Description

Vim is an open source, command line text editor. Versions prior to 9.2.0077 have a heap-buffer-overflow and a segmentation fault (SEGV) exist in Vim's swap file recovery logic. Both are caused by unvalidated fields read from crafted pointer blocks within a swap file. Version 9.2.0077 fixes the issue.

INFO

Published Date :

2026-02-27T22:06:34.312Z

Last Modified :

2026-02-28T00:15:36.679Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2026-28421 vulnerability.

No data.

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-28421.

URL Resource
https://github.com/vim/vim/commit/65c1a143c331c886dc28 cve-icon cve-icon cve-icon
https://github.com/vim/vim/releases/tag/v9.2.0077 cve-icon cve-icon cve-icon
https://github.com/vim/vim/security/advisories/GHSA-r2gw-2x48-jj5p cve-icon cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact