Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1336 CNY

100%

CVE-2026-57454— Vim: Out-of-bounds Read with Text Properties

AI Predicted 5.5 Difficulty: Moderate EPSS 0.12% · P2

Possible ATT&CK Techniques 1AI

T1203 · Exploitation for Client Execution

Affected Version Matrix 1

VendorProductVersion RangeStatus
vimvim>= 9.2.0320, < 9.2.0679affected
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2026-57454

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
Vim: Out-of-bounds Read with Text Properties
Source: NVD (National Vulnerability Database)
Vulnerability Description
Vim is an open source, command line text editor. From 9.2.0320 until 9.2.0679, a crafted undo or swap file can store a virtual-text property whose offset and length point outside the line's property data. When Vim restores or displays such a line it converts the offset into a pointer and reads the virtual text without bounds checking, causing an out-of-bounds read that can crash Vim or disclose adjacent heap memory. This vulnerability is fixed in 9.2.0679.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
跨界内存读
Source: NVD (National Vulnerability Database)
Vulnerability Title
Vim 缓冲区错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Vim是Vim组织开源的一款跨平台的文本编辑器。 Vim 9.2.0320版本至9.2.0679之前版本存在缓冲区错误漏洞,该漏洞源于在处理特制的撤销或交换文件时,虚拟文本属性的偏移和长度指针指向行属性数据之外,恢复或显示此类行时未进行边界检查而导致越界读取,可能导致Vim崩溃或泄露相邻堆内存。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
vimvim >= 9.2.0320, < 9.2.0679 -

II. Public POCs for CVE-2026-57454

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2026-57454

登录查看更多情报信息。

Patches & Fixes for CVE-2026-57454 (1)

Vendor Advisories for CVE-2026-57454 (1)

Other References for CVE-2026-57454 (1)

Same Patch Batch · vim · 2026-06-25 · 9 CVEs total

CVE-2026-574536.5 MEDIUMVim: PowerShell Command Injection via Unescaped Filename in zip.vim Extraction
CVE-2026-574525.5 MEDIUMVim: Out-of-bounds Read with libsodium-encrypted Files
CVE-2026-558925.5 MEDIUMVim: Out-of-bounds Write in Spell File Prefix Dump
CVE-2026-574515.3 MEDIUMVim: Out-of-bounds Read in Text Property Count
CVE-2026-57456Vim: Arbitrary Code Execution via Python Omni-Completion Docstrings
CVE-2026-57455Vim: Stack out-of-bounds write in `spell_soundfold_sofo()` via an over-length `soundfold()
CVE-2026-55895Vim: Vimscript Code Injection in netrw NetrwLocalRmFile() via crafted filename
CVE-2026-55693Vim: Out-of-bounds Write in Spell File Word Count

IV. Related Vulnerabilities

V. Comments for CVE-2026-57454

No comments yet


Leave a comment