Lucene search
K

468 matches found

OSV
OSV
added 4 days ago4 views

OESA-2026-2862 vim security update

Vim is an advanced text editor that seeks to provide the power of the de-facto Unix editor 'Vi', with a more complete feature set. Vim is a highly configurable text editor built to enable efficient text editing. It is an improved version of the vi editor distributed with most UNIX systems. Securi...

8.4CVSS6.2AI score0.00154EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/07/02 12:0 a.m.3 views

Vim < 9.2.0662 Stack Out-of-Bounds Write (GHSA-qm9w-fmpj-879h)

The version of Vim installed on the remote host is prior to 9.2.0662. It is, therefore, affected by a vulnerability. - The dumpprefixes function in src/spell.c walks a spell-file prefix trie iteratively with a depth counter while dumping the prefixes that apply to a word. The counter is bounded...

5.5CVSS6.1AI score0.00122EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/07/02 12:0 a.m.9 views

Vim < 9.2.0653 Stack Out-of-Bounds Write (GHSA-wgh4-64f7-q3jq)

The version of Vim installed on the remote host is prior to 9.2.0653. It is, therefore, affected by a vulnerability. - The treecountwords function in src/spellfile.c fills in the word-count fields of a spell-file word trie by walking it iteratively with a depth counter. The counter is bounded onl...

8.4CVSS6.1AI score0.00126EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/07/01 2:8 p.m.6 views

CVE-2026-57455

A memory corruption flaw in Vim allows an attacker to cause a Denial of Service DoS. When a SOFO-based spell language is active, providing an excessively long word to the spell checker triggers a stack out-of-bounds write in the spellsoundfoldsofo function, causing the editor to crash. Mitigation...

7.8CVSS5.8AI score0.0012EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-57455

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vim is an open source, command line text editor. Prior to 9.2.0698, the single-byte branch of spellsoundfoldsofo in src/spell.c translates a word through a spel...

7.8CVSS6AI score0.0012EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/29 2:41 p.m.7 views

CVE-2026-55892

A flaw was found in Vim, an open-source command-line text editor. A remote attacker could exploit this vulnerability by convincing a user to load a specially crafted spell file. This malicious file can trigger a stack out-of-bounds write, which corrupts the editor's memory and causes it to crash...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References6
NVD
NVD
added 2026/06/25 4:16 p.m.8 views

CVE-2026-55693

Vim is an open source, command line text editor. Prior to 9.2.0653, the treecountwords function in src/spellfile.c fills in the word-count fields of a spell-file word trie by walking it iteratively with a depth counter. The counter is bounded only by the trie structure itself; it is never checked...

8.4CVSS0.00126EPSS
Exploits0References3
CVE
CVE
added 2026/06/25 3:34 p.m.30 views

CVE-2026-55693

Vim prior to 9.2.0653 is affected by a stack-out-of-bounds write in tree_count_words() (src/spellfile.c) when loading crafted .spl/.sug files for spell suggestions. The depth counter can exceed the fixed MAXWLEN-element stacks (arridx[], curi[], wordcount[]), causing writes past array bounds, cor...

8.4CVSS5.8AI score0.00126EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/25 3:34 p.m.5 views

CVE-2026-55693

Vim is an open source, command line text editor. Prior to 9.2.0653, the treecountwords function in src/spellfile.c fills in the word-count fields of a spell-file word trie by walking it iteratively with a depth counter. The counter is bounded only by the trie structure itself; it is never checked...

8.4CVSS5.8AI score0.00126EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/06/25 3:34 p.m.43 views

CVE-2026-55693 Vim: Out-of-bounds Write in Spell File Word Count

Vim is an open source, command line text editor. Prior to 9.2.0653, the treecountwords function in src/spellfile.c fills in the word-count fields of a spell-file word trie by walking it iteratively with a depth counter. The counter is bounded only by the trie structure itself; it is never checked...

8.4CVSS0.00126EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2026/06/25 3:34 p.m.7 views

CVE-2026-55693

Vim is an open source, command line text editor. Prior to 9.2.0653, the treecountwords function in src/spellfile.c fills in the word-count fields of a spell-file word trie by walking it iteratively with a depth counter. The counter is bounded only by the trie structure itself; it is never checked...

8.4CVSS5.8AI score0.00126EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/25 3:32 p.m.5 views

CVE-2026-55892

Vim is an open source, command line text editor. Prior to 9.2.0662, the dumpprefixes function in src/spell.c walks a spell-file prefix trie iteratively with a depth counter while dumping the prefixes that apply to a word. The counter is bounded only by the trie structure itself; it is never check...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/06/25 3:32 p.m.22 views

CVE-2026-55892

Vim vulnerability CVE-2026-55892 affects Vim prior to 9.2.0662. The dump_prefixes() function in src/spell.c walks a spell-file prefix trie with a depth counter and indexes fixed MAXWLEN-element arrays (prefix[], arridx[], curi[]). The depth bound is the trie itself, not the array size, allowing a...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/06/25 3:32 p.m.41 views

CVE-2026-55892 Vim: Out-of-bounds Write in Spell File Prefix Dump

Vim is an open source, command line text editor. Prior to 9.2.0662, the dumpprefixes function in src/spell.c walks a spell-file prefix trie iteratively with a depth counter while dumping the prefixes that apply to a word. The counter is bounded only by the trie structure itself; it is never check...

5.5CVSS0.00122EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2026/06/25 3:32 p.m.6 views

CVE-2026-55892

Vim is an open source, command line text editor. Prior to 9.2.0662, the dumpprefixes function in src/spell.c walks a spell-file prefix trie iteratively with a depth counter while dumping the prefixes that apply to a word. The counter is bounded only by the trie structure itself; it is never check...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/25 3:22 p.m.7 views

CVE-2026-57455

Vim is an open source, command line text editor. Prior to 9.2.0698, the single-byte branch of spellsoundfoldsofo in src/spell.c translates a word through a spell file's SOFO sound-folding byte map into a caller-owned result buffer. Its copy loop advances the output index ri with no upper bound an...

7.1CVSS6.1AI score0.0012EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/06/25 3:22 p.m.19 views

CVE-2026-57455

Vim (open source editor) prior to version 9.2.0698 is affected by a stack out-of-bounds write in spell_soundfold_sofo() (src/spell.c). The single-byte branch translates a word through a SOFO byte map into a caller-owned result buffer; the copy loop advances the output index with no upper bound an...

7.8CVSS6.1AI score0.0012EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/06/25 3:22 p.m.42 views

CVE-2026-57455 Vim: Stack out-of-bounds write in `spell_soundfold_sofo()` via an over-length `soundfold()` argument

Vim is an open source, command line text editor. Prior to 9.2.0698, the single-byte branch of spellsoundfoldsofo in src/spell.c translates a word through a spell file's SOFO sound-folding byte map into a caller-owned result buffer. Its copy loop advances the output index ri with no upper bound an...

7.1CVSS0.0012EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.7 views

PT-2026-52472

Name of the Vulnerable Software and Affected Versions Vim versions prior to 9.2.0653 Description The tree count words function in src/spellfile.c fails to validate a depth counter against the size of fixed MAXWLEN-element stack arrays, specifically arridx, curi, and wordcount. A specially crafted...

8.4CVSS5.7AI score0.00126EPSS
Exploits0References18
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.8 views

PT-2026-52480

Name of the Vulnerable Software and Affected Versions Vim versions prior to 9.2.0698 Description A stack out-of-bounds write occurs in the single-byte branch of the spell soundfold sofo function within src/spell.c. When a SOFO-based spell language is active, the copy loop translates a word using ...

7.8CVSS5.9AI score0.0012EPSS
Exploits0References18
Rows per page
Query Builder