Vim

by Bram Moolenaar et al.v9.2.0620

Last updated Jun 11, 2026

Vim is a highly configurable text editor built to make creating and changing any kind of text very efficient

Install with winget

$ winget install --id vim.vim.nightly --exact --version 9.2.0620

Run in Command Prompt, PowerShell, or Windows Terminal. Prompts for any agreements.

Silent install command for Vim

Vim uses EXE (NSIS). The silent install switches are /S.

One-line silent install (x64, machine scope)

gvim_9.2.0620_x64.exe /S

See the full silent install reference for Vim →

Built by Pckgr

For Intune admins

Stop chasing app updates. Pckgr patches them for you.

Automated application patching for Microsoft Intune. Pckgr keeps a curated library of 1,000+ apps continuously up-to-date in your tenant via Microsoft Graph - no manual repackaging, no chasing vendor sites.

Start free 30-day trial

No credit card required.

Installers · v9.2.0620

Architecture	Type	Scope	Install	Download
x86	EXE NSIS	machine		Direct
x64	EXE NSIS	machine		Direct

Copy a command tailored to that specific architecture, type, and scope - useful when winget would otherwise pick a different default.

Security

25 known CVEs via NVD

low3.6Patched in wingetCVE-2026-46483affects before 9.2.0479May 15, 2026
Vim is an open source, command line text editor. Prior to 9.2.0479, a command injection vulnerability exists in tar#Vimuntar() in runtime/autoload/tar.vim when decompressing .tgz archives on Unix-like systems. The function builds :!gunzip and :!gzip -d commands using shellescape...
Patch Vendor advisory
medium5.3Patched in wingetCVE-2026-44656affects before 9.2.0435May 8, 2026
Vim is an open source, command line text editor. Prior to version 9.2.0435, an OS command injection vulnerability exists in Vim's :find command-line completion. When the path option contains backtick-enclosed shell commands, those commands are executed during file name completio...
Patch Vendor advisory
medium4.4Patched in wingetCVE-2026-42307affects before 9.2.0383May 8, 2026
Vim is an open source, command line text editor. Prior to version 9.2.0383, an OS command injection vulnerability exists in the netrw standard plugin bundled with Vim. By inducing a user to open a crafted URL (e.g., using the sftp:// or file:// protocol handlers), an attacker ca...
Patch Vendor advisory
medium6.6Patched in wingetCVE-2026-41411affects before 9.2.0357Apr 24, 2026
Vim is an open source, command line text editor. Prior to 9.2.0357, A command injection vulnerability exists in Vim's tag file processing. When resolving a tag, the filename field from the tags file is passed through wildcard expansion to resolve environment variables and wildca...
Patch Vendor advisory
medium5.0Patched in wingetCVE-2026-39881affects before 9.2.0316Apr 8, 2026
Vim is an open source, command line text editor. Prior to 9.2.0316, a command injection vulnerability in Vim's netbeans interface allows a malicious netbeans server to execute arbitrary Ex commands when Vim connects to it, via unsanitized strings in the defineAnnoType and specia...
Patch Vendor advisory
medium4.1Patched in wingetCVE-2026-35177affects before 9.2.0280Apr 6, 2026
Vim is an open source, command line text editor. Prior to 9.2.0280, a path traversal bypass in Vim's zip.vim plugin allows overwriting of arbitrary files when opening specially crafted zip archives, circumventing the previous fix for CVE-2025-53906. This vulnerability is fixed i...
Vendor advisory
high8.2Patched in wingetCVE-2026-34982affects before 9.2.0276Apr 6, 2026
Vim is an open source, command line text editor. Prior to version 9.2.0276, a modeline sandbox bypass in Vim allows arbitrary OS command execution when a user opens a crafted file. The `complete`, `guitabtooltip` and `printheader` options are missing the `P_MLE` flag, allowing a...
Patch Vendor advisory
critical9.2Patched in wingetCVE-2026-34714affects before 9.2.0272Mar 30, 2026
Vim before 9.2.0272 allows code execution that happens immediately upon opening a crafted file in the default configuration, because %{expr} injection occurs with tabpanel lacking P_MLE.
Patch Vendor advisory

Showing 8 of 25. Source: NVD, updated 6h ago. Patch status is best-effort: NVD's fix version is compared against the latest version in winget, but the two version formats don't always align. Confirm with the vendor advisory before treating any specific build as safe.

See a CVE that affects your fleet? Push the patched version to Intune in one click with Pckgr - automated patching is the only way to keep up.

Related apps

VimBram Moolenaar et al.
vim.vimv9.2.0530
Vim is a highly configurable text editor built to make creating and changing any kind of text very efficient
Notepad++Notepad++ Team
Notepad++.Notepad++v8.9.6.4
Notepad++ is a free source code editor that supports several languages.
Corsair iCUE5 SoftwareCorsair
Corsair.iCUE.5v5.46.67
iCUE unites all of your compatible CORSAIR components and devices, making your PC greater than the sum of its parts.
InvisiwindRadiantly
Radiantly.Invisiwindv1.1.5
Invisiwind is a free, open-source application that allows you to hide windows from being seen when sharing your screen.
GitHub CLIGitHub, Inc.
GitHub.cliv2.93.0
Take GitHub to the command line
CrystalDiskInfo Shizuku EditionCrystal Dew World
CrystalDewWorld.CrystalDiskInfo.ShizukuEditionv9.9.1
A HDD/SSD utility software which supports a part of USB, Intel RAID and NVMe. This is CrystalDiskInfo with Shizuku Theme.

More from Bram Moolenaar et al. or browse code-editor, g-vim, gvim.

Frequently asked questions

How do I install Vim on Windows?

Open Windows Terminal, PowerShell, or Command Prompt and run: winget install --id vim.vim.nightly --exact --version 9.2.0620. winget downloads the installer from Bram Moolenaar et al. and runs it. Requires Windows 10 (1809+) or Windows 11.

How do I install Vim silently for unattended deployment?

Add --silent and accept the agreements upfront: winget install --id vim.vim.nightly --exact 9.2.0620 --silent --accept-package-agreements --accept-source-agreements. This is the variant Intune, Configuration Manager, and other deployment tools should use.

What are the silent install switches for Vim?

Vim uses EXE (NSIS). Run the downloaded installer with: gvim_9.2.0620_x64.exe /S. The silent switches are /S.

How do I uninstall Vim via winget?

Run: winget uninstall --id vim.vim.nightly --exact. Add --silent for unattended uninstalls. winget will use the registered uninstaller from Vim's Apps & Features entry.

Is Vim free?

Vim is distributed under Copyright (C) 1991-2020 Bram Moolenaar [Bram@vim.org] - Charityware / GNU GPL compatible. Refer to the publisher (https://www.vim.org/) for the full license terms - Wingetly itself does not charge for installation.

Does Vim work on Windows 10?

Yes, as long as your Windows 10 build supports winget (1809 or newer). winget ships with App Installer on Windows 10/11 and pulls Vim directly from the publisher.

How do I keep Vim up to date?

Run winget upgrade --id vim.vim.nightly --exact, or winget upgrade --all to update everything winget tracks. We index 10 versions of Vim from microsoft/winget-pkgs.

Recent versions

9.2.0620latest
9.2.0612
9.2.0604
9.2.0602
9.2.0600
9.2.0597
9.2.0593
9.2.0588
9.2.0586
9.2.0580