CVE-2025-66476

HIGH EPSS 34.5%
Published Dec 2, 20257mo ago · Modified Jun 17, 20261w ago
7.8 CVSS 3.1
High
Find Similar
Published Dec 2, 2025 7mo ago
Last Modified Jun 17, 2026 1w ago

Description

Vim is an open source, command line text editor. Prior to version 9.1.1947, an uncontrolled search path vulnerability on Windows allows Vim to execute malicious executables placed in the current working directory for the current edited file. On Windows, when using cmd.exe as a shell, Vim resolves external commands by searching the current working directory before system paths. When Vim invokes tools such as findstr for :grep, external commands or filters via :!, or compiler/:make commands, it may inadvertently run a malicious executable present in the same directory as the file being edited. The issue affects Vim for Windows prior to version 9.1.1947.

CVSS Details

Base Score
7.8
Exploitability
1.8
Impact
5.9
Vector string
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required None
User Interaction Required
Scope Unchanged
Confidentiality High
Integrity High
Availability High

Threat Intelligence

EPSS Exploit Probability
34.5% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-427

Affected Products 2

VendorProductVersionRange
vimvim* <9.1.1947
microsoftwindows*any

References 4

  • openwall.com http://www.openwall.com/lists/oss-security/2025/12/02/5
    Mailing ListPatchThird Party Advisory
  • github.com https://github.com/vim/vim/commit/083ec6d9a3b7b09006e0ce69ac802597d25
    Patch
  • github.com https://github.com/vim/vim/releases/tag/v9.1.1947
    Release Notes
  • github.com https://github.com/vim/vim/security/advisories/GHSA-g77q-xrww-p834
    PatchVendor Advisory

Remediation

  • openwall.com http://www.openwall.com/lists/oss-security/2025/12/02/5
    Mailing ListPatchThird Party Advisory
  • github.com https://github.com/vim/vim/commit/083ec6d9a3b7b09006e0ce69ac802597d25
    Patch
  • github.com https://github.com/vim/vim/security/advisories/GHSA-g77q-xrww-p834
    PatchVendor Advisory