ehdgks0627

1 exploit Active since Feb 2026
CVE-2026-28417 GITHUB MEDIUM python WORKING POC
Vim < 9.2.0073 - OS Command Injection via netrw Plugin SCP URL Handler
Vim is an open source, command line text editor. Prior to version 9.2.0073, an OS command injection vulnerability exists in the `netrw` standard plugin bundled with Vim. By inducing a user to open a crafted URL (e.g., using the `scp://` protocol handler), an attacker can execute arbitrary shell commands with the privileges of the Vim process. Version 9.2.0073 fixes the issue.
1 stars
CVSS 4.4