QSearchQSearch

CVE-2026-25749

6.6 MEDIUM

Vim is an open source, command line text editor

Published: 2026-02-06 · Last updated: 2026-06-09

Severity and scoring

CVSS
6.6 MEDIUM
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H
CWE
CWE-122

Affected products

VendorProduct
neovimneovim, vim
vimneovim, vim

Description

Vim is an open source, command line text editor. Prior to version 9.1.2132, a heap buffer overflow vulnerability exists in Vim's tag file resolution logic when processing the 'helpfile' option. The vulnerability is located in the get_tagfname() function in src/tag.c. When processing help file tags, Vim copies the user-controlled 'helpfile' option value into a fixed-size heap buffer of MAXPATHL + 1 bytes (typically 4097 bytes) using an unsafe STRCPY() operation without any bounds checking. This issue has been patched in version 9.1.2132.

Source: NVD

References

Related CVEs

Same vendor

  • CVE-2026-46483 Vim is an open source, command line text editor (3.6 LOW)
  • CVE-2026-45130 Vim is an open source, command line text editor (6.6 MEDIUM)
  • CVE-2025-22134 When switching to other buffers using the :all command and visual mode still being active, this may cause a heap-buffer overflow, because... (4.2 MEDIUM)
  • CVE-2024-43374 The UNIX editor Vim prior to version 9.1.0678 has a use-after-free error in argument list handling (4.5 MEDIUM)
  • CVE-2021-4019 vim is vulnerable to Heap-based Buffer Overflow (7.8 HIGH)

Same CWE

  • CVE-2026-53465 ImageMagick is free and open-source software used for editing and manipulating digital images (6.2 MEDIUM)
  • CVE-2026-48994 ImageMagick is free and open-source software used for editing and manipulating digital images (5.9 MEDIUM)
  • CVE-2026-46692 ImageMagick is free and open-source software used for editing and manipulating digital images (4.1 MEDIUM)
  • CVE-2026-46520 ImageMagick is free and open-source software used for editing and manipulating digital images (7.5 HIGH)
  • CVE-2026-2049 GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability (7.8 HIGH)