CVE-2026-28422

ADVISORY - nist

Summary

Vim is an open source, command line text editor. Prior to version 9.2.0078, a stack-buffer-overflow occurs in build_stl_str_hl() when rendering a statusline with a multi-byte fill character on a very wide terminal. Version 9.2.0078 patches the issue.

EPSS Score⁠: 0.00005 (0.003)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-121⁠

Stack-based Buffer Overflow

ADVISORY - redhat

CWE-135⁠

Incorrect Calculation of Multi-Byte String Length

Impacted images

Advisories

NIST

CREATED

3 months ago

UPDATED

3 months ago

ADVISORY IDCVE-2026-28422⁠

EXPLOITABILITY SCORE

0.8

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-121⁠

CVSS SCORE

2.2low

Alpine

CREATED

3 months ago

UPDATED

8 days ago

ADVISORY IDCVE-2026-28422⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Debian

CREATED

3 months ago

UPDATED

1 month ago

ADVISORY IDCVE-2026-28422⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Ubuntu

CREATED

3 months ago

UPDATED

3 months ago

ADVISORY IDCVE-2026-28422⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Amazon

CREATED

2 months ago

UPDATED

2 months ago

ADVISORY IDALAS2023-2026-1539⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Red Hat

CREATED

3 months ago

UPDATED

3 months ago

ADVISORY IDCVE-2026-28422⁠

EXPLOITABILITY SCORE

0.8

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-135⁠

CVSS SCORE

2.2low

Photon

CREATED

2 months ago

UPDATED

2 months ago

ADVISORY ID

CVE-2026-28422

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

2.2low