VDB

DEBIAN-CVE-2026-28422

DEBIAN-CVE-2026-28422 PUBLISHED CVSS 2.200000047683716 LOW

Vim is an open source, command line text editor. Prior to version 9.2.0078, a stack-buffer-overflow occurs in `build_stl_str_hl()` when rendering a statusline with a multi-byte fill character on a very wide terminal. Version 9.2.0078 patches the issue.

Risk Scores

CVSS 3.1
2.200000047683716
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:N

Affected Products

VendorProductVersions
Debian:11vim9.1.0496-1, 9.1.0377-1, 9.1.0374-1
Debian:12vim9.2.0119-1, 0, 2:9.0.1378-2+deb12u1
Debian:13vim2:9.1.1230-2, 9.1.1766-1, 9.1.1385-1
Debian:14vim9.1.2141-1, 9.1.2103-1, 9.1.1882-1

Exploit Intelligence

Timeline

  • Feb 27, 2026 CVE Published
  • Apr 28, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›