Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

Vim — Vulnerabilities & Security Advisories 49

All 49 CVE vulnerabilities found in Vim, with AI-generated Chinese analysis, references, and POCs.

This page documents the Common Vulnerabilities and Exposures associated with the vim text editor, categorized by weakness type. It serves as a centralized repository for security researchers and system administrators seeking to understand the historical and current threat landscape surrounding this widely used command-line tool. The vulnerability aggregation here collects data on memory corruption issues, buffer overflows, integer overflows, and logic errors that have been disclosed within the software. The database covers a comprehensive time range, capturing entries from the earliest tracked vulnerabilities to the most recent patches released by the vendor. This includes both security advisory announcements and independently identified flaws that impact the stability, integrity, or confidentiality of the application. By consolidating these records, the page provides a chronological view of security regression or improvement in the codebase over time. Visitors to this page can discover a detailed timeline of vulnerabilities affecting vim, allowing them to track a vendor's advisories as they are published. Users can understand a weakness class by analyzing how specific flaws, such as heap-based buffer overflows, have been exploited or mitigated in past versions. Additionally, the resource enables you to look up a product's vulnerability history, helping teams assess risk exposure and prioritize patching efforts based on the severity and age of the identified defects. This information is critical for maintaining secure configurations and ensuring that legacy versions of the editor do not remain exposed to known exploits.

Vendor: unspecified

CVE IDTitleCVSSSeverityPublished
CVE-2025-24014 segmentation fault in win_line() in Vim < 9.1.1043 CWE-787 4.2 Medium2025-01-20
CVE-2025-22134 heap-buffer-overflow with visual mode in Vim < 9.1.1003 CWE-122 4.2 Medium2025-01-13
CVE-2024-47814 use-after-free when closing buffers in Vim CWE-416 3.9 Low2024-10-07
CVE-2024-45306 heap-buffer-overflow in Vim CWE-122 4.5 Medium2024-09-02
CVE-2024-43802 heap-buffer-overflow in ins_typebuf() in Vim < 9.1.0697 CWE-122 4.5 Medium2024-08-26
CVE-2024-43790 heap-buffer-overflow in do_search() in Vim < 9.1.0689 CWE-122 4.5 Medium2024-08-22
CVE-2024-43374 Vim heap-use-after-free in src/arglist.c:207 CWE-416 4.5 Medium2024-08-15
CVE-2024-41965 Vim < v9.1.0648 has a double-free in dialog_changed() CWE-416 4.2 Medium2024-08-01
CVE-2024-41957 Vim double free in src/alloc.c:616 CWE-415 4.5 Medium2024-08-01
CVE-2023-48706 Vim has heap-use-after-free at /src/charset.c:1770:12 in skipwhite CWE-416 3.6 Low2023-11-22
CVE-2023-48231 Use-After-Free in win_close() in vim CWE-416 3.9 Low2023-11-16
CVE-2023-48232 Floating point Exception in adjust_plines_for_skipcol() in vim CWE-755 3.9 Low2023-11-16
CVE-2023-48233 overflow with count for :s command in vim CWE-190 2.8 Low2023-11-16
CVE-2023-48234 overflow in nv_z_get_count in vim CWE-190 2.8 Low2023-11-16
CVE-2023-48235 overflow in ex address parsing in vim CWE-190 2.8 Low2023-11-16
CVE-2023-48236 overflow in get_number in vim CWE-190 2.8 Low2023-11-16
CVE-2023-48237 overflow in shift_line in vim CWE-190 2.8 Low2023-11-16
CVE-2023-46246 Integer Overflow in :history command in Vim CWE-416 4.0 Medium2023-10-27
CVE-2022-3705 vim autocmd quickfix.c qf_update_buffer use after free CWE-119 5.0 Medium2022-10-26

All 49 known CVE vulnerabilities affecting Vim with full Chinese analysis, references, and POCs where available.