vim
252 tracked vulnerabilities.
CVE-2026-34714
CRITICAL
Vim < 9.2.0272 - Remote Code Execution via %{expr} Injection in Tabpanel
Mar 30, 2026
CVSS 9.2
EPSS 0.01
CVE-2026-33412
MEDIUM
Vim affected by Command injection via newline in glob()
Mar 24, 2026
CVSS 5.6
EPSS 0.01
CVE-2026-32249
MEDIUM
Vim 9.1.0011-9.2.0137 - Memory Corruption
Mar 12, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-28422
LOW
vim < 9.2.0078 - Stack-based Buffer Overflow in Statusline Rendering
Feb 27, 2026
CVSS 2.2
EPSS 0.00
CVE-2026-28421
MEDIUM
Vim < 9.2.0077 - Heap Buffer Overflow and Denial of Service via Swap File Recovery
Feb 27, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-28420
MEDIUM
Vim < 9.2.0076 - Heap-based Buffer Overflow in Terminal Emulator
Feb 27, 2026
CVSS 4.4
EPSS 0.00
CVE-2026-28419
MEDIUM
vim < 9.2.0075 - Heap-Based Buffer Underflow in Emacs-Style Tags File Parser
Feb 27, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-28418
MEDIUM
Vim < 9.2.0074 - Heap-based Buffer Overflow in Emacs-style Tags File Parser
Feb 27, 2026
CVSS 4.4
EPSS 0.00
CVE-2026-28417
MEDIUM
Vim < 9.2.0073 - OS Command Injection via netrw Plugin SCP URL Handler
Feb 27, 2026
CVSS 4.4
EPSS 0.01
CVE-2026-26269
MEDIUM
Vim < 9.1.2148 - Stack-based Buffer Overflow in NetBeans Special Keys Processing
Feb 13, 2026
CVSS 5.4
EPSS 0.00
CVE-2026-25749
MEDIUM
Vim < 9.1.2132 - Heap-based Buffer Overflow in Tag File Resolution
Feb 06, 2026
CVSS 6.6
EPSS 0.00
CVE-2025-66476
HIGH
Vim < 9.1.1947 - Uncontrolled Search Path Element on Windows via Current Working Directory
Dec 02, 2025
CVSS 7.8
EPSS 0.00
CVE-2025-9390
MEDIUM
vim 9.1.1459-9.1.1615 - Buffer Overflow in xxd
Aug 24, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-9389
LOW
vim 9.1.0000 - Memory Corruption in __memmove_avx_unaligned_erms
Aug 24, 2025
CVSS 3.3
EPSS 0.00
CVE-2025-55158
HIGH
vim 9.1.1231-9.1.1406 - Double Free in Vim9 Script Import Typed Value Handling
Aug 11, 2025
CVSS 8.8
EPSS 0.00
CVE-2025-55157
HIGH
Vim 9.1.1231-9.1.1400 - Use-After-Free in Tuple Reference Management
Aug 11, 2025
CVSS 8.8
EPSS 0.00
CVE-2025-53906
MEDIUM
Vim < 9.1.1551 - Path Traversal and Arbitrary File Write via Zip Archive Processing
Jul 15, 2025
CVSS 4.1
EPSS 0.01
CVE-2025-53905
MEDIUM
Vim < 9.1.1552 - Path Traversal and Arbitrary File Write via tar.vim Plugin
Jul 15, 2025
CVSS 4.1
EPSS 0.00
CVE-2025-29768
MEDIUM
Vim < 9.1.1198 - Data Loss via Crafted Zip File in zip.vim
Mar 13, 2025
CVSS 4.4
EPSS 0.00
CVE-2025-27423
HIGH
Vim 9.1.0858-9.1.1163 - Command Injection via tar.vim Plugin
Mar 03, 2025
CVSS 7.1
EPSS 0.21
CVE-2025-26603
MEDIUM
Vim < 9.1.1115 - Use-After-Free via :display Command Redirection
Feb 18, 2025
CVSS 4.2
EPSS 0.00
CVE-2025-1215
LOW
vim < 9.1.1097 - Memory Corruption via --log Argument
Feb 12, 2025
CVSS 2.8
EPSS 0.01
CVE-2025-24014
MEDIUM
Vim < 9.1.1043 - Out-of-bounds Write via Silent Ex Mode Binary Character Handling
Jan 20, 2025
CVSS 4.2
EPSS 0.00
CVE-2025-22134
MEDIUM
vim < 9.1.1003 - Heap-based Buffer Overflow via :all Command in Visual Mode
Jan 13, 2025
CVSS 4.2
EPSS 0.00
CVE-2024-47814
LOW
Vim < 9.1.0764 - Use-After-Free via BufWinLeave Auto Command
Oct 07, 2024
CVSS 3.9
EPSS 0.00
Quick Filters