CVE-2025-55158 — Double Free in VIM

CWE-415 — Double Free4 documents4 sources

Severity

6.9MEDIUMNVD

EPSS

0.0%

top 84.87%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

VIM Debian VIM

Timeline

PublishedAug 11

Description

Vim is an open source, command line text editor. In versions from 9.1.1231 to before 9.1.1406, when processing nested tuples during Vim9 script import operations, an error during evaluation can trigger a double-free in Vim’s internal typed value (typval_T) management. Specifically, the clear_tv() function may attempt to free memory that has already been deallocated, due to improper lifetime handling in the handle_import / ex_import code paths. The vulnerability can only be triggered if a user ex…

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Affected Packages3 packages

▶NVDvim/vim9.1.1231 — 9.1.1406

▶CVEListV5vim/vim>= 9.1.1231, < 9.1.1406

▶debiandebian/vim

Patches

Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

OSV

CVE-2025-55158: Vim is an open source, command line text editor↗2025-08-11

▶

📋Vendor Advisories

Red Hat

vim: Vim double-free vulnerability during Vim9 script import operations↗2025-08-11

▶

Debian

CVE-2025-55158: vim - Vim is an open source, command line text editor. In versions from 9.1.1231 to be...↗2025

▶