Heap Buffer Overflow in vifm_CVE-2026-8997

4.8 / 10

MEDIUM

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

Description

vifm is vulnerable to a heap buffer overflow during the history merge process when saving the state file (vifminfo.json). This flaw occurs because the application lacks a runtime check on the length of history entries in release builds, potentially allowing a crafted long path or command in the history to cause memory corruption or application crashes.
Releases from 0.12.1 to 0.14.3 (including) are considered vulnerable. This issue was fixed in commit 23063c7

Basic Information

ID CVE-2026-8997

Source CERT-PL

Published May 22, 2026 at 13:26

Affected Product

Vendor vifm

Product vifm

Version 0.12.1

Affected Versions vifm vifm 0.12.1

CWE Classification

CWE-122

References

{
    "lastseen": "",
    "description": "vifm is vulnerable to a heap buffer overflow during the history merge process when saving the state file (vifminfo.json). This flaw occurs because the application lacks a runtime check on the length of history entries in release builds, potentially allowing a crafted long path or command in the history to cause memory corruption or application crashes.\nReleases from 0.12.1 to\u00a00.14.3 (including) are considered vulnerable. This issue was fixed in commit 23063c7",
    "published": "2026-05-22T13:26:17.904Z",
    "modified": "2026-05-22T13:26:17.904Z",
    "type": "cve",
    "title": "Heap Buffer Overflow in vifm",
    "source": "CERT-PL",
    "references": "https://cert.pl/en/posts/2026/05/CVE-2026-8997\nhttps://github.com/vifm/vifm/commit/23063c741f15a85621fd232dfc3ac5b779f6910d",
    "id": "CVE-2026-8997",
    "bulletinFamily": "",
    "cwe": [
        "CWE-122"
    ],
    "cvelist": null,
    "sourceData": "vifm vifm 0.12.1",
    "sourceHref": "",
    "cvss": {
        "score": 4.8,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "vifm",
    "version": "0.12.1",
    "vendor": "vifm",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}