vim
252 tracked vulnerabilities.
CVE-2026-59858
HIGH
Vim: Arbitrary Code Execution via C Omni-Completion
Jul 09, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-59857
MEDIUM
Vim < 9.2.0725 - SAL Soundfolding Out-of-Bounds Write
Jul 09, 2026
CVSS 5.5
EPSS 0.00
CVE-2026-59856
HIGH
Vim: Arbitrary Code Execution via PHP Omni-Completion
Jul 09, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-57456
HIGH
Vim: Arbitrary Code Execution via Python Omni-Completion Docstrings
Jun 25, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-57455
HIGH
Vim: Stack out-of-bounds write in `spell_soundfold_sofo()` via an over-length `soundfold()` argument
Jun 25, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-57454
MEDIUM
Vim: Out-of-bounds Read with Text Properties
Jun 25, 2026
CVSS 6.1
EPSS 0.00
CVE-2026-57453
MEDIUM
Vim: PowerShell Command Injection via Unescaped Filename in zip.vim Extraction
Jun 25, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-57452
MEDIUM
Vim: Out-of-bounds Read with libsodium-encrypted Files
Jun 25, 2026
CVSS 5.5
EPSS 0.00
CVE-2026-57451
MEDIUM
Vim: Out-of-bounds Read in Text Property Count
Jun 25, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-55895
HIGH
Vim: Vimscript Code Injection in netrw NetrwLocalRmFile() via crafted filename
Jun 25, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-55892
MEDIUM
Vim: Out-of-bounds Write in Spell File Prefix Dump
Jun 25, 2026
CVSS 5.5
EPSS 0.00
CVE-2026-55693
HIGH
Vim: Out-of-bounds Write in Spell File Word Count
Jun 25, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-52860
HIGH
Vim: Arbitrary Code Execution via Python Omni-Completion
Jun 11, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-52859
HIGH
Vim: Out-of-bounds Read in Terminal Screen Snapshot
Jun 11, 2026
CVSS 8.2
EPSS 0.00
CVE-2026-52858
HIGH
Vim: Arbitrary Code Execution via Python Omni-Completion
Jun 11, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-47167
MEDIUM
Vim: Vimscript Code Injection in cucumber filetype plugin via crafted step-definition regex
Jun 11, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-47162
HIGH
Vim: Vimscript Code Injection in netrw NetrwBookHistSave() via crafted directory name
Jun 11, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-46483
LOW
Vim: Command injection in tar#Vimuntar via missing shellescape {special} flag
May 15, 2026
CVSS 3.6
EPSS 0.01
CVE-2026-45130
MEDIUM
Vim: Heap Buffer Overflow in spell file loading
May 08, 2026
CVSS 6.6
EPSS 0.00
CVE-2026-44656
MEDIUM
Vim path Completion - OS Command Injection
May 08, 2026
CVSS 5.3
EPSS 0.01
CVE-2026-42307
MEDIUM
Vim netrw - OS Command Injection
May 08, 2026
CVSS 4.4
EPSS 0.01
CVE-2026-41411
MEDIUM
Vim < 9.2.0357 - OS Command Injection via Tag File Processing
Apr 24, 2026
CVSS 6.6
EPSS 0.01
CVE-2026-39881
MEDIUM
Vim Ex command injection in Vims NetBeans integration
Apr 08, 2026
CVSS 5.0
EPSS 0.01
CVE-2026-35177
MEDIUM
Vim < 9.2.0280 zip.vim - Path Traversal Arbitrary File Overwrite
Apr 06, 2026
CVSS 4.1
EPSS 0.00
CVE-2026-34982
HIGH
Vim modeline bypass via various options affects Vim < 9.2.0276
Apr 06, 2026
CVSS 8.2
EPSS 0.00
Quick Filters