CVE-2025-66476
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
Vim is an open source, command line text editor. Prior to version 9.1.1947, an uncontrolled search path vulnerability on Windows allows Vim to execute malicious executables placed in the current working directory for the current edited file. On Windows, when using cmd.exe as a shell, Vim resolves external commands by searching the current working directory before system paths. When Vim invokes tools such as findstr for :grep, external commands or filters via :!, or compiler/:make commands, it may inadvertently run a malicious executable present in the same directory as the file being edited. The issue affects Vim for Windows prior to version 9.1.1947.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| vim | vim | < 9.1.1947 | affected |
Weaknesses
- CWE-427: CWE-427: Uncontrolled Search Path Element
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
CVE Program Container
Additional References
References
- https://github.com/vim/vim/security/advisories/GHSA-g77q-xrww-p834
- https://github.com/vim/vim/commit/083ec6d9a3b7b09006e0ce69ac802597d25
- https://github.com/vim/vim/releases/tag/v9.1.1947
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.