Threat Advisory

Path Traversal Vulnerability Found in Vim Plugin

Threat: Vulnerability
Targeted Region: Global
Targeted Sector: Technology & IT
Criticality: Low

EXECUTIVE SUMMARY:

A security issue has been identified in Vim, the widely used command-line text editor, affecting its zip.vim plugin. The flaw allows attackers to overwrite files by crafting malicious zip archives that take advantage of a path traversal weakness. The bug is categorized under CWE-22 and is present in all Vim versions earlier than 9.1.1551. When users open such archives using Vim, the plugin does not correctly check file paths, enabling overwrite of files outside the intended directory. The vulnerability has a CVSS 3.1 score of 4.1, indicating a medium severity level. Although the attack requires user interaction and local access, the impact can include sensitive file compromise and limited command execution.

  • CVE-2025-53906: This vulnerability exists in the zip.vim plugin used in Vim for viewing and extracting zip files. The issue occurs due to improper validation of file paths in zip archives. Attackers can include file entries with path traversal sequences such as ../, allowing the plugin to write files outside the expected directory. Once the user opens the malicious archive inside Vim, the plugin processes these dangerous paths without checking them properly. This may result in the overwrite of system configuration files or insertion of unauthorized code in sensitive locations, depending on user permissions. Though the user must open the file manually, the damage can be severe if unnoticed.

This vulnerability in Vim poses a real threat to system integrity by allowing overwrites of important files through crafted zip archives. The bug depends on user interaction, but careless use can result in system compromise and potential command execution.

RECOMMENDATION:

  • We strongly recommend you update Vim to version 9.1.1551.

REFERENCES:

The following reports contain further technical details:

crossmenu