K000160853: Multiple Vim vulnerabilities

Security Advisory Description CVE-2026-28417 Vim is an open source, command line text editor. Prior to version 9.2.0073, an OS command injection vulnerability exists in the netrw standard plugin bundled with Vim. By inducing a user to open a crafted URL e.g., using the scp:// protocol handler, an...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: vim (UTSA-2026-007180)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007180 advisory. Vim is an open source, command line text editor. Prior to version 9.2.0076, a heap-based buffer overflow WRITE and an out-of-bounds READ exist in Vim's terminal...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 : Vim vulnerabilities (USN-8101-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8101-1 advisory. Rahul Hoysala discovered that Vim did not correctly handle certain tag resolutions. A...

USN-8101-1 vim vulnerabilities

Rahul Hoysala discovered that Vim did not correctly handle certain tag resolutions. An attacker could possibly use this issue to cause a denial of service. CVE-2026-25749 It was discovered that Vim did not correctly handle processing certain specialKey commands. An attacker could possibly use thi...

Vim < 9.2.0076 Heap-based Buffer Overflow and OOB Read (GHSA-rvj2-jrf9-2phg)

The version of Vim installed on the remote host is prior to 9.2.0076. It is, therefore, affected by a vulnerability as referenced in the GHSA-rvj2-jrf9-2phg advisory. - Vim is an open source, command line text editor. Prior to version 9.2.0076, a heap-based buffer overflow WRITE and an...

Linux Distros Unpatched Vulnerability : CVE-2026-28420

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vim is an open source, command line text editor. Prior to version 9.2.0076, a heap-based buffer overflow WRITE and an out-of-bounds READ exist in Vim's terminal...

AZL-78503 CVE-2026-28420 affecting package vim 9.1.1616-1

Vim is an open source, command line text editor. Prior to version 9.2.0076, a heap-based buffer overflow WRITE and an out-of-bounds READ exist in Vim's terminal emulator when processing maximum combining characters from Unicode supplementary planes. Version 9.2.0076 fixes the issue...

ALPINE-CVE-2026-28420

Vim is an open source, command line text editor. Prior to version 9.2.0076, a heap-based buffer overflow WRITE and an out-of-bounds READ exist in Vim's terminal emulator when processing maximum combining characters from Unicode supplementary planes. Version 9.2.0076 fixes the issue...

DEBIAN-CVE-2026-28420

Vim is an open source, command line text editor. Prior to version 9.2.0076, a heap-based buffer overflow WRITE and an out-of-bounds READ exist in Vim's terminal emulator when processing maximum combining characters from Unicode supplementary planes. Version 9.2.0076 fixes the issue...

CVE-2026-28420

Vim is an open source, command line text editor. Prior to version 9.2.0076, a heap-based buffer overflow WRITE and an out-of-bounds READ exist in Vim's terminal emulator when processing maximum combining characters from Unicode supplementary planes. Version 9.2.0076 fixes the issue...

UBUNTU-CVE-2026-28420

Vim is an open source, command line text editor. Prior to version 9.2.0076, a heap-based buffer overflow WRITE and an out-of-bounds READ exist in Vim's terminal emulator when processing maximum combining characters from Unicode supplementary planes. Version 9.2.0076 fixes the issue...

CVE-2026-28420 Vim has Heap-based Buffer Overflow and OOB Read in :terminal

Vim is an open source, command line text editor. Prior to version 9.2.0076, a heap-based buffer overflow WRITE and an out-of-bounds READ exist in Vim's terminal emulator when processing maximum combining characters from Unicode supplementary planes. Version 9.2.0076 fixes the issue...

PT-2026-22419

Name of the Vulnerable Software and Affected Versions Vim versions prior to 9.2.0076 Description Vim is an open source, command line text editor. A heap-based buffer overflow WRITE and an out-of-bounds READ exist in Vim's terminal emulator when processing maximum combining characters from Unicode...

PT-2024-10599 · Microsoft · Windows 10 +3

Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions 8 through 11 Description: The issue concerns a temporary client-side performance degradation that occurs when processing multiple Unicode combining characters, also known as a "Zalgo text" attack. This affects the...

CVE-2017-20190

Some Microsoft technologies as used in Windows 8 through 11 allow a temporary client-side performance degradation during processing of multiple Unicode combining characters, aka a "Zalgo text" attack. NOTE: third parties dispute whether the computational cost of interpreting Unicode data should b...

CVE-2017-20190

CVE-2017-20190 pertains to Microsoft Windows (Windows 8 through Windows 11) where processing multiple Unicode combining characters can cause temporary client-side performance degradation, a Zalgo text scenario. The core issue is described as a performance degradation during Unicode data processin...