{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-16T23:09:49.804","vulnerabilities":[{"cve":{"id":"CVE-2026-28418","sourceIdentifier":"security-advisories@github.com","published":"2026-02-27T22:16:25.003","lastModified":"2026-03-03T17:49:55.213","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vim is an open source, command line text editor. Prior to version 9.2.0074, a heap-based buffer overflow out-of-bounds read exists in Vim's Emacs-style tags file parsing logic. When processing a malformed tags file, Vim can be tricked into reading up to 7 bytes beyond the allocated memory boundary. Version 9.2.0074 fixes the issue."},{"lang":"es","value":"Vim es un editor de texto de código abierto y de línea de comandos. Antes de la versión 9.2.0074, hay un desbordamiento de búfer basado en montículo con lectura fuera de límites en la lógica de análisis de archivos de etiquetas estilo Emacs de Vim. Al procesar un archivo de etiquetas malformado, Vim puede ser engañado para leer hasta 7 bytes más allá del límite de memoria asignada. La versión 9.2.0074 corrige el problema."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N","baseScore":4.4,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":2.5},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-122"},{"lang":"en","value":"CWE-125"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:*","versionEndExcluding":"9.2.0074","matchCriteriaId":"969B50CB-4E2C-4F12-839D-39D4116BDBBC"}]}]}],"references":[{"url":"https://github.com/vim/vim/commit/f6a7f469a9c0d09e84cd6cb","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/vim/vim/releases/tag/v9.2.0074","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/vim/vim/security/advisories/GHSA-h4mf-vg97-hj8j","source":"security-advisories@github.com","tags":["Patch","Vendor Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2026/02/27/7","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Patch","Third Party Advisory"]}]}}]}