Security Advisory

CVE-2026-33412

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-03-24 19:43:07

Last updated 2026-03-26 03:55:39

Assigner GitHub_M

State PUBLISHED

Description

Vim is an open source, command line text editor. Prior to version 9.2.0202, a command injection vulnerability exists in Vims glob() function on Unix-like systems. By including a newline character (n) in a pattern passed to glob(), an attacker may be able to execute arbitrary shell commands. This vulnerability depends on the users shell setting. This issue has been patched in version 9.2.0202.

← Browse all CVEs View on cve.org ↗