CVE-2026-34714

CRITICAL

Vim <9.2.0272 - Code Injection

Title source: llm

Description

Vim before 9.2.0272 allows code execution that happens immediately upon opening a crafted file in the default configuration, because %{expr} injection occurs with tabpanel lacking P_MLE.

Exploits (1)

github WRITEUP 1 stars

by Hex0rc1st · pythonpoc

https://github.com/Hex0rc1st/CVE_POC_monitor/tree/main/article/uploads/demo_1775010713/【已复现】Vim 代码执行漏洞(CVE-2026-34714)安全风险通告

View Code ZIP pw:eip

References (7)

https://www.openwall.com/lists/oss-security/2026/03/30/3

https://github.com/vim/vim/security/advisories/GHSA-2gmj-rpqf-pxvh

https://github.com/vim/vim/commit/664701eb7576edb7c7c7d9f2d600815ec1f43459

View Patch ZIP pw:eip

https://github.com/vim/vim/releases/tag/v9.2.0272

[Mailing List] http://www.openwall.com/lists/oss-security/2026/04/02/4

[Mailing List] http://www.openwall.com/lists/oss-security/2026/04/02/5

[Mailing List] http://www.openwall.com/lists/oss-security/2026/04/03/6

Scores

CVSS v3 9.2

EPSS 0.0001

EPSS Percentile 2.2%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L

Details

CWE

CWE-78

Status published

Products (2)

Vim/Vim < 9.2.0272

vim/vim < 9.2.0272

Published Mar 30, 2026

Tracked Since Mar 31, 2026