vim 产品漏洞列表 / CVE 中文分析 54

vim 产品相关 54 条漏洞，AI 中文标题与摘要、CVSS、POC 一站汇总。

本页面汇集 Vim 编辑器相关的安全漏洞信息，聚焦于内存破坏、权限提升及代码执行等高危类型。收录内容涵盖从早期版本至近期的公开漏洞，旨在提供全面的历史安全数据视图。通过浏览此聚合页，用户可以快速追踪 Vim 官方发布的安全补丁公告，深入分析特定弱点（如缓冲区溢出）的技术细节，并检索该产品的历史漏洞记录以评估当前版本的风险状况，为系统加固和版本升级提供可靠参考依据。

ベンダー: unspecified

CVE ID	タイトル	CVSS	深刻度	公開日
CVE-2026-52860	Vim: Arbitrary Code Execution via Python Omni-Completion CWE-94	-	-	2026-06-11
CVE-2026-52859	Vim: Out-of-bounds Read in Terminal Screen Snapshot CWE-125	-	-	2026-06-11
CVE-2026-52858	Vim: Arbitrary Code Execution via Python Omni-Completion CWE-94	-	-	2026-06-11
CVE-2026-47162	Vim: Vimscript Code Injection in netrw NetrwBookHistSave() via crafted directory name CWE-74	-	-	2026-06-11
CVE-2026-47167	Vim: Vimscript Code Injection in cucumber filetype plugin via crafted step-definition regex CWE-94	-	-	2026-06-11
CVE-2026-46483	Vim: Command injection in tar#Vimuntar via missing shellescape {special} flag CWE-78	3.6	Low	2026-05-15
CVE-2026-45130	Vim: Heap Buffer Overflow in spell file loading CWE-122	6.6	Medium	2026-05-08
CVE-2026-44656	Vim: OS Command Injection via 'path' completion CWE-78	7.8^AI	High^AI	2026-05-08
CVE-2026-42307	Vim: OS Command Injection in netrw CWE-78	4.4	Medium	2026-05-08
CVE-2026-41411	Vim: Command injection via backtick expansion in tag filenames CWE-78	6.6	Medium	2026-04-24
CVE-2026-39881	Vim Ex command injection in Vims NetBeans integration CWE-94	5.0	Medium	2026-04-08
CVE-2026-35177	Path traversal issue with zip.vim in Vim CWE-22	4.1	Medium	2026-04-06
CVE-2026-34982	Vim modeline bypass via various options affects Vim < 9.2.0276 CWE-78	8.2	High	2026-04-06
CVE-2026-34714	Vim 操作系统命令注入漏洞 CWE-78	9.2	Critical	2026-03-30
CVE-2026-33412	Vim affected by Command injection via newline in glob() CWE-78	5.6	Medium	2026-03-24
CVE-2026-32249	NFA regex engine NULL pointer dereference affects Vim < 9.2.0137 CWE-476	5.3	Medium	2026-03-12
CVE-2026-28422	Vim has stack-buffer-overflow in build_stl_str_hl() CWE-121	2.2	Low	2026-02-27
CVE-2026-28421	Vim has a heap-buffer-overflow and a segmentation fault CWE-20	5.3	Medium	2026-02-27
CVE-2026-28420	Vim has Heap-based Buffer Overflow and OOB Read in :terminal CWE-122	4.4	Medium	2026-02-27
CVE-2026-28419	Vim has Heap-based Buffer Underflow in Emacs tags parsing CWE-124	5.3	Medium	2026-02-27
CVE-2026-28418	Vim has Heap-based Buffer Overflow in Emacs tags parsing CWE-122	4.4	Medium	2026-02-27
CVE-2026-28417	Vim has OS Command Injection in netrw CWE-86	4.4	Medium	2026-02-27
CVE-2026-26269	Vim has a Netbeans specialKeys Stack Buffer Overflow CWE-121	5.4	Medium	2026-02-13
CVE-2026-25749	Heap Overflow in Vim CWE-122	6.6	Medium	2026-02-06
CVE-2025-66476	Vim for Windows Uncontrolled Search Path Element Remote Code Execution Vulnerability CWE-427	7.8	High	2025-12-02
CVE-2025-9390	vim xxd xxd.c main buffer overflow CWE-120	5.3	Medium	2025-08-24
CVE-2025-9389	vim memmove-vec-unaligned-erms.S __memmove_avx_unaligned_erms memory corruption CWE-119	3.3	Low	2025-08-24
CVE-2025-55157	Vim heap use-after-free vulnerability when processing recursive tuple data types CWE-416	8.8^AI	High^AI	2025-08-11
CVE-2025-55158	Vim double-free vulnerability during Vim9 script import operations CWE-415	7.8^AI	High^AI	2025-08-11
CVE-2025-53906	Vim has path traversal issue with zip.vim and special crafted zip archives CWE-22	4.1	Medium	2025-07-15

vim 产品累计公开 54 条 CVE 漏洞，本页提供按时间倒序的完整列表，包含 CVSS、CWE、AI 中文摘要与可获取的 POC 链接。

目標達成 すべての支援者に感謝 — 100%達成しました！

vim 产品漏洞列表 / CVE 中文分析 54

目標達成すべての支援者に感謝 — 100%達成しました！