Stack Out-of-Bounds Write in Vim Text Editor Affects Multiple Versions
CVE-2026-55892

5.5MEDIUM

Key Information:

Vendor

Vim

Status
Vim
Vendor
CVE Published:
25 June 2026

What is CVE-2026-55892?

A vulnerability in the Vim text editor prior to version 9.2.0662 allows for a stack out-of-bounds write through the dump_prefixes() function when processing crafted .spl files. The function traverses a prefix trie without adequately monitoring the maximum stack size, leading to potential corruption of the call frame, and causing the application to crash. This issue can be exploited when dumping a word list, emphasizing the critical need for users to update to the patched version 9.2.0662 to ensure their systems remain secure.

Affected Version(s)

vim < 9.2.0662

References

https://github.com/vim/vim/security/advisories/GHSA-qm9w-...
x_refsource_CONFIRM
https://github.com/vim/vim/commit/8325b193bba5f01e7a7d8241f
x_refsource_MISC
https://github.com/vim/vim/releases/tag/v9.2.0662
x_refsource_MISC

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.