Tag

Modeline

2 briefs RSS

Vim Modeline Sandbox Bypass Vulnerability (CVE-2026-34982)

A critical vulnerability in Vim versions prior to 9.2.0276 allows arbitrary OS command execution via a crafted file that bypasses the modeline sandbox due to missing security checks, potentially leading to code execution.

vim modeline sandbox-bypass code-execution cve-2026-34982

3r 1t 1c 5i 4w ago

critical advisory

Vim and Emacs Remote Code Execution Vulnerabilities Triggered by File Opening

2 rules 1 TTP

Vulnerabilities in Vim (<=9.2.0271) and GNU Emacs allow remote code execution by opening a specially crafted file, leveraging flaws in modeline handling and Git integration, respectively.

rce vim emacs git modeline

2r 1t Mar 31, 2026