A heap-based buffer overflow flaw was found in Vim’s skipwhite() function of the charset.c file. This issue occurs when reading data past the end of the line when compiling a function with errors. This could allows an attacker to trick a user into opening a specially crafted file, triggering an out-of-bounds read that causes an application to crash, leading to a denial of service.
Untrusted vim scripts with -s [scriptin] are not recommended to run.