CVE-2026-28422 – Vim has stack-buffer-overflow in build_stl_str_hl()

CVE ID : CVE-2026-28422

Published : Feb. 27, 2026, 10:16 p.m. | 1 hour, 19 minutes ago

Description : Vim is an open source, command line text editor. Prior to version 9.2.0078, a stack-buffer-overflow occurs in `build_stl_str_hl()` when rendering a statusline with a multi-byte fill character on a very wide terminal. Version 9.2.0078 patches the issue.

Severity: 2.2 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…