CVE-2026-41411
6.6
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L
Summary
Vim is an open source, command line text editor. Prior to 9.2.0357, A command injection vulnerability exists in Vim's tag file processing. When resolving a tag, the filename field from the tags file is passed through wildcard expansion to resolve environment variables and wildcards. If the filename field contains backtick syntax (e.g., command), Vim executes the embedded command via the system shell with the full privileges of the running user.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| vim | vim | < 9.2.0357 | affected |
Weaknesses
- CWE-78: CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
- https://github.com/vim/vim/security/advisories/GHSA-cwgx-gcj7-6qh8
- https://github.com/vim/vim/commit/c78194e41d5a0b05b0ddf383b6679b1503f977fb
- https://github.com/vim/vim/releases/tag/v9.2.0357
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.