Chrisbra

**Name of the Vulnerable Software and Affected Versions** Vim versions prior to 9.1.2148 **Description** Vim is a command line text editor. A stack buffer overflow exists in Vim’s NetBeans integration when processing the `specialKeys` command, affecting Vim builds that enable and use the NetBeans feature. The overflow occurs within the `special keys()` function (located in src/netbeans.c) due to a lack of bounds checking in a while loop that writes data into a 64-byte stack buffer (`keybuf`). A malicious NetBeans server can exploit this by sending a crafted `specialKeys` command, potentially overflowing the `keybuf`. The vulnerability is triggered when Vim is started with NetBeans integration enabled, connects to a NetBeans server, and receives the malicious command. **Recommendations** Versions prior to 9.1.2148 should be updated to version 9.1.2148 or later.