CVE-2026-55693— Vim 拼写文件单词计数越界写入漏洞
新しい脆弱性情報の通知を購読するログインして購読
I. CVE-2026-55693の基本情報
脆弱性情報
脆弱性についてご質問がありますか?Shenlongの分析が参考になるかご確認ください!
Shenlongの10の質問を表示 ↗ 高度な大規模言語モデル技術を使用していますが、出力には不正確または古い情報が含まれる可能性があります。Shenlongはデータの正確性を確保するよう努めていますが、実際の状況に基づいて検証・判断してください。
脆弱性タイトル
Vim: Out-of-bounds Write in Spell File Word Count
ソース: NVD (National Vulnerability Database)
脆弱性説明
Vim is an open source, command line text editor. Prior to 9.2.0653, the tree_count_words() function in src/spellfile.c fills in the word-count fields of a spell-file word trie by walking it iteratively with a depth counter. The counter is bounded only by the trie structure itself; it is never checked against the size of the fixed MAXWLEN-element stack arrays it indexes (arridx[], curi[], wordcount[]). A crafted .spl/.sug file pair, loaded when the user invokes spell suggestion, can drive the descent arbitrarily deep, so the function writes past the end of those arrays. This is a stack out-of-bounds write that corrupts the call frame and crashes the editor. This vulnerability is fixed in 9.2.0653.
ソース: NVD (National Vulnerability Database)
CVSS情報
N/A
ソース: NVD (National Vulnerability Database)
脆弱性タイプ
跨界内存写
ソース: NVD (National Vulnerability Database)
影響を受ける製品
II. CVE-2026-55693の公開POC
| # | POC説明 | ソースリンク | Shenlongリンク |
|---|
AI生成POCプレミアム
公開POCは見つかりませんでした。
ログインしてAI POCを生成III. CVE-2026-55693のインテリジェンス情報
请登录查看更多情报信息。
CVE-2026-55693 其他参考 (3)
- 🔗 Release v9.2.0653 · vim/vim · GitHubx_refsource_MISC
Same Patch Batch · vim · 2026-06-25 · 9 CVEs total
| CVE-2026-57453 | 6.5 MEDIUM | Vim: PowerShell Command Injection via Unescaped Filename in zip.vim Extraction |
| CVE-2026-57452 | 5.5 MEDIUM | Vim: Out-of-bounds Read with libsodium-encrypted Files |
| CVE-2026-55892 | 5.5 MEDIUM | Vim: Out-of-bounds Write in Spell File Prefix Dump |
| CVE-2026-57451 | 5.3 MEDIUM | Vim: Out-of-bounds Read in Text Property Count |
| CVE-2026-57456 | Vim: Arbitrary Code Execution via Python Omni-Completion Docstrings | |
| CVE-2026-57455 | Vim: Stack out-of-bounds write in `spell_soundfold_sofo()` via an over-length `soundfold() | |
| CVE-2026-57454 | Vim: Out-of-bounds Read with Text Properties | |
| CVE-2026-55895 | Vim: Vimscript Code Injection in netrw NetrwLocalRmFile() via crafted filename |
IV. 関連脆弱性
同じ製品: vim
- CVE-2026-55892
Vim: Out-of-bounds Write in Spell File Prefix Dump - CVE-2026-55895
Vim: Vimscript Code Injection in netrw NetrwLocalRmFile() vi - CVE-2026-57451
Vim: Out-of-bounds Read in Text Property Count - CVE-2026-57452
Vim: Out-of-bounds Read with libsodium-encrypted Files - CVE-2026-57453
Vim: PowerShell Command Injection via Unescaped Filename in
同じベンダー: vim
- CVE-2026-55892
Vim: Out-of-bounds Write in Spell File Prefix Dump - CVE-2026-55895
Vim: Vimscript Code Injection in netrw NetrwLocalRmFile() vi - CVE-2026-57451
Vim: Out-of-bounds Read in Text Property Count - CVE-2026-57452
Vim: Out-of-bounds Read with libsodium-encrypted Files - CVE-2026-57453
Vim: PowerShell Command Injection via Unescaped Filename in
同じ弱点: CWE-787
- CVE-2026-57876
GV-LPC2011/LPC2211 - unauthorized out-of-bounds writing vuln - CVE-2026-6325
Out-of-bounds write in SetSuitesHashSigAlgo on oversized sig - CVE-2026-6679
DTLS 1.3 ACK serialization heap buffer overflow via integer - CVE-2026-6681
PKCS#7 decode ignores caller output buffer size, writing pas - CVE-2026-55958
Renesas TSIP TLS 1.3 transcript buffer out-of-bounds write i
V. CVE-2026-55693へのコメント
まだコメントはありません