Sign In

CVE-2026-28419

ADVISORY - nist

Summary

Vim is an open source, command line text editor. Prior to version 9.2.0075, a heap-based buffer underflow exists in Vim's Emacs-style tags file parsing logic. When processing a malformed tags file where a delimiter appears at the start of a line, Vim attempts to read memory immediately preceding the allocated buffer. Version 9.2.0075 fixes the issue.

EPSS Score: 0.00005 (0.003)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-124

Buffer Underwrite ('Buffer Underflow')

CWE-125

Out-of-bounds Read

ADVISORY - redhat

CWE-124

Buffer Underwrite ('Buffer Underflow')

Impacted images

Advisories
Sign in to Docker Scout

See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.

Sign in