Out-of-bounds Read in Text Property Count in Vim < 9.2.0670

56% confidence

Description

The function `get_text_props()` in Vim reads a property count without validating it against the actual data present, leading to potential out-of-bounds reads and crashes when processing crafted undo files.

Affected Products

Vendor	Product	Versions
vim	—	< 9.2.0670

Related News (1 articles)

Tier C

oss-security19h ago

[vim-security] Out-of-bounds Read in Text Property Count in Vim < 9.2.0670

→ No new info (linked only)

CISA KEV❌ No

Actively exploited❌ No

Patch available

9.2.0670

CWECWE-125

PublishedJun 17, 2026

Last enriched19h ago

Trending Score22

Source articles1

Independent1

Info Completeness6/14

Missing: cve_id, product, cvss, epss, kev, exploit, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

HIGHCVE-2026-52859EXP

Vim: Out-of-bounds Read in Terminal Screen Snapshot

Trending: 31

MEDIUMCVE-2026-52860EXP

Vim: Arbitrary Code Execution via Python Omni-Completion

Trending: 29

NONECVE-2026-47162EXP

Vim: Vimscript Code Injection in netrw NetrwBookHistSave() via crafted directory name

Trending: 25

NONECVE-2026-52858EXP

Vim: Arbitrary Code Execution via Python Omni-Completion

Trending: 25

NONECVE-2026-47167

Vim: Vimscript Code Injection in cucumber filetype plugin via crafted step-definition regex

Trending: 22

Pin to Dashboard

Verification

State: reported

Confidence: 56%

Vulnerability Timeline

CVE Published

Jun 17, 2026

Patch Available

Jun 17, 2026

Discovered by ZDM

Jun 17, 2026