zuletzt bearbeitet 09.06.2026 18:28:22

The UNIX editor Vim prior to version 9.1.0678 has a use-after-free error in argument list handling. When adding a new file to the argument list, this triggers `Buf*` autocommands. If in such an autocommand the buffer that was just opened is closed (i...

Exploit
  • EPSS 1.79%
  • Veröffentlicht 01.12.2021 10:15:07
  • Zuletzt bearbeitet 29.05.2026 20:09:37

vim is vulnerable to Heap-based Buffer Overflow

Exploit
  • EPSS 19.11%
  • Veröffentlicht 05.06.2019 14:29:11
  • Zuletzt bearbeitet 11.11.2025 17:15:34

getchar.c in Vim before 8.1.1365 and Neovim before 0.3.6 allows remote attackers to execute arbitrary OS commands via the :source! command in a modeline, as demonstrated by execute in Vim, and assert_fails or nvim_input in Neovim.