Exploitation Summary
EIP tracks 1 public exploit for CVE-2026-44656. PoCs published by CryingN.
AI-analyzed exploit summary This repository provides a functional exploit for CVE-2026-44656, a Vim modeline vulnerability that allows arbitrary command execution via backtick expansion in the `path` option when triggered by Tab completion in the `:find` command. The PoC includes a Docker environment, a malicious modeline file, and a verification script.
Description
Vim is an open source, command line text editor. Prior to version 9.2.0435, an OS command injection vulnerability exists in Vim's :find command-line completion. When the path option contains backtick-enclosed shell commands, those commands are executed during file name completion. Because the path option lacks the P_SECURE flag, it can be set from a modeline, allowing an attacker who controls the contents of a file to execute arbitrary shell commands when the user opens that file in Vim and triggers :find completion. This issue has been patched in version 9.2.0435.
Exploits (1)
This repository provides a functional exploit for CVE-2026-44656, a Vim modeline vulnerability that allows arbitrary command execution via backtick expansion in the `path` option when triggered by Tab completion in the `:find` command. The PoC includes a Docker environment, a malicious modeline file, and a verification script.
References (3)
Scores
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L