VYPR
Unrated severityNVD Advisory· Published Feb 27, 2026· Updated Mar 2, 2026

Vim has Heap-based Buffer Overflow and OOB Read in :terminal

CVE-2026-28420

Description

Vim is an open source, command line text editor. Prior to version 9.2.0076, a heap-based buffer overflow WRITE and an out-of-bounds READ exist in Vim's terminal emulator when processing maximum combining characters from Unicode supplementary planes. Version 9.2.0076 fixes the issue.

Affected products

21

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.