CVE-2026-45130 | vim up to 9.2.0449 Spell File src/spellfile.c read_compound length heap-based overflow (GHSA-q4jv-r9gj-6cwv)

A vulnerability, which was classified as critical, has been found in vim up to 9.2.0449. The impacted element is the function read_compound of the file src/spellfile.c of the component Spell File Handler. Performing a manipulation of the argument length results in heap-based buffer overflow.

This vulnerability is identified as CVE-2026-45130. The attack can be initiated remotely. There is not any exploit available.

It is advisable to upgrade the affected component.VulDB Recent EntriesRead More