A heap buffer overflow vulnerability was found in Vim’s inc() function of misc2.c. This issue occurs because Vim reads beyond the end of the line with a put command. This flaw allows an attacker to trick a user into opening a specially crafted file, triggering an out-of-bounds read that causes a crash in the CLI tool.
Untrusted vim scripts with -s [scriptin] are not recommended to run.