What is the CVSS score of CVE-2024-43374?

CVE-2024-43374 has a CVSS 3.1 base score of 4.5 (Medium). CVSS vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L. EPSS exploitation probability: 0.1%.

Is there a public PoC exploit available for CVE-2024-43374?

Yes, a public proof-of-concept exploit is available for CVE-2024-43374. Prioritise patching immediately. EPSS: 0.1%.

Is there a patch available for CVE-2024-43374?

Yes, a patch is available for CVE-2024-43374. Update the affected software to the latest version immediately.

CVE-2024-43374

MEDIUM

Use After Free (CWE-416)

N/A vendor:alpine

Memory Corruption Use After Free Information Disclosure

4.5

CVSS 3.1 · NVD

Severity by source

NVD PRIMARY

4.5 MEDIUM

AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L

Attack Vector

Local

Attack Complexity

High

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

Low

Integrity

Low

Availability

Low

Lifecycle Timeline

Patch released

Jun 09, 2026 - 18:37 NVD

https://github.com/vim/vim/commit/0a6e57b09bc8c76691b367a5babfb79b31b770e8

CVSS changed

Jun 09, 2026 - 18:37 NVD

4.5 (MEDIUM)

CVE Published

May 27, 2026 - 22:32 nvd

MEDIUM

DescriptionCVE.org

Alpine Linux: vim fixed in 9.1.0678-r0

Analysis