CVE-2026-57454

Source
https://cve.org/CVERecord?id=CVE-2026-57454
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-57454.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-57454
Aliases
  • GHSA-ww8h-47xp-hp4w
Downstream
Published
2026-06-25T15:24:54.196Z
Modified
2026-07-08T08:13:52.353000237Z
Severity
  • 6.8 (Medium) CVSS_V4 - CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N CVSS Calculator
Summary
Vim: Out-of-bounds Read with Text Properties
Details

Vim is an open source, command line text editor. From 9.2.0320 until 9.2.0679, a crafted undo or swap file can store a virtual-text property whose offset and length point outside the line's property data. When Vim restores or displays such a line it converts the offset into a pointer and reads the virtual text without bounds checking, causing an out-of-bounds read that can crash Vim or disclose adjacent heap memory. This vulnerability is fixed in 9.2.0679.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/57xxx/CVE-2026-57454.json",
    "cwe_ids": [
        "CWE-125"
    ],
    "cna_assigner": "GitHub_M"
}
References

Affected packages

Git / github.com/vim/vim

Affected ranges

Type
GIT
Repo
https://github.com/vim/vim
Events
Database specific
{
    "source": [
        "AFFECTED_FIELD",
        "CPE_RANGE",
        "REFERENCES"
    ],
    "cpe": "cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:*",
    "extracted_events": [
        {
            "introduced": "9.2.0320"
        },
        {
            "fixed": "9.2.0679"
        }
    ]
}

Affected versions

v9.*
v9.2.0320
v9.2.0321
v9.2.0322
v9.2.0323
v9.2.0324
v9.2.0325
v9.2.0326
v9.2.0327
v9.2.0328
v9.2.0329
v9.2.0330
v9.2.0331
v9.2.0332
v9.2.0333
v9.2.0334
v9.2.0335
v9.2.0336
v9.2.0337
v9.2.0338
v9.2.0339
v9.2.0340
v9.2.0341
v9.2.0342
v9.2.0343
v9.2.0344
v9.2.0345
v9.2.0346
v9.2.0347
v9.2.0348
v9.2.0349
v9.2.0350
v9.2.0351
v9.2.0352
v9.2.0353
v9.2.0354
v9.2.0355
v9.2.0356
v9.2.0357
v9.2.0358
v9.2.0359
v9.2.0360
v9.2.0361
v9.2.0362
v9.2.0363
v9.2.0364
v9.2.0365
v9.2.0366
v9.2.0367
v9.2.0368
v9.2.0369
v9.2.0370
v9.2.0371
v9.2.0372
v9.2.0373
v9.2.0374
v9.2.0375
v9.2.0376
v9.2.0377
v9.2.0378
v9.2.0379
v9.2.0380
v9.2.0381
v9.2.0382
v9.2.0383
v9.2.0384
v9.2.0385
v9.2.0386
v9.2.0387
v9.2.0388
v9.2.0389
v9.2.0390
v9.2.0391
v9.2.0392
v9.2.0393
v9.2.0394
v9.2.0395
v9.2.0396
v9.2.0397
v9.2.0398
v9.2.0399
v9.2.0400
v9.2.0401
v9.2.0402
v9.2.0403
v9.2.0404
v9.2.0405
v9.2.0406
v9.2.0407
v9.2.0408
v9.2.0409
v9.2.0410
v9.2.0411
v9.2.0412
v9.2.0413
v9.2.0414
v9.2.0415
v9.2.0416
v9.2.0417
v9.2.0418
v9.2.0419
v9.2.0420
v9.2.0421
v9.2.0422
v9.2.0423
v9.2.0424
v9.2.0425
v9.2.0426
v9.2.0427
v9.2.0428
v9.2.0429
v9.2.0430
v9.2.0431
v9.2.0432
v9.2.0433
v9.2.0434
v9.2.0435
v9.2.0436
v9.2.0437
v9.2.0438
v9.2.0439
v9.2.0440
v9.2.0441
v9.2.0442
v9.2.0443
v9.2.0444
v9.2.0445
v9.2.0446
v9.2.0447
v9.2.0448
v9.2.0449
v9.2.0450
v9.2.0451
v9.2.0452
v9.2.0453
v9.2.0454
v9.2.0455
v9.2.0456
v9.2.0457
v9.2.0458
v9.2.0459
v9.2.0460
v9.2.0461
v9.2.0462
v9.2.0463
v9.2.0464
v9.2.0465
v9.2.0466
v9.2.0467
v9.2.0468
v9.2.0469
v9.2.0470
v9.2.0471
v9.2.0472
v9.2.0473
v9.2.0474
v9.2.0475
v9.2.0476
v9.2.0477
v9.2.0478
v9.2.0479
v9.2.0480
v9.2.0481
v9.2.0482
v9.2.0483
v9.2.0484
v9.2.0485
v9.2.0486
v9.2.0487
v9.2.0488
v9.2.0489
v9.2.0490
v9.2.0491
v9.2.0492
v9.2.0493
v9.2.0494
v9.2.0495
v9.2.0496
v9.2.0497
v9.2.0498
v9.2.0499
v9.2.0500
v9.2.0501
v9.2.0502
v9.2.0503
v9.2.0504
v9.2.0505
v9.2.0506
v9.2.0507
v9.2.0508
v9.2.0509
v9.2.0510
v9.2.0511
v9.2.0512
v9.2.0513
v9.2.0514
v9.2.0515
v9.2.0516
v9.2.0517
v9.2.0518
v9.2.0519
v9.2.0520
v9.2.0521
v9.2.0522
v9.2.0523
v9.2.0524
v9.2.0525
v9.2.0526
v9.2.0527
v9.2.0528
v9.2.0529
v9.2.0530
v9.2.0531
v9.2.0532
v9.2.0533
v9.2.0534
v9.2.0535
v9.2.0536
v9.2.0537
v9.2.0538
v9.2.0539
v9.2.0540
v9.2.0541
v9.2.0542
v9.2.0543
v9.2.0544
v9.2.0545
v9.2.0546
v9.2.0547
v9.2.0548
v9.2.0549
v9.2.0550
v9.2.0551
v9.2.0552
v9.2.0553
v9.2.0554
v9.2.0555
v9.2.0556
v9.2.0557
v9.2.0558
v9.2.0559
v9.2.0560
v9.2.0561
v9.2.0562
v9.2.0563
v9.2.0564
v9.2.0565
v9.2.0566
v9.2.0567
v9.2.0568
v9.2.0569
v9.2.0570
v9.2.0571
v9.2.0572
v9.2.0573
v9.2.0574
v9.2.0575
v9.2.0576
v9.2.0577
v9.2.0578
v9.2.0579
v9.2.0580
v9.2.0581
v9.2.0582
v9.2.0583
v9.2.0584
v9.2.0585
v9.2.0586
v9.2.0587
v9.2.0588
v9.2.0589
v9.2.0590
v9.2.0591
v9.2.0592
v9.2.0593
v9.2.0594
v9.2.0595
v9.2.0596
v9.2.0597
v9.2.0598
v9.2.0599
v9.2.0600
v9.2.0601
v9.2.0602
v9.2.0603
v9.2.0604
v9.2.0605
v9.2.0606
v9.2.0607
v9.2.0608
v9.2.0609
v9.2.0610
v9.2.0611
v9.2.0612
v9.2.0613
v9.2.0614
v9.2.0615
v9.2.0616
v9.2.0617
v9.2.0618
v9.2.0619
v9.2.0620
v9.2.0621
v9.2.0622
v9.2.0623
v9.2.0624
v9.2.0625
v9.2.0626
v9.2.0627
v9.2.0628
v9.2.0629
v9.2.0630
v9.2.0631
v9.2.0632
v9.2.0633
v9.2.0634
v9.2.0635
v9.2.0636
v9.2.0637
v9.2.0638
v9.2.0639
v9.2.0640
v9.2.0641
v9.2.0642
v9.2.0643
v9.2.0644
v9.2.0645
v9.2.0646
v9.2.0647
v9.2.0648
v9.2.0649
v9.2.0650
v9.2.0651
v9.2.0652
v9.2.0653
v9.2.0654
v9.2.0655
v9.2.0656
v9.2.0657
v9.2.0658
v9.2.0659
v9.2.0660
v9.2.0661
v9.2.0662
v9.2.0663
v9.2.0664
v9.2.0665
v9.2.0666
v9.2.0667
v9.2.0668
v9.2.0669
v9.2.0670
v9.2.0671
v9.2.0672
v9.2.0673
v9.2.0674
v9.2.0675
v9.2.0676
v9.2.0677
v9.2.0678

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-57454.json"