wid-sec-w-2026-0556
·
Published 2026-03-01
·
View on BSI CERT-Bund ↗
vim: Multiple Vulnerabilities
CVSS 5.3
MEDIUM
Risk Summary
Vim is an open source, command line text editor. Prior to version 9.2.0076, a heap-based buffer overflow WRITE and an out-of-bounds READ exist in Vim's terminal emulator when processing maximum combining characters from Unicode supplementary planes. Version 9.2.0076 fixes the issue.
Affected Vendors
Fedora
Open Source
Oracle
RESF
Red Hat
SUSE
Ubuntu
Affected Products (12)
Open Source
·
vim
<9.2.0073
Open Source
·
vim
9.2.0073
Open Source
·
vim
<9.2.0074
Open Source
·
vim
9.2.0074
Open Source
·
vim
<9.2.0075
Open Source
·
vim
9.2.0075
Open Source
·
vim
<9.2.0076
Open Source
·
vim
9.2.0076
Open Source
·
vim
<9.2.0077
Open Source
·
vim
9.2.0077
Open Source
·
vim
<9.2.0078
Open Source
·
vim
9.2.0078
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more