CVE-2025-22134

CVSS 3.1 Score 4.2 of 10 (medium)

Details

Published Jan 13, 2025

CWE ID 122

Summary

CVE-2025-22134 is a vulnerability affecting Vim, a popular text editor. This issue occurs when using the :all command in visual mode, causing a heap-buffer overflow. Vim fails to properly end visual mode before accessing other buffers, potentially leading to accessing memory beyond the end of a line. The impact is medium, as users must actively use visual mode when executing the :all command. The Vim team has released patch v9.1.1003, which resets visual mode before opening other windows and buffers, effectively addressing this bug. The team acknowledges gandalf4a for reporting the issue.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

VIM

Affected Vendors

Aviakom VIM AVIA

Advisories, Assessments, and Mitigations

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Russia-Aligned TAG-110 Targets Tajikistan with Macro-Enabled Word Documents

Measuring the US-China AI Gap

TerraStealerV2 and TerraLogger: Golden Chickens' New Malware Families Discovered

Know What Matters

For Customers

For Partners