CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 1CVE-2025-9390 – vim xxd xxd.c main buffer overflow
https://notcve.org/view.php?id=CVE-2025-9390
24 Aug 2025 — A security flaw has been discovered in vim up to 9.1.1615. Affected by this vulnerability is the function main of the file src/xxd/xxd.c of the component xxd. The manipulation results in buffer overflow. The attack requires a local approach. The exploit has been released to the public and may be exploited. • https://vuldb.com/?id.321223 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 1CVE-2025-9389 – vim memmove-vec-unaligned-erms.S __memmove_avx_unaligned_erms memory corruption
https://notcve.org/view.php?id=CVE-2025-9389
24 Aug 2025 — A vulnerability was identified in vim 9.1.0000. Affected is the function __memmove_avx_unaligned_erms of the file memmove-vec-unaligned-erms.S. The manipulation leads to memory corruption. The attack needs to be performed locally. The exploit is publicly available and might be used. • https://vuldb.com/?id.321222 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-55157 – Vim heap use-after-free vulnerability when processing recursive tuple data types
https://notcve.org/view.php?id=CVE-2025-55157
11 Aug 2025 — Vim is an open source, command line text editor. In versions from 9.1.1231 to before 9.1.1400, When processing nested tuples in Vim script, an error during evaluation can trigger a use-after-free in Vim’s internal tuple reference management. Specifically, the tuple_unref() function may access already freed memory due to improper lifetime handling, leading to memory corruption. The exploit requires direct user interaction, as the script must be explicitly executed within Vim. This issue has been patched in v... • https://github.com/vim/vim/commit/1307743697bbc46e1518abfea7f89caa95bcaf97 • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-55158 – Vim double-free vulnerability during Vim9 script import operations
https://notcve.org/view.php?id=CVE-2025-55158
11 Aug 2025 — Vim is an open source, command line text editor. In versions from 9.1.1231 to before 9.1.1406, when processing nested tuples during Vim9 script import operations, an error during evaluation can trigger a double-free in Vim’s internal typed value (typval_T) management. Specifically, the clear_tv() function may attempt to free memory that has already been deallocated, due to improper lifetime handling in the handle_import / ex_import code paths. The vulnerability can only be triggered if a user explicitly ope... • https://github.com/vim/vim/commit/9772025d24e939fd84b85748ce35c26874c05775 • CWE-415: Double Free •
CVSS: 4.1EPSS: 0%CPEs: 1EXPL: 0CVE-2025-53906 – Vim has path traversal issue with zip.vim and special crafted zip archives
https://notcve.org/view.php?id=CVE-2025-53906
15 Jul 2025 — Vim is an open source, command line text editor. Prior to version 9.1.1551, a path traversal issue in Vim’s zip.vim plugin can allow overwriting of arbitrary files when opening specially crafted zip archives. Impact is low because this exploit requires direct user interaction. However, successfully exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive. The victim must edit such a file using Vim... • https://github.com/vim/vim/commit/586294a04179d855c3d1d4ee5ea83931963680b8 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 4.1EPSS: 0%CPEs: 1EXPL: 0CVE-2025-53905 – Vim has path traversial issue with tar.vim and special crafted tar files
https://notcve.org/view.php?id=CVE-2025-53905
15 Jul 2025 — Vim is an open source, command line text editor. Prior to version 9.1.1552, a path traversal issue in Vim’s tar.vim plugin can allow overwriting of arbitrary files when opening specially crafted tar archives. Impact is low because this exploit requires direct user interaction. However, successfully exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive. The victim must edit such a file using Vim... • https://github.com/vim/vim/commit/87757c6b0a4b2c1f71c72ea8e1438b8fb116b239 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 0CVE-2025-29768 – Vim vulnerable to potential data loss with zip.vim and special crafted zip files
https://notcve.org/view.php?id=CVE-2025-29768
13 Mar 2025 — Vim, a text editor, is vulnerable to potential data loss with zip.vim and special crafted zip files in versions prior to 9.1.1198. The impact is medium because a user must be made to view such an archive with Vim and then press 'x' on such a strange filename. The issue has been fixed as of Vim patch v9.1.1198. • https://github.com/vim/vim/commit/f209dcd3defb95bae21b2740910e6aa7bb940531 • CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2025-27423 – Improper Input Validation in Vim
https://notcve.org/view.php?id=CVE-2025-27423
03 Mar 2025 — Vim is an open source, command line text editor. Vim is distributed with the tar.vim plugin, that allows easy editing and viewing of (compressed or uncompressed) tar files. Starting with 9.1.0858, the tar.vim plugin uses the ":read" ex command line to append below the cursor position, however the is not sanitized and is taken literally from the tar archive. This allows to execute shell commands via special crafted tar archives. Whether this really happens, depends on the shell being used ('shell' option, wh... • https://github.com/vim/vim/commit/129a8446d23cd9cb4445fcfea259cba5e0487d29 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 4.2EPSS: 0%CPEs: 1EXPL: 0CVE-2025-26603 – heap-use-after-free in function str_to_reg in vim/vim
https://notcve.org/view.php?id=CVE-2025-26603
18 Feb 2025 — Vim is a greatly improved version of the good old UNIX editor Vi. Vim allows to redirect screen messages using the `:redir` ex command to register, variables and files. It also allows to show the contents of registers using the `:registers` or `:display` ex command. When redirecting the output of `:display` to a register, Vim will free the register content before storing the new content in the register. Now when redirecting the `:display` command to a register that is being displayed, Vim will free the cont... • https://github.com/vim/vim/commit/c0f0e2380e5954f4a52a131bf6b8 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2025-1215 – vim main.c memory corruption
https://notcve.org/view.php?id=CVE-2025-1215
12 Feb 2025 — A vulnerability classified as problematic was found in vim up to 9.1.1096. This vulnerability affects unknown code of the file src/main.c. The manipulation of the argument --log leads to memory corruption. It is possible to launch the attack on the local host. Upgrading to version 9.1.1097 is able to address this issue. • https://github.com/vim/vim/commit/c5654b84480822817bb7b69ebc97c174c91185e9 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •