CVE-2026-57452
Undergoing Analysis Undergoing Analysis - In Progress
Heap Buffer Overflow in Vim Text Editor

Publication date: 2026-06-25

Last updated on: 2026-06-25

Assigner: GitHub, Inc.

Description
Vim is an open source, command line text editor. Prior to 9.2.0671, when Vim opens a file encrypted with the VimCrypt~04! or VimCrypt~05! method (xchacha20poly1305, requires the +sodium feature) whose body is shorter than a single libsodium secretstream header, an unsigned length calculation underflows and a subsequent decryption call reads far past the end of the input buffer, crashing Vim. This vulnerability is fixed in 9.2.0671.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-25
Last Modified
2026-06-25
Generated
2026-06-25
AI Q&A
2026-06-25
EPSS Evaluated
N/A
NVD
CVE-2026-57452
EUVD
EUVD-2026-39448
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
vim vim to 9.2.0671 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-191 The product subtracts one value from another, such that the result is less than the minimum allowable integer value, which produces a value that is not equal to the correct result.
CWE-125 The product reads data past the end, or before the beginning, of the intended buffer.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-57452 is an out-of-bounds read vulnerability in Vim versions prior to 9.2.0671. It occurs when Vim opens a file encrypted with the VimCrypt~04! or VimCrypt~05! method (which uses xchacha20poly1305 and requires the +sodium feature) and the encrypted file body is shorter than a single libsodium secretstream header.

The vulnerability is caused by an unsigned integer underflow during length calculation, which leads to a decryption call reading far beyond the end of the input buffer. This results in Vim crashing.

An attacker can exploit this by tricking a user into opening a maliciously crafted encrypted file and entering any decryption key, causing a denial-of-service crash. No sensitive data is exposed because the decryption fails before any plaintext is returned.

Impact Analysis

This vulnerability can impact you by causing Vim to crash when opening a specially crafted encrypted file. This leads to a denial-of-service condition, affecting the availability of the Vim editor.

Exploitation requires user interaction (opening the malicious file and providing a decryption key) and the +sodium feature enabled in Vim.

There is no impact on confidentiality or integrity, as no sensitive data is leaked or altered.

Detection Guidance

This vulnerability can be detected by identifying attempts to open Vim-encrypted files (using VimCrypt~04! or VimCrypt~05! methods) that are shorter than a single libsodium secretstream header, which causes Vim to crash due to an out-of-bounds read.

Since exploitation requires user interaction to open a maliciously crafted encrypted file, monitoring for unexpected Vim crashes when opening encrypted files can help detect attempts to trigger this vulnerability.

There are no specific commands provided in the resources to detect this vulnerability directly. However, you can check your Vim version with the command:

  • vim --version

If the version is prior to 9.2.0671, your Vim installation is vulnerable. Additionally, monitoring system logs for Vim crashes or running Vim in a controlled environment to open suspicious encrypted files may help detect exploitation attempts.

Mitigation Strategies

The immediate step to mitigate this vulnerability is to upgrade Vim to version 9.2.0671 or later, where the issue has been fixed.

If upgrading is not immediately possible, avoid opening files encrypted with the VimCrypt~04! or VimCrypt~05! methods that might be shorter than the required header size, especially files from untrusted sources.

Additionally, educate users to be cautious when opening encrypted files and to report any unexpected Vim crashes.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-57452. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart