Heap Buffer Overflow Vulnerability in Vim Text Editor
CVE-2026-45130

6.6MEDIUM

Key Information:

Vendor

Vim

Status
Vim
Vendor
CVE Published:
8 May 2026

What is CVE-2026-45130?

Vim is an open-source command line text editor that is susceptible to a heap buffer overflow vulnerability prior to version 9.2.0450. This vulnerability arises in the read_compound() function of src/spellfile.c when handling specially crafted spell files (.spl) with UTF-8 encoding enabled. An attacker can exploit this weakness through a manipulated length field in the compound section of a spell file, which overflows a 32-bit signed integer multiplication. This overflow leads to an inadequate buffer allocation during a write loop, eventually compromising the heap. Given that the 'spelllang' option can be influenced by a modeline in text files, a maliciously crafted .spl file can be triggered from a modeline if it is placed on the runtime path. Update to version 9.2.0450 or later to mitigate this issue.

Affected Version(s)

vim < 9.2.0450

References

https://github.com/vim/vim/security/advisories/GHSA-q4jv-...
x_refsource_CONFIRM
https://github.com/vim/vim/commit/92993329178cb1f72d700ff...
x_refsource_MISC
https://github.com/vim/vim/releases/tag/v9.2.0450
x_refsource_MISC

CVSS V3.1

Score:
6.6
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.