CVE-2026-28419 — Buffer Underflow in VIM

CWE-124 — Buffer Underflow CWE-125 — Out-of-bounds Read9 documents8 sources

Severity

6.6MEDIUMNVD

EPSS

0.0%

top 99.79%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

VIM Debian VIM Msrc Azl3 VIM 9.1.1616-1 ON Azure Linux 3.0 +1 more

Timeline

PublishedFeb 27

Latest updateMar 16

Description

Vim is an open source, command line text editor. Prior to version 9.2.0075, a heap-based buffer underflow exists in Vim's Emacs-style tags file parsing logic. When processing a malformed tags file where a delimiter appears at the start of a line, Vim attempts to read memory immediately preceding the allocated buffer. Version 9.2.0075 fixes the issue.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:HExploitability: 1.8 | Impact: 4.7

Affected Packages6 packages

▶NVDvim/vim< 9.2.0075

▶debiandebian/vim< vim 2:9.2.0119-1 (forky)

▶Debianvim/vim< 2:9.2.0119-1

▶Ubuntuvim/vim< 2:8.2.3995-1ubuntu2.26+6

▶msrcmsrc/azl3_vim_9.1.1616-1_on_azure_linux_3.0

Patches

Patch: github.com ↗Patch: github.com ↗Patch: www.openwall.com ↗

🔴Vulnerability Details

OSV

vim vulnerabilities↗2026-03-16

▶

OSV

CVE-2026-28419: Vim is an open source, command line text editor↗2026-02-27

▶

📋Vendor Advisories

Ubuntu

Vim vulnerabilities↗2026-03-16

▶

Red Hat

vim: Vim: Information disclosure and denial of service via malformed tags file↗2026-02-27

▶

Microsoft

Vim has Heap-based Buffer Underflow in Emacs tags parsing↗2026-02-10

▶

Debian

CVE-2026-28419: vim - Vim is an open source, command line text editor. Prior to version 9.2.0075, a he...↗2026

▶

🕵️Threat Intelligence

Wiz

CVE-2026-28419 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶

💬Community

Bugzilla

CVE-2026-28419 vim: Vim: Information disclosure and denial of service via malformed tags file↗2026-02-27

▶