CVE-2026-57452

Description

Vim is an open source, command line text editor. Prior to 9.2.0671, when Vim opens a file encrypted with the VimCrypt~04! or VimCrypt~05! method (xchacha20poly1305, requires the +sodium feature) whose body is shorter than a single libsodium secretstream header, an unsigned length calculation underflows and a subsequent decryption call reads far past the end of the input buffer, crashing Vim. This vulnerability is fixed in 9.2.0671.

CVSS breakdown

CVSS 3.1

Attack Vector

Local

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Affected products

vim / vim< 9.2.0671 – < 9.2.0671

References

VENDOR_ADVISORYhttps://github.com/vim/vim/security/advisories/GHSA-c4j9-wr9j-4486
PATCHhttps://github.com/vim/vim/commit/c8777cec25dcfae89c42e9aff51af61f71c5745f
PATCHhttps://github.com/vim/vim/releases/tag/v9.2.0671