CVE-2025-1215

CVSS 2.0 Score 1.7 of 10 (low)

Details

Published Feb 12, 2025

CWE ID 119

Summary

CVE-2025-1215 is a newly identified vulnerability in vim versions up to 9.1.1096. This issue lies within the unknown code of the file src/main.c and is triggered by manipulating the --log argument. The consequence is memory corruption, enabling an attacker to exploit this vulnerability on a local host. Upgrading to vim version 9.1.1097 is advised to mitigate this problem. The patch to fix this issue is identified as c5654b84480822817bb7b69ebc97c147c91185e9. It is essential to update the affected component as soon as possible to protect against potential attacks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Affected Vendors

Aviakom VIM AVIA

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/3PKrcw
https://www.cve.org/CVERecord?id=CVE-2025-1215
https://nvd.nist.gov/vuln/detail/CVE-2025-1215

Back to Vulnerability Database