CVE-2026-28418 — Heap-based Buffer Overflow in VIM

CWE-122 — Heap-based Buffer Overflow CWE-125 — Out-of-bounds Read9 documents8 sources

Severity

5.5MEDIUMNVD

OSV6.6

EPSS

0.0%

top 99.80%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

VIM Debian VIM Msrc Azl3 VIM 9.1.1616-1 ON Azure Linux 3.0 +1 more

Timeline

PublishedFeb 27

Latest updateMar 16

Description

Vim is an open source, command line text editor. Prior to version 9.2.0074, a heap-based buffer overflow out-of-bounds read exists in Vim's Emacs-style tags file parsing logic. When processing a malformed tags file, Vim can be tricked into reading up to 7 bytes beyond the allocated memory boundary. Version 9.2.0074 fixes the issue.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages6 packages

▶NVDvim/vim< 9.2.0074

▶debiandebian/vim< vim 2:9.2.0119-1 (forky)

▶Debianvim/vim< 2:9.2.0119-1

▶Ubuntuvim/vim< 2:8.2.3995-1ubuntu2.26+6

▶msrcmsrc/azl3_vim_9.1.1616-1_on_azure_linux_3.0

Patches

Patch: github.com ↗Patch: github.com ↗Patch: www.openwall.com ↗

🔴Vulnerability Details

OSV

vim vulnerabilities↗2026-03-16

▶

OSV

CVE-2026-28418: Vim is an open source, command line text editor↗2026-02-27

▶

📋Vendor Advisories

Ubuntu

Vim vulnerabilities↗2026-03-16

▶

Red Hat

vim: Vim: Information disclosure via heap-based buffer overflow in Emacs-style tags file parsing↗2026-02-27

▶

Microsoft

Vim has Heap-based Buffer Overflow in Emacs tags parsing↗2026-02-10

▶

Debian

CVE-2026-28418: vim - Vim is an open source, command line text editor. Prior to version 9.2.0074, a he...↗2026

▶

🕵️Threat Intelligence

Wiz

CVE-2026-28418 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶

💬Community

Bugzilla

CVE-2026-28418 vim: Vim: Information disclosure via heap-based buffer overflow in Emacs-style tags file parsing↗2026-02-27

▶