CVE-2026-25749

🗓️ 08 Feb 2026 01:22:07Reported by redhat.comType

redhatcve

redhatcve🔗 access.redhat.com👁 3 Views

Vim before 9.1.2132 has a heap overflow in tag file resolution via the helpfile option.

Reporter	Title	Published	Views	Family All 154
ATTACKERKB	CVE-2026-25749	6 Feb 202622:43	–	attackerkb
Tenable Nessus	Amazon Linux 2023 : vim-common, vim-data, vim-default-editor (ALAS2023-2026-1584)	13 Apr 202600:00	–	nessus
Tenable Nessus	Alibaba Cloud Linux 3 : 0057: vim (ALINUX3-SA-2026:0057)	24 Mar 202600:00	–	nessus
Tenable Nessus	AlmaLinux 8 : vim (ALSA-2026:4442)	13 Mar 202600:00	–	nessus
Tenable Nessus	AlmaLinux 10 : vim (ALSA-2026:4715)	20 Mar 202600:00	–	nessus
Tenable Nessus	AlmaLinux 9 : vim (ALSA-2026:5602)	26 Mar 202600:00	–	nessus
Tenable Nessus	CentOS 9 : vim-8.2.2637-25.el9	16 Feb 202600:00	–	nessus
Tenable Nessus	EulerOS Virtualization 2.10.1 : vim (EulerOS-SA-2026-2039)	6 Jun 202600:00	–	nessus
Tenable Nessus	EulerOS Virtualization 2.10.0 : vim (EulerOS-SA-2026-2066)	6 Jun 202600:00	–	nessus
Tenable Nessus	EulerOS Virtualization 2.12.1 : vim (EulerOS-SA-2026-2091)	6 Jun 202600:00	–	nessus

Source	Link
cve	www.cve.org/CVERecord
nvd	www.nvd.nist.gov/vuln/detail/CVE-2026-25749
github	www.github.com/vim/vim/commit/0714b15940b245108e6e9d7aa2260dd849a26fa9
github	www.github.com/vim/vim/releases/tag/v9.1.2132
github	www.github.com/vim/vim/security/advisories/GHSA-5w93-4g67-mm43
bugzilla	www.bugzilla.redhat.com/show_bug.cgi

12 Mar 2026 13:30Current

6.4Medium risk

Vulners AI Score6.4

CVSS 3.16.6 - 7.3

EPSS0.00006

SSVC

CVE-2026-25749 heap overflow tag file resolution helpfile option get_tagfname unsafe strcpy