VYPR

Vim

by Vim

Source repositories

CVEs (257)

  • CVE-2026-35177MedApr 6, 2026
    risk 0.27cvss 4.1epss 0.00

    Vim is an open source, command line text editor. Prior to 9.2.0280, a path traversal bypass in Vim's zip.vim plugin allows overwriting of arbitrary files when opening specially crafted zip archives, circumventing the previous fix for CVE-2025-53906. This vulnerability is fixed…

  • CVE-2026-39881MedApr 8, 2026
    risk 0.26cvss 5.0epss 0.01

    Vim is an open source, command line text editor. Prior to 9.2.0316, a command injection vulnerability in Vim's netbeans interface allows a malicious netbeans server to execute arbitrary Ex commands when Vim connects to it, via unsanitized strings in the defineAnnoType and…

  • CVE-2026-42307MedMay 8, 2026
    risk 0.22cvss 4.4epss 0.01

    Vim is an open source, command line text editor. Prior to version 9.2.0383, an OS command injection vulnerability exists in the netrw standard plugin bundled with Vim. By inducing a user to open a crafted URL (e.g., using the sftp:// or file:// protocol handlers), an attacker…

  • CVE-2024-43802MedAug 26, 2024
    risk 0.22cvss 4.5epss 0.00

    Vim is an improved version of the unix vi text editor. When flushing the typeahead buffer, Vim moves the current position in the typeahead buffer but does not check whether there is enough space left in the buffer to handle the next characters. So this may lead to the tb_off…

  • CVE-2024-43374MedAug 16, 2024
    risk 0.22cvss 4.5epss 0.00

    The UNIX editor Vim prior to version 9.1.0678 has a use-after-free error in argument list handling. When adding a new file to the argument list, this triggers `Buf*` autocommands. If in such an autocommand the buffer that was just opened is closed (including the window where it…

  • CVE-2025-9389LowAug 24, 2025
    risk 0.21cvss 3.3epss 0.00

    A vulnerability was identified in vim 9.1.0000. Affected is the function __memmove_avx_unaligned_erms of the file memmove-vec-unaligned-erms.S. The manipulation leads to memory corruption. The attack needs to be performed locally. The exploit is publicly available and might be…

  • CVE-2025-53906MedJul 15, 2025
    risk 0.20cvss 4.1epss 0.01

    Vim is an open source, command line text editor. Prior to version 9.1.1551, a path traversal issue in Vim’s zip.vim plugin can allow overwriting of arbitrary files when opening specially crafted zip archives. Impact is low because this exploit requires direct user interaction.…

  • CVE-2025-22134MedJan 13, 2025
    risk 0.20cvss 4.2epss 0.00

    When switching to other buffers using the :all command and visual mode still being active, this may cause a heap-buffer overflow, because Vim does not properly end visual mode and therefore may try to access beyond the end of a line in a buffer. In Patch 9.1.1003 Vim will…

  • CVE-2026-46483LowMay 15, 2026
    risk 0.16cvss 3.6epss 0.01

    Vim is an open source, command line text editor. Prior to 9.2.0479, a command injection vulnerability exists in tar#Vimuntar() in runtime/autoload/tar.vim when decompressing .tgz archives on Unix-like systems. The function builds :!gunzip and :!gzip -d commands using…

  • CVE-2019-12735Jun 5, 2019
    risk 0.05cvss epss 0.19

    getchar.c in Vim before 8.1.1365 and Neovim before 0.3.6 allows remote attackers to execute arbitrary OS commands via the :source! command in a modeline, as demonstrated by execute in Vim, and assert_fails or nvim_input in Neovim.

  • CVE-2008-3076Feb 21, 2009
    risk 0.04cvss epss 0.09

    The Netrw plugin 125 in netrw.vim in Vim 7.2a.10 allows user-assisted attackers to execute arbitrary code via shell metacharacters in filenames used by the execute and system functions within the (1) mz and (2) mc commands, as demonstrated by the netrw.v2 and netrw.v3 test…

  • CVE-2008-3432Oct 10, 2008
    risk 0.04cvss epss 0.09

    Heap-based buffer overflow in the mch_expand_wildcards function in os_unix.c in Vim 6.2 and 6.3 allows user-assisted attackers to execute arbitrary code via shell metacharacters in filenames, as demonstrated by the netrw.v3 test case.

  • CVE-2008-4101Sep 18, 2008
    risk 0.04cvss epss 0.09

    Vim 3.0 through 7.x before 7.2.010 does not properly escape characters, which allows user-assisted attackers to (1) execute arbitrary shell commands by entering a K keystroke on a line that contains a ";" (semicolon) followed by a command, or execute arbitrary Ex commands by…

  • CVE-2008-2712Jun 16, 2008
    risk 0.04cvss epss 0.15

    Vim 7.1.314, 6.4, and other versions allows user-assisted remote attackers to execute arbitrary commands via Vim scripts that do not properly sanitize inputs before invoking the execute or system functions, as demonstrated using (1) filetype.vim, (3) xpm.vim, (4) gzip_vim, and…

  • CVE-2001-0409Jun 18, 2001
    risk 0.03cvss epss 0.01

    vim (aka gvim) allows local users to modify files being edited by other users via a symlink attack on the backup and swap files, when the victim is editing the file in a world writable directory.

  • CVE-2025-27423Mar 3, 2025
    risk 0.02cvss epss 0.21

    Vim is an open source, command line text editor. Vim is distributed with the tar.vim plugin, that allows easy editing and viewing of (compressed or uncompressed) tar files. Starting with 9.1.0858, the tar.vim plugin uses the ":read" ex command line to append below the cursor…

  • CVE-2022-0572Feb 13, 2022
    risk 0.02cvss epss 0.27

    Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.

  • CVE-2022-0714Feb 22, 2022
    risk 0.01cvss epss 0.13

    Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4436.

  • CVE-2026-57456Jun 26, 2026
    risk 0.00cvss epss 0.00

    Vim is an open source, command line text editor. Prior to 9.2.0699, Vim's Python omni-completion (runtime/autoload/python3complete.vim and the legacy pythoncomplete.vim) executes reconstructed function and class definitions from the current buffer with exec() as part of…

  • CVE-2026-57451Jun 26, 2026
    risk 0.00cvss epss 0.00

    Vim is an open source, command line text editor. Prior to 9.2.0670, get_text_props() in src/textprop.c reads a uint16 property count stored inline after a line's text and returns it as the number of 32-byte textprop_T entries that follow. The only check is a floor that…

Page 2 of 13