vim

235 tracked vulnerabilities.

CVE-2025-53905 MEDIUM
Vim < 9.1.1552 - Path Traversal and Arbitrary File Write via tar.vim Plugin
Jul 15, 2025
CVSS 4.1
EPSS 0.00
CVE-2025-29768 MEDIUM
Vim < 9.1.1198 - Data Loss via Crafted Zip File in zip.vim
Mar 13, 2025
CVSS 4.4
EPSS 0.00
CVE-2025-27423 HIGH
Vim 9.1.0858-9.1.1163 - Command Injection via tar.vim Plugin
Mar 03, 2025
CVSS 7.1
EPSS 0.02
CVE-2025-26603 MEDIUM
Vim < 9.1.1115 - Use-After-Free via :display Command Redirection
Feb 18, 2025
CVSS 4.2
EPSS 0.00
CVE-2025-1215 LOW
vim < 9.1.1097 - Memory Corruption via --log Argument
Feb 12, 2025
CVSS 2.8
EPSS 0.00
CVE-2025-24014 MEDIUM
Vim < 9.1.1043 - Out-of-bounds Write via Silent Ex Mode Binary Character Handling
Jan 20, 2025
CVSS 4.2
EPSS 0.00
CVE-2025-22134 MEDIUM
vim < 9.1.1003 - Heap-based Buffer Overflow via :all Command in Visual Mode
Jan 13, 2025
CVSS 4.2
EPSS 0.00
CVE-2024-47814 LOW
Vim < 9.1.0764 - Use-After-Free via BufWinLeave Auto Command
Oct 07, 2024
CVSS 3.9
EPSS 0.00
CVE-2024-45306 MEDIUM
vim 9.1.0038-9.1.0707 - Heap-based Buffer Overflow in Cursor Position Calculation
Sep 02, 2024
CVSS 4.5
EPSS 0.00
CVE-2024-43802 MEDIUM
Vim < 9.1.0697 - Heap-based Buffer Overflow in Typeahead Buffer Handling
Aug 26, 2024
CVSS 4.5
EPSS 0.00
CVE-2024-43790 MEDIUM
Vim 9.1.0425-9.1.0689 - Heap-based Buffer Overflow via Search Pattern with ASCII NUL Characters
Aug 22, 2024
CVSS 4.5
EPSS 0.00
CVE-2024-43374 MEDIUM
Netapp Bootstrap OS < 9.1.0678 - Use After Free
Aug 16, 2024
CVSS 4.5
EPSS 0.00
CVE-2024-41965 MEDIUM
Vim < 9.1.0648 - Double Free in dialog_changed()
Aug 01, 2024
CVSS 4.2
EPSS 0.00
CVE-2024-41957 MEDIUM
Vim < 9.1.0647 - Double Free in Tagstack Data Handling
Aug 01, 2024
CVSS 4.5
EPSS 0.00
CVE-2024-22667 HIGH
Vim < 9.0.2142 - Stack-based Buffer Overflow in did_set_langmap
Feb 05, 2024
CVSS 7.8
EPSS 0.00
CVE-2023-48706 LOW
Vim < 9.0.2121 - Use-After-Free via Sub-Replace-Special Atom in :s Command
Nov 22, 2023
CVSS 3.6
EPSS 0.00
CVE-2023-48237 LOW
vim < 9.0.2112 - Integer Overflow in Operator Pending Mode Line Shift
Nov 16, 2023
CVSS 2.8
EPSS 0.00
CVE-2023-48236 LOW
vim < 9.0.2111 - Integer Overflow via z= Command
Nov 16, 2023
CVSS 2.8
EPSS 0.00
CVE-2023-48235 LOW
vim < 9.0.2110 - Integer Overflow in Relative Ex Address Parsing
Nov 16, 2023
CVSS 2.8
EPSS 0.00
CVE-2023-48234 LOW
vim < 9.0.2109 - Integer Overflow via Normal Mode z Command Count
Nov 16, 2023
CVSS 2.8
EPSS 0.00
CVE-2023-48233 LOW
vim < 9.0.2108 - Integer Overflow via :s Command Count
Nov 16, 2023
CVSS 2.8
EPSS 0.00
CVE-2023-48232 LOW
Vim < 9.0.2107 - Denial of Service via Floating Point Exception in Smooth Scrolling
Nov 16, 2023
CVSS 3.9
EPSS 0.00
CVE-2023-48231 LOW
vim < 9.0.2106 - Use-After-Free in Window Close Operation
Nov 16, 2023
CVSS 3.9
EPSS 0.00
CVE-2023-46246 MEDIUM
vim < 9.0.2068 - Use-After-Free via Integer Overflow in History Command
Oct 27, 2023
CVSS 4.0
EPSS 0.00
CVE-2023-5535 HIGH
vim < 9.0.2010 - Use-After-Free
Oct 11, 2023
CVSS 7.8
EPSS 0.00
Products
vim 232 gvim 2 Vim 1 netrw 1 tar.vim 1 zipplugin.vim 1
Quick Filters
Critical CVEs With Exploits In CISA KEV