Primary

Context

Vim Command Injection Vulnerability in glob() Function on Unix-like Systems

Vulnerability

Patched

A command injection vulnerability has been identified in Vim's glob() function on Unix-like systems, prior to version 9.2.0202. The issue arises because the glob() function does not properly escape newline characters in patterns, allowing an attacker to execute arbitrary shell commands. This vulnerability depends on the user's 'shell' setting.

Impact

Exploitation of this vulnerability allows for arbitrary code execution with the privileges of the user running Vim.

Reproduction

To reproduce this vulnerability, create a pattern for the glob() function that includes a newline character. When this pattern is processed, the newline will be interpreted as a command separator, potentially leading to the execution of arbitrary shell commands.

Remediation

Users can update to Vim version 9.2.0202 or later, where this vulnerability has been patched.

Added: Mar 24, 2026, 8:25 PM

Updated: Mar 24, 2026, 8:25 PM

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

10.0

exploitability

5.0

remediation

7.7

relevance

4.6

threat

4.8

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

10.0

exploitability

5.0

remediation

7.7

relevance

4.6

threat

4.8

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vim Command Injection Vulnerability in glob() Function on Unix-like Systems

Vulnerability

Impact

Reproduction

Remediation

Affected Products

Vim

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating