CVE-2026-28422
Description
Vim is an open source, command line text editor. Prior to version 9.2.0078, a stack-buffer-overflow occurs in build_stl_str_hl() when rendering a statusline with a multi-byte fill character on a very wide terminal. Version 9.2.0078 patches the issue.
Risk Information
Base Score
2.2
MODERATE
Vector
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:N
EPSS Score
Exploitation Probability
0.005
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2026-28422 are affected in Vim 9.2.77 | Windows |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234