{"id":"AZL-76764","summary":"CVE-2026-25749 affecting package vim 9.1.1616-1","details":"Vim is an open source, command line text editor. Prior to version 9.1.2132, a heap buffer overflow vulnerability exists in Vim's tag file resolution logic when processing the 'helpfile' option. The vulnerability is located in the get_tagfname() function in src/tag.c. When processing help file tags, Vim copies the user-controlled 'helpfile' option value into a fixed-size heap buffer of MAXPATHL + 1 bytes (typically 4097 bytes) using an unsafe STRCPY() operation without any bounds checking. This issue has been patched in version 9.1.2132.","modified":"2026-04-01T05:22:58.887908Z","published":"2026-02-06T23:15:54Z","upstream":["CVE-2026-25749"],"references":[{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-25749"}],"affected":[{"package":{"name":"vim","ecosystem":"Azure Linux:3","purl":"pkg:rpm/azure-linux/vim"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"last_affected":"9.1.1616-1"}]}],"database_specific":{"source":"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-76764.json"}}],"schema_version":"1.7.5"}