CNNVD-202602-935 Information

CNNVD ID

CNNVD-202602-935

Related CVE

CVE-2026-25749

• CNNVD Published: 2026-02-06

Description (Chinese)

Vim是Vim开源的一款跨平台的文本编辑器。 Vim 9.1.2132之前版本存在安全漏洞，该漏洞源于处理helpfile选项时存在堆缓冲区溢出，可能导致执行任意代码。

Description (English)

Vim is a cross-platform text editor for Vim Open Source. Vim 9.1.132 had a security loophole, which stemmed from the spilling of a pile of buffers while dealing with the helpfile option, which could lead to the implementation of arbitrary codes.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Vim

Published

2026-02-06

Last Modified

2026-02-24

References

https://github.com/vim/vim/commit/0714b15940b245108e6e9d7aa2260dd849a26fa9 https://github.com/vim/vim/releases/tag/v9.1.2132 https://github.com/vim/vim/security/advisories/GHSA-5w93-4g67-mm43 https://access.redhat.com/security/cve/cve-2026-25749

Patch

https://www.vim.org/download.php